5 User Management Model ToC Previous

5.2 UserManagementType ToC Previous Next

5.2.1 UserManagementType definition ToC Previous Next index

The UserManagement Object defined in 5.3 is a UserManagementType which is formally defined in Table 13.

Table 13 – UserManagementType definition

Attribute Value        
BrowseName UserManagementType        
IsAbstract False        
References Node Class BrowseName DataType TypeDefinition Modelling Rule
Subtype of BaseObjectType defined in OPC 10000-5          
HasProperty Variable Users UserManagementDataType[] PropertyType Mandatory
HasProperty Variable PasswordLength Range PropertyType Mandatory
HasProperty Variable PasswordOptions PasswordOptionsMask PropertyType Mandatory
HasProperty Variable PasswordRestrictions LocalizedText PropertyType Optional
HasComponent Method AddUser Defined in 5.2.5. Mandatory  
HasComponent Method ModifyUser Defined in 5.2.6. Mandatory  
HasComponent Method RemoveUser Defined in 5.2.7. Mandatory  
HasComponent Method ChangePassword Defined in 5.2.8. Mandatory  
Conformance Units          
Security User Management Server          

The Properties and Methods of the UserManagementType contain sensitive security related information and shall only be readable and callable by authorized administrators through an encrypted channel. The only exception is the ChangePassword Method. It requires an encrypted channel but it can be called by the Session user if the user token type for the Session is not USERNAME.

The Users Property specifies the currently configured users and their settings as array of UserManagementDataType Structure defined in 5.2.4.

The Property PasswordLength defines the minimum and maximum length requirement for setting the password. A value of 0 for low indicats no limit for minimum and 0 for high indicates no limit for maximum password length. The Range DataType is defined in OPC 10000-8.

The Property PasswordOptions defines the password features and requirements for setting a password in a bit mask defined by the PasswordOptionsMask DataType. If the Server does not define any special requirements nor does not support enhanced features for the password management, all bits in the bit mask are set to false.

The Property PasswordRestrictions allows a Server to provide additional explanations about the rules applied to new passwords accepted by the Server.

Previous Next