How and where do you install access rights for the WinCC flexible options Sm@rtAccess and Sm@rtService?
The access rights for the Sm@rtAccess and Sm@rtService options are installed on the server operator panel in each case. The server operator panel is the SIMATIC Panel or the PC with the WinCC flexible Runtime, which is configured as Sm@rtServer or WebServer. The settings required for the access rights are in the Control Panel of the operator panel concerned under the item "WinCC Internet Settings".
Fig. 01: Control Panel of an MP277-8"
Fig. 02: Windows XP Control Panel
1. Access rights of the Sm@rtAccess and Sm@rtService web server
The user-related access to the services used with Sm@rtAccess and Sm@rtService is regulated with the user manager for the web server. The user manager of the web server is based on explicitly assigned web permissions.
Inputs and settings
The web permissions are assigned on the web server. For this you call "WinCC flexible Settings" in the system settings on the server and in the "Web Server" tab you click the "User Manager" button.
The"UserDatabase-Edit" dialog has three tabs:
- "User Manager"
In this tab you create or delete users.
In this tab you can add a description/comment for the user selected in the "User Manager" tab.
In this tab you assign the web permissions for the user selected in the "User Manager" tab. With "Add" you activate a web permission and you deactivate it with "Remove".
The password "100" and all web permissions are set by default for the user entitled "Administrator". Change this default password during commissioning to suit your requirements.
The user must have the web permissions "FileBrowserAdministrator" and "FileBrowserUser" for read and write access to the file browser.
In principle any user who has access to the Control Panel can manage the users and web permissions. If necessary, you can protect the Control Panel against unauthorized access.
2. Access rights of the Sm@rtServer for remote control
The Sm@rtServer has its own security concept that is based on passwords and special settings for the Session Management. The remote monitoring and operation of the Sm@rtServers from the Sm@rtClient is also protected by two passwords. The second password is a password for an additional access as service password, for example.
Settings on the Sm@rtServer
The settings on the server determine which remote operator is allowed to access the Runtime of the server. Open "WinCC Internet Settings" in the Control Panel. Click the "Remote" tab and then "Change Settings". In the dialog that opens select the "Server" tab and enter the passwords of the Sm@rtClient.
With the two passwords you can set the monitoring mode and exclude the operator mode by checking "View only". On an operator panel this dialog is called "Sm@rtServer: Default Local System Properties" and contains less dialog elements than the dialog on the PC.
The default setting for both passwords is "100". You can easily change the passwords as required. Change these default passwords during commissioning to suit your requirements.