Siemens SIMATIC S7-1500 System Manual page 245
Drive controller
Hide thumbs
Also See for SIMATIC S7-1500:
- System manual (523 pages) ,
- Function manual (402 pages) ,
- Manual (188 pages)
Table of Contents
Advertisement
Access levels as function rights
If accesses could only be controlled via passwords for SIMATIC Drive Controller up to CPU FW
version V3.0, create the appropriate users and roles with the necessary function rights for
access control for SIMATIC Drive Controller as of CPU FW version V3.1. The assignment
between access level and the associated function right results from the already known access
levels:
• Users who are to have full access must have a role with the function right "Full access", or
"Full access incl. failsafe" for F-CPUs.
A CPU configuration can only be compiled and loaded if at least one user has the function
right "Full access" or "Full access incl. failsafe".
• Users who are to have read access must have a role with the function right "Read access".
• Users who are to have HMI access must have a role with the function right "HMI access".
If a user does not have any of these specified function rights, that user also has no access to
the CPU.
The hierarchical organization of the access levels also remains the same for the
corresponding function rights:
• A user with full access also has the function rights "Read access" and "HMI access".
• A user with read access also has the function right "HMI access".
Note
Compatibility of the "ENDIS_PW" instruction
The "ENDIS_PW" instruction can be used only to disable or enable passwords for protection
levels. The "ENDIS_PW" instruction has no effect on assigned rights for users or roles.
Continuing to use access levels
Even though the new local user management replaces the usual access protection via
corresponding function rights of individual users, there is still the possibility to continue to
use this familiar access protection. This is required, for example, for HMI devices which only
support access levels and which do not benefit yet from possibilities of the new user
management.
If you require the configuration of an access level, for example, to ensure an HMI device
access even without user or password access, you have to activate the "Use legacy access
control via access levels" option in the CPU properties.
Note
User for OPC UA and for the web server
Regardless of the access protection, you always have to configure the users for the web
server and for the OPC UA server in the project tree in the "Security settings > Users and roles"
area.
SIMATIC Drive Controller
System Manual, 11/2023, A5E46600094-AD
Protection
11.3 Local user management
243
Advertisement
Table of Contents
