Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ PI Server Installation and Configuration (PI Server 2024 R2)

TABLE OF CONTENTS

Check and set permissions for SPN creation

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedOct 04, 2024
  • 1 minute read

By default, PI System Explorer and other PI AF clients connect to the PI AF server using Kerberos security. Kerberos authentication requires either a service principal name (SPN) or a user principal name (UPN). If PI AF clients cannot connect to the PI AF server using Kerberos security, the authentication method rolls back to NTLM authentication, which is less secure.

By default, for PI AF 2014 R2 (version 2.6) and later, PI AF server attempts to register an SPN for the PI AF application service upon startup. If the PI AF application service is running under a system account, the SPN is created for the machine account for the machine on which the service is running. In all other situations, the SPN is created for the account of the user running the PI AF application service.

For additional information about configuring Kerberos authentication, see the Knowledge Base article: Configuring Delegation for PI AF.

TitleResults for “How to create a CRG?”Also Available in