User Guide User Manual

FactoryTalk Historian To Historian Interface User Guide 99

Chapter 11. Security

The Historian Firewall Database and the Historian Proxy Database must be configured so that

the interface is allowed to write data to the Historian Server. See “Modifying the Firewall

Database” and “Modifying the Proxy Database” in the Historian Server manuals.

Note that the Trust Database, which is maintained by the Base Subsystem, replaces the Proxy

Database used prior to Historian version 3.3. The Trust Database maintains all the

functionality of the proxy mechanism while being more secure.

See “Trust Login Security” in the chapter “Managing Security” of the Historian Server

System Management Guide.

If the interface cannot write data to the Historian Server because it has insufficient privileges,

a -10401 error will be reported in the pipc.log file. If the interface cannot send data to a

PI2 Server, it writes a -999 error. See the section Appendix A: Error and Informational

Messages for additional information on error messaging.

Historian Server v3.3 and Higher

Security configuration using piconfig

For Historian Server v3.3 and higher, the following example demonstrates how to edit the

Trust table:

C:\PI\adm> piconfig

@table pitrust

@mode create

@istr Trust,IPAddr,NetMask,PIUser

a_trust_name,192.168.100.11,255.255.255.255,piadmin

@quit

For the above,

Trust: An arbitrary name for the trust table entry; in the above example,

a_trust_name

IPAddr: the IP Address of the computer running the interface; in the above example,

192.168.100.11

NetMask: the network mask; 255.255.255.255 specifies an exact match with IPAddr

PIUser: the PI user the interface to be entrusted as; piadmin is usually an appropriate user