advertisement
Chapter 3 Password Management
3.1 Configuring the Password Management
Function
The following settings are necessary:
For a description of the function, see section 1.4
● Security > Password management
Enables the password management function.
See section 2.1.
● Login
Specify operation modes, user names, and restrictions for each normal user.
See section 2.1
● Root password > Password
Set the password of the root user.
See section 2.1
● Communication (Ethernet) > Password management > KDC connection,
Certification key
Set the server information, the encryption method, etc.You can select the encryption method from AES128, AES256, and ARC4.
These menu items only appear when the password management function is enabled.
For the setting procedure, see section 1.14 in the communication manual
Note
ARC4 (ARCFOUR) is an encryption algorithm that is compatible with RC4.
1
2
3
App
Index
● Communication(Ethernet) > SNTP client
For the password management function to work, the times on the KDC server and the DX must be synchronized. Configure the DX to always synchronize itself with an
SNTP server on the network.
For the setting procedure, see section 1.8 in the communication manual
Note
The password management function will not work if there is a difference of ±5 minutes or more between the DX and the KDC server.
IM 04L41B01-05EN
3-1
3-2
3.2 Using the Password Management Function
Logging In and Out
Logging In
Log in by entering the user name and password.
1.
Press FUNC.
A window for entering the user name appears.
2.
Select or enter a user name, and press DISP/ENTER.
On the left is the DX1000 screen. On the right is the DX2000 screen.
3.
Enter the password, and press
DISP/ENTER.
The window closes, and you are logged in.
Note
Even if you enter a password, you may not be able to log in because of a network error or a problem with the settings. An error message will appear if this is the case. Perform the operation described below to log in as the root user.
1. Enter "root" for the user name, and press DISP/ENTER without entering a password.
An error message will appear, followed by a window for entering the password again.
2. Enter the root password, and press DISP/ENTER.
You can log in as the root user. The initial root user password is root123.
Logging Out
For operating instructions, see section 2.2.
IM 04L41B01-05EN
3.2 Using the Password Management Function
Signing In
When you sign in, you will be prompted for a user name and password.
For operating instructions, see section 2.3
Dealing with the "Invalid User" Status
If a user enters the wrong password and presses DISP/ENTER consecutively for the specified number of times (the password retry count), that user is invalidated. The user-locked icon appears in the status area. The user can log in again after a system administrator performs the locked-ACK operation (and the user-locked icon disappears).
For clearing the user locked icon, see section 2.2.
Note
The "Invalid user" status is only applicable on the DX being operated. The user account on the server is not invalidated.
1
2
3
App
Password Expiration Date
Manage passwords and their expiration dates on the KDC server.
Note
When preauthentication is not being used, users may be able to log in to the DX even after the password has expired.
Index
IM 04L41B01-05EN
3-3
3-4
3.3 Error Messages and Corrective Actions
Errors That Occur during Authentication
Code Message
E006 Incorrect input character string.
E085
E110
E114
E117
E764
E765
E766
E767
E768
E769
E771
E772
E773
E774
E775
The login password is incorrect.
This user name is not registered.
This user name is invalid.
This password is not effective.
Not supported by this machine.
Preauthentication failed.
The encryption type is not supported by this machine.
Failed to receive authentication from KDC server.
Change the password.
The time difference with the KDC server exceeds the limit.
The host principal is not registered.
The host principal is invalid
The host password is incorrect.
Preauthentication failed.
The realm is incorrect.
Explanation/Corrective Action
Check that the host principal, authentication key password, and realm name settings on the DX are correct.
Enter the correct password.
The specified user is not registered on the DX. The user account is not registered on the server.
The account has been invalidated on the server.
The account has been invalidated on the DX.
On the DX, because the wrong password has been entered consecutively for more than the permissible number of times, this user is invalid.
Not supported by the DX.
Enter the correct password. Also, make sure that the times on the DX and the server match.
The DX does not support the encryption type, or the encryption type settings on the DX and the server are different. Use the same encryption method on the DX and the server.
Check the DX and server settings. Also, make sure that the times on the DX and the server match.
The password has expired. Change the password of the user account that is registered on the server.
There is a time difference of 5 minutes or more between the DX and the server. Set the DX time to match the time on the server.
The host account is not registered on the server.
Check the host account that is registered on the server.
Make sure that the DX authentication-key password and the server's host-account password match.
An internal error occurred during preauthentication.
Disable the server's preauthentication function.
Make sure that the realm name setting on the DX is correct.
Errors That Occur during Communication
Code Message
E260 IP address is not set or ethernet function is not available.
E266 Ethernet cable is not connected.
E760
E761
Cannot find KDC server.
KDC server connection error.
Explanation/Corrective Action
The server address has not been specified.The Ethernet is not functioning.
Make sure that an Ethernet cable is connected.
The KDC server cannot be found in the same domain.
An error occurred while the DX was connecting to the
KDC server. Make sure that the network connection is not broken.
IM 04L41B01-05EN
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement
Table of contents
- 3 Conventions Used in This Manual
- 4 Applicable Recorders
- 4 What This Manual Explains
- 5 Contents
- 7 Chapter 1 Explanation of the Advanced Security Function
- 7 1.1 Using the Advanced Security Function
- 7 Operation Overview
- 8 DX Operation Range
- 8 PC Software
- 9 Terms Used in This Manual
- 10 1.2 Recording and Saving Data
- 10 Data Types
- 11 Data Recording and Storage Flowchart
- 11 Display, Event, and Setup Data File Encryption
- 12 Display and Event Data Recording Methods
- 14 Manual Sampled Data
- 14 Report Data
- 15 Directories and File Saving on External Storage Medium
- 16 Saving Data to External Storage Medium
- 22 Other Types of Data That can Be Stored
- 22 Saving Data through an Ethernet Network
- 23 1.3 Login Function
- 23 Logging In and Out Using Keys
- 23 Logging In and Out through Communication
- 24 User Levels
- 27 Login Restrictions
- 28 How the DX Operates When the Login Function Is Not Used
- 29 1.4 Password Management Function
- 30 1.5 Audit Trail Function
- 30 Information That Is Saved to Measured Data Files
- 31 Operation Log
- 31 Login Information
- 32 Change-Settings Log and Setup Files When Recording (Memory Sampling) Is Not in Progress
- 33 Change-Settings Log When Recording (Memory Sampling) Is in Progress
- 35 SET0 Directory Operations
- 36 1.6 Signature Function (Digital signature)
- 36 Signable Files
- 36 Signature Privileges and Signatures
- 37 Signing from the DX
- 37 Signing Using the Attached DAQSTANDARD Application
- 38 1.7 Unique Specifications of DXs with Advanced Security
- 38 Functions That Differ from Those of DXs without Advanced Security
- 39 Functions That Differ from Those of the DX100P and DX200P
- 40 Chapter 2 Logging In, Logging Out, and Signing
- 40 2.1 Registering Users and Setting the Signature Method
- 47 2.2 Logging In and Out
- 55 2.3 Signing Display and Event Data
- 63 2.4 Checking the Change Settings Log
- 64 Chapter 3 Password Management
- 64 3.1 Configuring the Password Management Function
- 65 3.2 Using the Password Management Function
- 65 Logging In and Out
- 66 Signing In
- 66 Dealing with the "Invalid User" Status
- 66 Password Expiration Date
- 67 3.3 Error Messages and Corrective Actions
- 67 Errors That Occur during Authentication
- 67 Errors That Occur during Communication
- 68 Appendix
- 68 Appendix 1 Operation Log Contents
- 68 Operation Log
- 70 Detailed Information
- 70 Operation Types
- 70 User Name
- 71 Index