Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

PI Connector for Wonderware Historian

Security best practices for PI Connector for Wonderware Historian

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
TABLE OF CONTENTS

Security best practices for PI Connector for Wonderware Historian

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedSep 28, 2022
  • 2 minute read

The Wonderware Historian SDK requires a user account with necessary privileges to collect historical data. The minimum requirements the user account is a local account (administrator is not required) on the Wonderware Historian node that is at least a member of the Wonderware Windows group aaUsers. Please refer to the Wonderware Historian SDK documentation for proper setup of the security accounts.

Create the Windows account for the PI Connector

For security purposes, you should run the PI Connector on a host computer that is a member of a Windows domain and use a domain account for its identity. When choosing an account type, consider the following:

  • Windows domain accounts are the more-secure option for hosting the PI Connector. In a domain environment, a domain controller performs authentication for centralized control.

  • Windows workgroups are the less-secure option for hosting the PI Connector. In a workgroup environment, all computers are peers and authentication is performed locally.

Security best practices for Wonderware Historian

The Wonderware Historian SDK requires a user account with necessary privileges to collect historical data. The minimum requirements for the user account is a local account (administrator is not required) on the Wonderware Historian node that is at least a member of the Wonderware Windows group aaUsers. Please refer to the Wonderware Historian SDK documentation for proper setup of the security accounts.

Security best practices for Wonderware SQL Runtime Connection

Wonderware Historian supports two types of authentication:

SQL authentication requires an MSSQL user account with necessary read only privileges to the Wonderware Historian "runtime" database. This requirement is mandatory in order to get the Hierarchal view from Wonderware. The suggested level of privileges is to use the "db_datareader" role that is built into MSSQL. The db_datareader role allows the Connector to read the information but not edit it. Please see MSSQL documentation for additional information.

In This Topic
Related Links
TitleResults for “How to create a CRG?”Also Available in