Authentication
Authentication modes
| Users type | Description |
|---|---|
|
Model |
Users created in FactoryTalk Optix Studio. |
|
Local |
Local machine users. |
|
Domain |
Active Directory or LDAP users. Domain users can log on to FactoryTalk Optix Applications by using these username conventions:
|
| Operating system | Model authentication | Local authentication | Active Directory authentication | LDAP server authentication |
|---|---|---|---|---|
|
Windows |
 |
|
|
|
|
Ubuntu 22 |
|
|
Domain users and groups mapping
-
If a domain user logs on at runtime, a corresponding model user is created.
-
Existing model groups are mapped with the corresponding domain groups.
-
Existing model users are mapped with the corresponding domain users if the model username matches the domain username and the domain variable under the user model node.
-
If a domain user is no longer in a domain group, the corresponding model user is removed from the corresponding model group.
-
If a domain user becomes a member of a domain group, the corresponding model user is added to the corresponding model group.
The corresponding model user is added to the corresponding model group if the domain group exists in the model.
-
If a domain user is removed from a group and the corresponding model user belongs to the model group, the user is removed from the model group after a successful log in.
Password policies
- Minimum and maximum password age
- Minimum password length
- The necessity to set unique passwords