Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ PI Server Installation and Configuration (PI Server 2024 R2)

TABLE OF CONTENTS

Frequently asked questions (FAQs)

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedJan 21, 2026
  • 2 minute read

How can I tell which certificate AIM is using? 

  1. Open PowerShell ISE on the AIM node.

  2. Enter Get-RootCertificate.

    The following information is returned:

    • Certificate friendly name

    • Issued by/to

    • Expiration

    • Thumbprint fields

How do I find out or change the lifetime of a token?

Follow these steps to view the length of time an access token is valid:

  1. Open PowerShell ISE on the AIM node.

  2. Enter Get-IdentityManagerClient -HostBase <hostname> -Id <clientId>.

    The token lifetime is returned.

  3. Optional: To update the access token's lifetime, follow these steps:

    1. To retrieve the existing client object, enter the following text in a command prompt/terminal: Get-IdentityManagerClient

    2. Save a copy of the current settings before making changes.

    3. Modify the AccessTokenLifetime property as needed.

    4. Enter Update-IdentityManagerClient and include all the parameters from the Get command with the modified AccessTokenLifetime.

    Important: If the parameters are not provided, the Update cmd reverts to using default values.

    Are session timeouts supported?

    Yes. If you use an Identity provider that supports condition-based access session settings, you can stop a user session that uses OpenID Connect (OIDC) with the AVEVA Identity Manager To configure a shorter session time, set a lower absolute time or a shorter expiration date on the access token through the AVEVA Identity Manager.

    How do I create a client ID and secret for my Adapter/application? 

    1. Open PowerShell ISE on the AIM node.

    2. Enter Add-IdentityManagerClient,then enter the required parameters for this command (the required parameters have a ‘*’ next to them in the module window of PowerShell ISE):

      Add-IdentityManagerClient -HostBase <https://<fqdn> -Id <client id> -Enabled 1 -Secret $MySecret
      -AllowedGrantTypes ClientCredentials -ScopeRestrictions openid, system, profile

      The client is registered with AIM and the supplied ID and secret can be used. 

      Where is the full list of PCS PowerShell cmdlets? 

      1. Open PowerShell ISE on the AIM node.

      2. To open the Commands pane, select Add-ons, then Commands.

        A list of PowerShell modules is shown. 

      3. To view the available comdlets and parameters, select a command. For some commands, you may need to select Show Details.

        How do I change the certificate that AIM uses? 

        Open the Configurator utility, then select the System Management Server. When prompted, select a new certificate.

        In This Topic
        TitleResults for “How to create a CRG?”Also Available in