Using single sign-on

Single sign-on is part of the security policy settings and is managed by FactoryTalk Security. The default setting is for it to be turned on. Single sign-on gives a user access to multiple products in a FactoryTalk-enabled system, without having to log in separately to each product.
For example, after a user logs into FactoryTalk Directory, either by starting and logging into FactoryTalk View Studio, or by using the Log On to FactoryTalk utility, when they start another FactoryTalk-enabled product, the login dialog will not be displayed.
The reason for this is that after the initial login, when another FactoryTalk-enabled product is started, FactoryTalk Security checks the credentials of the logged-in user at the FactoryTalk Directory, and authorizes access to the next product without requiring another log in.
Single sign-on authorization will be in effect for the logged-in FactoryTalk Directory user for the duration of the current Windows session, or until the user logs off the FactoryTalk Directory.
To confirm the setting of single sign-on:
  1. In
    FactoryTalk View SE
    , in the
    Explorer
     window, double-click
    System
     >
    Policies
     >
    System Policies
    .
  2. Right-click
    Security Policy
    , and then click
    Properties
    .
  3. In the
    Security Policy Properties
     dialog box, under
    Single Sign-On Policy Settings
    ,
    Use single sign-on
     should be set to
    Enabled
    .
Remarks
  • To check that the user is logged into FactoryTalk Directory, open the Log On to FactoryTalk utility. If a user name is displayed in the Logon Information section of the Log On to FactoryTalk dialog box, the single sign-on user has been set.
  • Single sign-on is not supported by the Specify FactoryTalk Directory Location tool. You have to log in every time you use it.
  • If the FactoryTalk View SE client is the first product to log into FactoryTalk Directory on a computer, the currently logged-in Windows user will be logged into FactoryTalk Directory and single sign-on will be set if the user is also a FactoryTalk Security Windows-linked user and single sign-on has been turned on in FactoryTalk Security.
  • If the user attempting to log on is a FactoryTalk Security user, but not a FactoryTalk Security Windows-linked user, they are logged into FactoryTalk Directory without setting single sign-on.
  • For more information about how these features are used in FactoryTalk View, see Chapter 5 in the
    FactoryTalk View Site Edition User's Guide
    .
  • For more information about single sign-on, see
    FactoryTalk Services Platform Help
    .
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.
Normal