Step 2: Configure System Management Server (SMS)

The System Management Server must be configured to use AVEVA Operations Control with the connected experience. The No System Management Server configured option is documented here as a valid option. However, it is not recommended as it does not support the connected experience.

To configure the System Management Server:

1. In the Configurator, select System Management Server under Common Platform in the left pane.

   Note: If you are prompted for user credentials for the System Management Server, use the following format to enter the user name: DomainName\UserName. The prompt for user credentials may be displayed if you have domain admin privileges but are not an admin on the local machine. You must be a member of the Administrators or aaAdministrators OS group to configure the System Management Server.

   

   You can connect to an existing System Management Server (SMS), make this node the SMS, or proceed without configuring an SMS (not recommended). Any time you change the SMS configuration, you must also reconfigure Identity Manager registration and the Application Server gRPC setting must also be reconfigured anytime you change the SMS configuration.

   • Connect to an existing System Management Server (default): The Configurator looks for an existing System Management Server (SMS) on the network. If any are found, they are displayed in a drop down list. Select the server you want to use or enter the machine name of the server. All computers in your System Platform topology should connect to the same server.

     The machine name must comply with Active Directory naming conventions. Windows does not permit computer names that exceed 15 characters, and you cannot specify a DNS host name that differs from the NETBIOS host name. The maximum length of the host name and of the fully qualified domain name (FQDN) is 63 bytes per label and 255 bytes per FQDN. For more information, refer to the following Microsoft information page that provides Active Directory naming conventions and name/character limitations:

     https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/naming-conventions-for-computer-domain-site-ou

     • Configure this machine as a redundant SSO Server. If you configure the node to connect to an existing SMS, you can configure the node as a redundant SSO (single sign-on) Server. See Redundant SSO Configuration for additional information.

   • This machine is the System Management Server: Select this option if this computer will be the System Management Server. Make sure that you are configuring only one SMS for your entire system. All other computers in your System Platform topology should be configured to connect to this server by using the Connect to an existing System Management Server option. A security code is shown when you configure this option. When you configure other nodes using the Connect to an existing System Management Server option, verify that the codes match. You can view the certificate by selecting the Details... button.

   • No System Management Server configured. (Not Recommended): Select this option to set up your computer without encryption and secure communications. If the System Management Server is not configured, an option that allows SuiteLink connections to use unencrypted communications is automatically enabled.

     Even if you do not configure an SMS for this node, you can still configure the System Management Server for other computers in the topology to use. You can also use this option to remove any previously installed certificates that were managed by the System Management Server.

     Important! Every redundant Application Server runtime node must use the System Management Server if data is being historized. Redundant nodes have an instance of HCAP running, which is used to synchronize tags and store-and-forward data between redundant AppEngines. In System Platform 2023 R2 SP1, secure communication is required for HCAP and multi-galaxy communications (MGC), and thus, redundant nodes will not function without the SMS.

     If the SMS is not configured, there will be data loss, as well as warnings and error messages. SMS configuration is required for the connected experience to work.

2. Select Advanced for additional configuration options. These include setting port numbers, adding a security certificate, and setting the SuiteLink communication mode. See Advanced configuration for details.

3. Select Configure.

   • If you are connecting to an existing System Management Server, the Security Warning window is displayed:

     

     By establishing trust between machines, communications can pass freely. This will be a security concern if you are not sure of the identity of the remote computer. If you have any doubt about the computer you are connecting to, verify the security code and certificate details by selecting Details... in the Advanced Configuration dialog to open the certificate.

     

4. Select the next item in the left pane that requires configuration. When all required items have been configured, select Close to complete installation.