PLCnext on LinkedInPLCnext on Instagram  PLCnext on YouTube Github PLCnext CommunityStore PLCnext Community

  1. Martin PLCnext Team
  2. PLCnext Engineer
  3. Monday, 18 December 2017

I have the following requirements:

- Simple HMI for a machine ( ✓ AXC F 2152 with eHMI)

- HMI users need to log in ( ✓ AXC F 2152 with eHMI)

- HMI users must be authenticated against a Windows Active Directory server. ( ??? )

Can a PLCnext guru tell me if this final requirement is currently possible and if not (which I suspect) - are there any plans to make this possible, or else any tips on how I can easily roll my own AD authentication with eHMI?

Phoenix Contact Electronics Headquarters - PLCnext Runtime Product Management and Support

Accepted Answer
AndreasW PLCnext Team Accepted Answer Pending Moderation
0
Votes
Undo

> - HMI users need to log in ( ✓ AXC F 2152 with eHMI)

Currently with AXC F 2152 (firmware 1.0.0.250) the eHMI user can not (needs not) log in. In 2018 we want to bind eHMI to the PLCnext User Manager.

 

> - HMI users must be authenticated against a Windows Active Directory server. ( ??? )

In the future we intend to combine the PLCnext User Manager with LDAP. This would also enable a combination with Active Directory Server.

  1. more than a month ago
  2. PLCnext Engineer
  3. # Permalink
Vincent PLCnext Team Accepted Answer Pending Moderation
0
Votes
Undo

Hi Martin,

 

If you are feeling really adventurous, you might (but it again... you probably shouldn't), cross-compile your own nginx-binary, and combine it with this module https://github.com/kvspb/nginx-auth-ldap. and swap it with the on-target binary.

This would enable you to have ldap-auth from within nging's config files, where you place certain URI's behind ldap auth.

 

You should at least compile with the current options:

root@axcf2152:~# nginx -V
nginx version: nginx/1.10.1
built with OpenSSL 1.0.2j 26 Sep 2016
TLS SNI support enabled
configure arguments: --crossbuild=Linux:arm --with-endian=big --with-int=4 --with-long=4 --with-long-long=8 --with-ptr-size=4
--with-sig-atomic-t=4 --with-size-t=4 --with-off-t=4 --with-time-t=4 --with-sys-nerr=132
--conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log
--error-log-path=/var/log/nginx/error.log --pid-path=/run/nginx/nginx.pid
--prefix=/usr --with-http_ssl_module --with-http_gzip_static_module

But i highly advice against it, as it might break more than you bargained for.

Phoenix Contact Netherlands - Technical Consultant

  1. more than a month ago
  2. PLCnext Engineer
  3. # 1
  • Page :
  • 1


There are no replies made for this post yet.
However, you are not allowed to reply to this post.