Siemens: How to configure security features in WinCC OA 3.17

During the recent development of a new project in WinCC OA (Open Architecture) 3.17, Siemens’ highest level platform for visualization, AWC’s application engineering team got some hands-on experience with some newly integrated security features, including Server Side Authentication (SSA)  for the various user interfaces (UIs) and managers.  Below are some steps on how to successfully configure SSA and proceed with the rest of the WinCC OA project development.
  • Starting with SSA on in the very beginning will prevent access to the WinCC OA graphics editor (GEDI).  To remedy the situation, begin by commenting out accessControlPlugin in the config file.
  • Remove – ssa from the UI Manager.
  • Open GEDI and navigate to the System Manager -> Settings -> Device Management
  • Once the Device Manager is open, temporarily enable “Automatic Unlock”.  This will allow authorization to connect with GEDI when SSA is turned on.
  • SSA does not allow the root user access to UIs; otherwise, SSA will error out and say that the user is forbidden.  Create another user with root access.
  • Once the new user is created, return to the config file and uncomment accessControlPlugin and add the -SSA option back into the UI Manager.
  • Restart the project to allow the changed settings to take effect and log in to GEDI with the new user.

Additional Contributions

  • Julyann Tu – AWC, Inc.
Based in Houston, TX, Matt Paulissen is AWC’s Texas Gulf Coast Engineering Manager. With 11 years at AWC, he holds certifications in Siemens Automation, Networking, Wireless, and SCADA, as well as Moxa Networking, Wireless, IO, IIOT, and Industrial Computing. As an experience Application Engineer, he is frequently an expert guest speaker on these topics on industry podcasts.

Matt Paulissen

Application Engineering Manager

Matt Paulissen

Application Engineering Manager

Based in Houston, TX, Matt Paulissen is AWC’s Texas Gulf Coast Engineering Manager. With 11 years at AWC, he holds certifications in Siemens Automation, Networking, Wireless, and SCADA, as well as Moxa Networking, Wireless, IO, IIOT, and Industrial Computing. As an experience Application Engineer, he is frequently an expert guest speaker on these topics on industry podcasts.
Leave a Reply

Your email address will not be published. Required fields are marked *