Checklist: Configure Windows authentication for upgrades
- Last UpdatedJul 09, 2023
- 2 minute read
- PI System
- PI Server 2018
- PI Server
This table lists the basic steps for configuring an upgraded Data Archive server for Windows authentication.
|
Step |
Notes |
|---|---|
|
Review existing access permissions |
|
|
Create a list of unique access strings |
|
|
Identify PI groups and PI users that will be retained |
|
|
Create new identities to fill gaps |
|
|
If using AD, determine which AD groups are needed and which identities to map them to |
(AD only) See Review AD groups |
|
If using local Windows security, determine which local Windows groups are needed and which identities to map them to |
(only if using local Windows security) |
|
If using local Windows security, configure matching Windows user accounts and passwords on Data Archive server and client workstations |
(only if using local Windows security) |
|
Create mappings |
|
|
Verify configuration |
|
|
Check custom PI API applications, if any |
(if any) See Check for unauthenticated PI API connections |
|
Upgrade PI SDK to 1.3.6 or later on client computers |
(required for Windows authentication) |
|
Upgrade PI API to PI API 2016 for Windows Integrated Security on client computers |
(required for Windows authentication) |
|
Configure clients that connect through an application server (for example, PI DLES and PI WebParts) |
(if any) See Products that connect to an application server |
|
Upgrade administrative applications:
|
|
|
Disable explicit logins |
(Optional) See Learn how to disable PI password authentication (explicit logins) |
|
Replace SDK trusts with PI mappings |
(Optional) See Learn about retiring SDK trusts |
|
Retire obsolete PI users and PI groups |
(Optional) |