When logging on to an EcoStruxure BMS server, you have to authenticate yourself by using a valid user account. The user account has to belong to the same domain as the server you log on to.
The user account has to be a member of at least one user account group or be mapped through an active directory user account group. To restrict the user, software permissions are added to the user account group or to the individual user account. One or more customized workspaces can be connected to the user account group.
When logging on to the EcoStruxure BMS server that acts as the domain controller, in this example an Enterprise Server, you have access to all EcoStruxure BMS servers in the domain without using additional log on. If you log on to an individual EcoStruxure BMS server you have no access to other EcoStruxure BMS servers in the domain.
The EcoStruxure BMS considers a user account valid when:
The user account exists
The user account is not disabled or expired
The user account belongs to a user account group or mapped active directory user group
The user account group belongs to a domain
The user account has defined software permissions, either defined on the individual account or inherited from the user account group
A user account can be a member of one or more user account groups and belongs to a particular domain.
For more information, see User Accounts and User Account Groups .
An EcoStruxure Building Operation domain contains user accounts, user account groups, software permissions, workspaces, and one or several EcoStruxure BMS servers. The EcoStruxure BMS server that hosts and administers the domain is called the domain controller.
For more information, see Domains .
Software permissions are used to manage privileges that user account groups and user accounts own to objects in Building Operation software. In the EcoStruxure Building Operation software, you can assign two types of software permissions to user account groups and user accounts: path permissions and command permissions. You can also assign extended permissions to all the instances of folder structure or of a custom type.
For more information, see Software Permissions .
The EcoStruxure BMS provides two methods to log on to the system. Either you log on as a Windows User with your Windows Active Directory user account or as EcoStruxure Building Operation user with your EcoStruxure Building Operation user account.
For more information, see Log On Methods .
The workspace defines the content and layout of WorkStation. The content and layout of the workspace can be adapted different tasks for user accounts or user account groups.
For more information, see Workspace Management .
The automatic logoff function makes it possible for the system to automatically log off a user after a specified time of inactivity.
For more information, see Automatic Logoff .
You create a Guest user account when you need a limited view of the system that does not require any log on.
For more information, see Guest User Account .
You can configure a user group to automatically log on to the Guest user account when a user account that belongs to the group is manually or automatically logged off.
For more information, see Automatic Logoff to Guest Account .
A guest logon is used when you want the user to get immediate access to the EcoStruxure Building Operation software using WebStation.
Using WebStation you can display a list of all active user sessions. From the list you can deactivate user sessions.
For more information, see Displaying a List of User Sessions in WebStation .