earth_america
user_standard Log on
earth_america
Log on to rate and give feedback 1 2 3 4 5 Log on to rate
0
How to

How to


Products: Enterprise Central, Enterprise Server, Esmi Sense FDP
Functionalities: User Management
12/3/2024

Creating and Configuring a Domain

You create a domain to group EcoStruxure BMS servers, users, and user groups in one domain so that all users and user groups of the domain have access to all EcoStruxure BMS servers within the domain. You can connect the domain to a Windows Active Directory domain to make user accounts from the Windows Active Directory accessible to the EcoStruxure Building Operation software, and to allow users to log on to WorkStation with their Windows user account. You cannot directly add a field server to a domain in an Enterprise Central.

Show More
action_close

An EcoStruxure Building Operation domain contains user accounts, user account groups, software permissions, workspaces, and one or several EcoStruxure BMS servers. The EcoStruxure BMS server that hosts and administers the domain is called the domain controller.

Normally, a user account or user account group that is a member of a domain that hosts several EcoStruxure Building Operation servers has access to all servers within the domain without additional logon. The user account or user account group can have restricted path permissions preventing the user to access the servers.

You can set up domains in several ways. You can have a communication domain that only contains EcoStruxure Building Operation servers and another domain that contains users, workspaces, and software permissions. Or you can have a combined domain that manages both servers and users.

Note:

An EcoStruxure Building Operation server can belong to more than one domain.

For example, an EcoStruxure BMS consists of two domains, the Inner City domain and the Outer city domain. The user Larry has a user account in the Inner City domain. The Inner City domain contains several Enterprise Servers and field servers. One of the field servers belongs to both the Inner City domain and the Outer City domain. Larry cannot access the servers in the Outer City domain, except for the shared field server.

 
action_zoom_plus_stroke EcoStruxure Building Operation domain and its components.
Figure: EcoStruxure Building Operation domain and its components.
Note:

You cannot change the name of a domain that is shared between EcoStruxure BMS servers.

If you add an Enterprise Server to an Enterprise Central and want to create a user domain in Enterprise Central with the same name as already exist in any Enterprise Server, you must remove the domain in the Enterprise Server first so that it does not interfere with the new. It is possible to export a domain and import it in the Enterprise Central.

If you want to add field servers to a domain created in an Enterprise Central, then you must first add the Enterprise server to the domain and then log on to the Enterprise server and add the field server to the domain there.

If an Enterprise Server is a member of an Enterprise Central domain, you add field servers to the same domain from the Enterprise Server domain membership.

Windows Active Directory Domain

If your domain controller is within a network that has a Windows Active Directory, you can establish a connection between your EcoStruxure Building Operation domain and the Windows Active Directory. This connection enables inherited user account groups from the Windows Active Directory to EcoStruxure Building Operation software, and allows users to log on to WorkStation with their Windows user accounts.

Do not name an EcoStruxure Building Operation domain with the same name as any Windows domain in your network. An EcoStruxure Building Operation domain and a Windows domain in your network that are named in the same way can cause conflicts when you use an integrated Windows log on for the EcoStruxure Building Operation domains.

Important:

If the Windows Active Directory name is changed, you have to manually update the change in EcoStruxure Building Operation software.

EcoStruxure Building Operation software supports Fully Qualified Domain Name (FQDN) and NetBIOS name. The NetBIOS name is displayed in the Log on screen even if FQDN is used as a log on method.

Server Local Domain

By default, all servers have a local domain that includes a local administrator account, administrator user account group, and administrator workspace. ​The local domain of a server cannot hold an EcoStruxure Building Operation multi-server system. When logging on to the local domain of a server, you access only the unique server.

A local domain and its content cannot be deleted, edited or include other EcoStruxure Building Operation servers.

Important:

On a Local domain, you cannot view bound values from an EcoStruxure BMS server higher or on the same tier in the EcoStruxure BMS hierarchy.

Unify Domains in the Server Structure Workflow

Use this workflow to unify domains and to make sure all the servers have the same domain after you add an Enterprise Central to your system. Related information can be found in the sections after the flowchart.

For more information, see Unify Domains in the Server Structure Workflow .

Administration Accounts in Server Local Domain

You can manage user accounts on a domain controller by logging on to the local domain of the EcoStruxure BMS server, using the local administrator and local reports administrator accounts.

For more information, see Administration Accounts in EcoStruxure BMS Server Local Domain .

To create and configure a domain
  1. In WorkStation, in the System Tree pane, select the EcoStruxure BMS server you want to configure.

  2. Click the Control Panel tab.

  3. Click Domain .

  4. In the Domain Control Panel , click Add .

  5. In the Create Object wizard, in the Name box, type a name for the domain.

    Do not name an EcoStruxure Building Operation domain with the same name as any Windows domain in your network. An EcoStruxure Building Operation domain and a Windows domain in your network that are named in the same way can cause conflicts when you use an integrated Windows log on for the EcoStruxure Building Operation domains.

  6. In the Description box, type a description for the domain.

  7. Click Next .

  8. In the Authentication page, in the Windows domain name box, type the name of a Windows Active Directory domain to connect the domain to a Windows domain.

  9. Click Next .

  10. In the Domain Members page, in the Available Servers box, select the EcoStruxure BMS servers that you want to connect to the domain.

    Note:
    • The Domain Members page appears only if there are any EcoStruxure BMS servers available to connect to the domain.

    • You cannot directly add a field server to a domain in an Enterprise Central, you need to add an Enterprise Server to the domain first.

  11. Click the Add button

     
    action_zoom_plus_stroke
    .

  12. Click Next .

  13. In the Domain Policies page, in the Maximum logon attempts box, enter the number of failed logon attempts allowed for users belonging to the domain before their user accounts are temporarily disabled.

  14. Click Create .

  • Domains
  • Domain Wizard – Authentication Page
  • Domain Wizard – Domain Policies Page
  • Creating and Configuring a Domain
  • Editing the Description of a Domain
  • Editing the Maximum Logon Attempts
  • Assigning a Field Server to a Domain
  • Removing a Field Server from a Domain
  • Deleting a Domain