×

It's time to move from Web HMI to Proficy Operations Hub! Visit the Operations Hub web page, download a free trial or check out the datasheet.

Home
Set Up User Security
Define LDAP Settings
Use the LDAP Directory Services in Application Assembler (ThingWorx) to manually edit Web HMI users to exactly match the user names in Active Directory, and then assign them to groups.
Create Users and Groups
When using LDAP Directory Services for AD authentication, you manually create users in Application Assembler to match existing users in AD, and then assign them to groups.

Web HMI Products Documentation

Set Up User Security
- User Account Overview
  Users consist of both operators and GE administrators. In Application Assembler (ThingWorx), a GE administrator creates and maintains user and group accounts for access to Web HMI environments.
- Access the Application Assembler
  Set up security for Web HMI users and groups in the Application Assembler.
- Create User Accounts
  You create user accounts by duplicating the default user templates, GEAdmin and GEUser. All settings are inherited from these default user templates except for the password and group membership.
- Assign Users to a Group
  As a GE administrator, you assign users duplicated from the GEUser or GEAdmin user template to the appropriate group.
- Change User Passwords
  GE administrators can change existing user passwords when needed.
- Define LDAP Settings
  Use the LDAP Directory Services in Application Assembler (ThingWorx) to manually edit Web HMI users to exactly match the user names in Active Directory, and then assign them to groups.
  - Create Users and Groups
    When using LDAP Directory Services for AD authentication, you manually create users in Application Assembler to match existing users in AD, and then assign them to groups.
- Configure Active Directory Authentication
  Application Assembler (ThingWorx) provides the ActiveDirectory template for you to duplicate to create a directory service for each one of your AD domain servers.

Create Users and Groups

When using LDAP Directory Services for AD authentication, you manually create users in Application Assembler to match existing users in AD, and then assign them to groups.

You create Web HMI users for AD authentication by duplicating the GEUser or GEAdmin user templates, and then edit them to exactly match the user names in the Active Directory. These names are case-sensitive.

In the SECURITY section of the Application Assembler page, select Users.
Select the check box next to an existing user, and then select Duplicate.
In the General Information panel, enter a Web HMI user name that exactly matches an AD user.
Since this user is being authenticated against the Active Directory, do not specify a password.
Repeat this for each Web HMI user to be authenticated against the AD.
Select User Groups.
Select the GEUsers group or the GEAdministrators group.
Select Edit and then Edit Members.
Drag each new user from the left pane to the right pane.
Select Save.

Add each Web HMI user that was created for AD authentication to your HMI/SCADA system.