show the entry list
WinCC SIMATIC Logon / AUA -- Product information -- Information on SIMATIC Logon / Advanced User Administrator
Using a chip card reader, how can a default user be logged on automatically while the chip card is pulled through?
What support does Siemens AG offer to make products comply with FDA regulations?
What support does Siemens AG offer to make use of WinCC comply with FDA regulations?
How can you configure a chip card with SIMATIC Logon, with which you can log onto each local computer?
Why isn't the group selection dialog displayed any longer in WinCC V6.2 and higher?
How can you use the "GetSignature" function as of SIMATIC Logon V1.4?
What is the standard password of the user "Administrator" in the WinCC User Administrator?
Why isn't the user currently logged on shown at Runtime?
How can you replace the Windows on-screen keyboard of SIMATIC Logon (from V1.4) with the ProTool keyboard so as not to reach the operating system during Runtime?
How can you verify a logged on user at runtime when using SIMATIC Logon (as from V1.3)?
How can you verify a logged on user at runtime when using SIMATIC Logon up to version V1.2 SP1?
How do you call the SIMATIC Logon dialog box by means of C-Script?
The WinCC Login Box appears instead of the Logon Box in WinCC Runtime.
Logon option -- Setting up development environments -- Parameterizing systems
How can you automatically log in a default user after a reboot without using the Login Box?
Using a chip card reader, how can a default user be logged on automatically while the chip card is pulled through?
Why isn't the user currently logged on shown at Runtime?
How can you verify a logged on user at runtime when using SIMATIC Logon (as from V1.3)?
How can you verify a logged on user at runtime when using SIMATIC Logon up to version V1.2 SP1?
How can you configure a chip card with SIMATIC Logon, with which you can log onto each local computer?
SIMATIC Logon window in CFC/SFC
How do you block a user account after a user-definable number of failed attempts to login?
How can you have entries generated by SIMATIC Logon in the password-protected file displayed, printed out or exported?
How can you restore the WinCC Logon Box in the OS Runtime when SIMATIC Logon is installed on the computer?
Why is a user assigned to the "Emergency Operator" group when logging on in WinCC RT?
When using SIMATIC Logon, why is there a user already logged on after starting WinCC RT?
Why, when implementing SIMATIC Logon, is only the logged-on user displayed in the WinCC User Administrator during Runtime?
Why does a C script "PWRTSilentLogin" only work with WinCC users and not with SIMATIC Logon users?
How can you verify a logged on user at runtime when using SIMATIC Logon (as from V1.3)?
Part number:

Description
The WinCC User Administrator does not provide any functions by default that can be used to verify currently logged on users through password querying. WinCC has functions for triggering and executing a logon procedure. However, this means that there is a new logon even if the current user name is used again for the logon. Logon is usually linked to a picture change (calling the Start picture) and the closing of all faceplates.

Aim
Often, just before execution of a switching action, there is a demand for checking the user currently logged on by an additional password query. There is not to be a renewed logon. After successful verification of the user the switching action is to be executed and the operator action stored as an operator input message. This prevents unauthorized operator actions, e.g. when the user currently logged on is absent for a brief time without logging off from the system.

Solution
The SIMATIC Logon option permits you to verify a user at runtime. This entry describes the procedure for SIMATIC Logon V1.3 and higher. As from this version of SIMATIC Logon the "SIMATIC Logon Development Kit" is available. Information on this is available in:

  • the manual "SIMATIC Logon SIMATIC Electronic Signature" - Entry ID: 34519648.
  • the manual "SIMATIC Logon Programming Guide" (after installation this manual is available in the directory: "...\SimaticLogon\developmentkit").

Notes
Entry ID 24458070 describes the procedure for SIMATIC Logon up to and including V1.22.

With the "ISLSScripting" interface the "SIMATIC Logon Development Kit" permits you to run a user verification at runtime using VBScript. This entry provides a VBScript (function "SL_VerifyUser") that uses the "GetLogon" and "AuthenticateUser" methods of the "SIMATIC Logon Development Kits" to verify a logged on user at runtime.

Instructions
The following table describes the settings required for proper functioning.
 
No. Procedure
1 Open the Windows "Computer Management" (right-click on "MyComputer" and click on "Administrative Tools") and then click on "System" > "Local Users and Groups".
2 Create a new user in a new group if necessary in the "Users" and "Groups" folders and then close "Computer Management".
3 In WinCC, open the "User Administrator" and create the same group (name) and the same user (name) as created in Windows.
4 Assign the user rights and check the"SIMATIC Logon" check box.
5 Open the Global VBS editor, create a new project module and save the script from the file SL_VerifyUser.txt (contained in SL_VerifyUser.zip)
or
Copy the bmo file in the "" folder of the WinCC project, compile and save the script.
6

Call the "SL_VerifyUser" function before the required operator action and check whether the return value is "true" (current user) or "false" (another user or abort in the Login dialog). Trigger the operator action and any operator input after successful user verification. Verifying the user can be done with an onclick event of a button.

If SL_VerifyUser = TRUE Then
 '<operator action>
 '<operator input>
Else
 '<error message>
End If

Note

  • If the user or password is entered incorrectly, the Login dialog reopens.
  • The Entry ID 24325381 provides detailed information on generating an operator input message.

SL_VerifyUser.zip ( 3 KB )

Function
The following table describes the structure and function of this script.
 
No. Description
1 Declaration and initialization
In the first part of the script constants are defined and the tags used are declared and initialized. In order to access the SIMATIC Logon interface with WinCC VBScript at runtime the COM interface must be initialized with the call "CreateObject".
2 Verify the user currently logged on
  • Using the "GetLogon" method the data of the user currently logged on is acquired.
  • The "AuthenticateUser" method is used to open the Logon dialog.


    Fig. 01

    In this dialog, the user can interactively enter a user name and password. The Logon dialog is initialized so that the "Change password..." button is not operable and the "Comment" input field is not displayed. The system checks the user's inputs. Upon successful identification the method closed the Logon dialog and returns the logon data as a result. If identification is unsuccessful (incorrect user name or incorrect password), the Logon dialog remains open. A brief error text is displayed and the user can enter the user name and password again. If you press the "Cancel" button, the Logon dialog closes. In this case the method returns an error status that indicates that the Logon dialog has been aborted.

    The "AuthenticateUser" method does not permit you to preset the "User name" field with the name of the user currently logged on when the Logon dialog opens. For this reason the "AuthenticateUser" method is called again in a loop when the user verification has been completed successfully, but the user verified is not the user currently logged on.

    Therefore the title bar of the Logon dialog also displays the name of the user currently logged on. In this way the user is informed that the user currently logged on is being verified.

Note

  • A Logon dialog opened with the "AuthenticateUser" method is not automatically closed when there is a simultaneous logoff or new logon on the system. For this reason the second call of the "GetLogon" method ensures that the user verification works properly even when there is a simultaneous logoff or new logon on the system.
  • The "HMIRuntime.Trace" statements are purely for the output of diagnostics messages in the Global Script diagnostics window or the "Output Window" of APDIAG.
3 Release resources and close the function
In this part the resources used are released again and the function closed. Upon successful user verification the "SL_VerifyUser" function returns the value TRUE, otherwise the value FALSE.

Version
These instructions have been tested with the following versions.
 

Components

Product and version designation
PC operating system Microsoft Server 2003 SP2
Standard tools ---
HMI software WinCC 7.0
Options SIMATIC Logon 1.4 SP1
Controllers ---

Keywords
GMP, Pharma, Life Science, Validation, FDA 21 CFR Part 11

 Entry ID:24458155   Date:2009-04-14 
I regard this article....as helpfulas not helpful                                 
mySupport
My Documentation Manager 
Newsletter 
CAx-Download-Manager 
Support Request
To this entry
Print
Create PDF 
Send to a friend
QuickLinks
Compatibility tool 
Topics
Help
Online Help
Guided Tour