×
Siemens Industry Online Support
Siemens AG
Entry type: FAQ, Entry ID: 44027453, Entry date: 11/02/2015
(8)
Rate

How do you lock key combinations in WinCC V7.0 SP3 Update 3 and higher, and in WinCC (TIA Portal) with Windows 7, Windows 8.1, Windows Server 2008 and Windows Server 2012?

  • Entry
  • Associated product(s)
Enable/disable key combinations at Runtime.

Instructions
Below we describe how you enable/disable the Windows key combinations at Runtime. This example takes into account the authorization levels of the WinCC User Administrator.

The C function "SetXGinaValue()" is used. This function is provided with the DLL "ALMXGINA.DLL" which is supplied with WinCC.

The procedure described is valid for WinCC V7.0 SP 3 Update 3 onwards and for WinCC Runtime Professional.
 

Function BOOL SetXGinaValue(unsigned int uiKey, BOOL *pbEnable, DWORD dwSize);
Function The function disables/enables all Windows key combinations through "uiKey". The information as to whether the key combinations are disabled or enabled is transferred as a pointer in the "pbEnable".
Return The function returns the value TRUE or FALSE.
Example If the "pbEnable" parameter is not a pointer to a tag of the "BOOL" or "DWORD" (32-bit) type, then the function does not run properly. The key combinations are not disabled/enabled. In this case, the function returns the value "FALSE".
Parameter
  • uiKey (unsigned int)
    With the "uiKey" parameter you define whether all key combinations are to be disabled/enabled.
    This value must always be 3.

    Use the following setting to disable the key combinations:

    #define XGINA_ALLOW_CTL_ALT_DEL 3
     
  • pbEnable (BOOL*)
    The "pbEnable" parameter is the address of a tag of the BOOL or DWORD type that contains the information whether the key combinations are disabled or enabled. If the tag to which the "pbEnable" pointer points contains the value "TRUE", then the key combinations are enabled, otherwise disabled.
     
  • dwSize (DWORD)
    In the "dwSize" parameter you specify the size in bytes of the tag to which the "pbEnable" pointer points.
Table 01

The following download provides a C action that enables/disables the Windows key combinations in accordance with the authorization level of the user currently logged on.

wincc_setxginavalue_c.txt (1 KB)

Notes on the download
In this example, the user-specific authorization "Operating System" was created with the number 19 for enabling the Windows key combinations. You can also use another or existing authorization (for example, "Higher process controlling", number 6).

In order to enable/disable the key combinations when a user logs on/off, you can use the C script provided with this entry in a global C action. As trigger you can use the internal tag "@CurrentUser" created by the system. For server-client configurations you use this tag with the prefix "@local::" (@local::@CurrentUser).

Note on WinCC V7.0 SP3 Update 3
With Update 3 and higher for WinCC V7.0 SP3, when key combinations are disabled, always all the function keys for access to the operating system are disabled.
This information and Update 3 for WinCC V7.0 SP3 are available in Entry ID: 63472422.

Note
If the key combination "CTRL+ALT+DEL" is not to be disabled, you must change the group policies in the administrative tools of the operating system. Usually these settings are preset correctly when the system is installed.

Instructions

  1. In the Windows Start menu you select "All Programs > Accessories > Run".
  2. Enter "gpedit.msc" in the text field and click the "OK" button.
    The "Editor for local group policies" dialog opens.
  3. In the left window under "Policies for local computer" you select the setting "User configuration > Administrative templates > System > CTRL+ALT+DEL (Options)".
  4. Select "Not configured" for all settings in the right window.
  5. Close the editor for local group policies.

Note
If you are using operating systems older than Windows 7 or Windows Server 2008, please refer to Entry ID: 332356 for information on this topic.

 

Security information
In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about industrial security, please visit
http://www.siemens.com/industrialsecurity.