An EcoStruxure Building Operation domain contains user accounts, user account groups, software permissions, workspaces, and one or several EcoStruxure BMS servers. The EcoStruxure BMS server that hosts and administers the domain is called the domain controller.
Normally, a user account or user account group that is a member of a domain that hosts several EcoStruxure Building Operation servers has access to all servers within the domain without additional logon. The user account or user account group can have restricted path permissions preventing the user to access the servers.
You can set up domains in several ways. You can have a communication domain that only contains EcoStruxure Building Operation servers and another domain that contains users, workspaces, and software permissions. Or you can have a combined domain that manages both servers and users.
An EcoStruxure Building Operation server can belong to more than one domain.
For example, an EcoStruxure BMS consists of two domains, the Inner City domain and the Outer city domain. The user Larry has a user account in the Inner City domain. The Inner City domain contains several Enterprise Servers and automation servers. One of the automation servers belongs to both the Inner City domain and the Outer City domain. Larry cannot access the servers in the Outer City domain, except for the shared automation server.
You cannot change the name of a domain that is shared between EcoStruxure BMS servers.
If you add an Enterprise Server to an Enterprise Central and want to create a user domain in Enterprise Central with the same name as already exist in any Enterprise Server, you must remove the domain in the Enterprise Server first so that it does not interfere with the new. It is possible to export a domain and import it in the Enterprise Central.
If you want to add automation servers to a domain created in an Enterprise Central, then you must first add the Enterprise server to the domain and then log on to the Enterprise server and add the automation server to the domain there.
If an Enterprise Server is a member of an Enterprise Central domain, you add automation servers to the same domain from the Enterprise Server domain membership.
If your domain controller is within a network that has a Windows Active Directory, you can establish a connection between your EcoStruxure Building Operation domain and the Windows Active Directory. This connection enables inherited user account groups from the Windows Active Directory to EcoStruxure Building Operation software, and allows users to log on to WorkStation with their Windows user accounts.
Do not name an EcoStruxure Building Operation domain with the same name as any Windows domain in your network. An EcoStruxure Building Operation domain and a Windows domain in your network that are named in the same way can cause conflicts when you use an integrated Windows log on for the EcoStruxure Building Operation domains.
If the Windows Active Directory name is changed, you have to manually update the change in EcoStruxure Building Operation software.
EcoStruxure Building Operation software supports Fully Qualified Domain Name (FQDN) and NetBIOS name. The NetBIOS name is displayed in the Log on screen even if FQDN is used as a log on method.
By default, all servers have a local domain that includes a local administrator account, administrator user account group, and administrator workspace. The local domain of a server cannot hold an EcoStruxure Building Operation multi-server system. When logging on to the local domain of a server, you access only the unique server.
A local domain and its content cannot be deleted, edited or include other EcoStruxure Building Operation servers.
On a Local domain, you cannot view bound values from an EcoStruxure BMS server higher or on the same tier in the EcoStruxure BMS hierarchy.
Use this workflow to unify domains and to make sure all the servers have the same domain after you add an Enterprise Central to your system. Related information can be found in the sections after the flowchart.
For more information, see Unify Domains in the Server Structure Workflow .
You can manage user accounts on a domain controller by logging on to the local domain of the EcoStruxure BMS server, using the local administrator and local reports administrator accounts.
For more information, see Administration Accounts in EcoStruxure BMS Server Local Domain .