Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Historian

TABLE OF CONTENTS

About Security

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedFeb 21, 2025
  • 2 minute read

The AVEVA Historian uses two security mechanisms:

  • Windows operating system security

  • Microsoft SQL Server security

    Important: SQL Server authentication is provided for backward compatibility only. For improved security, we recommend that you use Windows authentication.

    Note: During configuration, if you are upgrading from an earlier release, Historian requires that you change the passwords for any legacy default SQL logins, such as wwUser. When this is required, it is clearly indicated during configuration of security options.
    Setting SQL logins

For clients to access the historian, they must pass through both of these security levels.

The historian Management Console (within the Operations Control Management Console) adds an additional layer of authorization to restrict access to functions affecting the state of the historian to only authorized users. For example, you can grant a Windows user account access to start and stop historian services by assigning it the Historian Power Users role, or by adding it to the aaPowerUsers Windows user group. For more information, see Adding Users and Assigning Roles.

Note: Some historian components require Windows and SQL Server logins.

For more information on configuring user rights assignments for local security policies, see the Microsoft documentation.

Security for AVEVA Historian is managed using the following tools:

  • Microsoft SQL Server Management Studio.
    Use this application to manage access to the SQL Server and databases.

  • Windows Local Users & Groups MMC snap-in.
    Use this to manage permissions on the historian and for the OData/REST web service interface. You can also use it as an alternative to configuring permissions within the database when using Windows authentication.

    For more information, see Managing Logins.

  • ArchestrA Change Network Account utility.
    Use this utility to modify the Windows login for the historian services on remote servers. For example, if you are configuring an AppEngine to send data to a remote historian, this utility is used to choose the Windows user account with which to connect to the server.

TitleResults for “How to create a CRG?”Also Available in