EngineerIT

Security Lock

Engineering Manual
User Access

Notice
Information provided in this manual is subject to change without prior notice and
represents no obligation on the part of ABB Automation Products.
The industrial standards and regulations (e.g. DIN, VDE, VDI, etc.) applicable in the
Federal Republic of Germany are used. Outside the Federal Republic of Germany, the
relevant national specifications, standards and regulations must be observed.
ABB Automation Products reserves all rights, especially those arising out of BGB,
UWG, UrhG as well as out of industrial property rights (patents, utility models,
trademarks, service trademarks and flavor samples).
The designations used and the products shown/mentioned in this manual have not been
specifically marked regarding existing industrial property rights.
No part of this manual may be reproduced without prior written permission from ABB
Automation Products.
Should you find any mistakes in this manual, please make a copy of the appropriate
page(s) and send it/them to us with your comments. Any suggestions which may help to
improve comprehension or clarity will also be gratefully accepted.
Please send your suggestions to:
Product Management Dept., DEAPR/LMS-Hannover, Fax: +49 (0)511 6782 701

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

DigiLock

Table of Contents
1
1.1

General Description of DigiLock................................................................................ 5

Procedure Overview ...................................................................................................... 5

2
2.1
2.2

DigiLock Installation ................................................................................................... 6

Starting DigiLock Setup ................................................................................................. 6
Initial Password for starting DigiLock............................................................................. 8

3
3.1
3.2
3.3

Call-up of DigiLock ...................................................................................................... 9

Call-up from DigiTool..................................................................................................... 9
Call-up from DigiVis....................................................................................................... 9
Call-up from the Windows NT Task Bar ........................................................................ 9

4
4.1
4.2

DigiLock Password ................................................................................................... 10

General Note on DigiLock Password........................................................................... 10
Changing the DigiLock password ................................................................................ 10

5
5.1
5.2

User interface............................................................................................................. 11
Menu overview DigiLock.............................................................................................. 11
Description of the Toolbar ........................................................................................... 11

6
6.1
6.1.1
6.1.2
6.1.3
6.2
6.2.1
6.2.2
6.2.3
6.2.4

Configuring users and groups with DigiLock......................................................... 12

Group data, system rights ........................................................................................... 12
Add a new group ......................................................................................................... 13
Delete a group ............................................................................................................. 13
Modify group entries .................................................................................................... 13
User Data..................................................................................................................... 14
Add a new user............................................................................................................ 15
Delete an user ............................................................................................................. 15
Modify user entries ...................................................................................................... 15
Change user password................................................................................................ 16

DigiLock on the Operator Station ............................................................................ 17

8
8.1
8.2
8.3

Access rights configuration for the project............................................................ 18

Specification of target PC user groups in the project .................................................. 18
Configuring access rights to displays and logs with DigiTool...................................... 19
Inheritance hierarchy of access rights ......................................................................... 19

DigiLock and several PCs......................................................................................... 21

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

DigiLock

1 General Description of DigiLock

DigiLock is a separate auxiliary program for the scaleable control system Freelance 2000. It
provides access control for configuration with DigiTool and for operation and observation
with DigiVis. The access control system can be implemented for an entire Freelance 2000
system with a single DigiLock licence.
It is possible, even without DigiLock, to specify during configuration with DigiTool whether or
not the operator at an operator station is allowed, for example, to alter a controller set-point.
This specification has influence for every operator on the operator station.
In contrast, with DigiLock, it is possible to give operator A permission to operate a controller
but not operator B.
A prerequisite is that the set-point have been marked as adjustable in the controller parameter
mask. Then with appropriate entries in the tag list, permission to operate the controller is given
to operator A and denied to operator B.
In a system with DigiLock installed, users are required to login before using DigiVis or
DigiTool.
Technical Limitations:
Number of access groups (user profiles)
Number of users:

max. 16
max. 1000

1.1 Procedure Overview

On the Engineering Station
1. Installing DigiLock on engineering station (PC with DigiTool)
2. Assign groups to project with DigiTool (Project Tree Edit User groups).
3. Using DigiTool, specify the project rights of each group in the tag list and in the project tree.
On the Operator Stations
1. Installing DigiLock on the operator stations (PCs with DigiVis)
2. Determine the groups and their system rights with DigiLock. (if necessary by copying the file
DIGIMAT.UID per diskette from the engineering station to the control station).
3. Add user and assign to the groups.

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

DigiLock

2 DigiLock Installation
DigiLock can be installed on every PC which is to be used in the Freelance 2000 system. If
there is an operator station without DigiLock, the users on this station have all rights.
DigiLock installation is carried out by the setup program, SETUP.EXE, included on the floppy
disk. This program puts a file named DIGILOCK.EXE in the Freelance 2000 EXE directory.

1.1 Starting DigiLock Setup

The Setup Program is started from the Windows Program-Manager. Put the DigiLock floppy disk
in drive A.
Program Manager File Run Command Line: a:\setup
The following dialog box will be displayed.

di4001us.bmp

CONTINUE

The installation will continue with the next dialog box.

It is possible at any time to discontinue the installation with the EXIT button or to call up a
help file with the HELP button. Both buttons are found in the lower right-hand corner of
the Setup Desktop.

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

DigiLock

ac001us.bmp

Standard Setup

Installation of DigiLock in the PC

Server Setup

Installation of DigiLock in the Server for later workstation setup

(enter destination path)

Workstation Setup

Start setup from Server to the workstation

In the next window the file path will be defined; the default is c:\freelance. Or the disk drive is
selected on which a Freelance component has already been found.

di4227us.bmp

CONTINUE

Opens the next dialog box.

BACK

Return to the previous window.

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

DigiLock

Completion of the installation will be accompanied by the following display:

di4003us.bmp

Using the Task Bar, the program can be started with:

Start Programme Freelance 2000 DigiLock

After the installation of DigiLock the user GUEST is logged in in DigiTool and DigiVis. He
has no rights, that means:

GUEST is not able to configure with DigiTool,

GUEST is not able to operate and observe with DigiVis.

For solving this problem you have to configure users, groups and their rights immediately.

2.2 Initial Password for starting DigiLock

The Initial Password required to run DigiLock for the first time after installation is:

admin
When the program is first run, this password should be changed.

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

DigiLock

3 Call-up of DigiLock
There are three possibilities to call-up DigiLock:

3.1 Call-up from DigiTool

DigiTool opening menu Options Run DigiLock

Prerequisite: The user logged in to DigiTool must be authorised to configure DigiLock.

3.2 Call-up from DigiVis

DigiVis menu Options Run DigiLock

Precondition: The user logged in to DigiVis must be authorised to configure DigiLock.

3.3 Call-up from the Windows NT Task Bar

Start Programs Freelance 2000 DigiLock

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

DigiLock

4 DigiLock Password
4.1 General Note on DigiLock Password
The password must be given each time the DigiLock configuration dialog is started.

di4006uk.bmp

The initial password, which must be used when starting DigiLock for the first time after
installation, is: admin
To prevent the password from being compromised, it is shown as ******* on the screen.

4.2 Changing the DigiLock password

DigiLock menu File Password

di4007uk.bmp

In order to set a new password, the old password must be re-entered. The new password must
then be typed in twice identically. Clicking OK stores the new password immediately; it must be
used for future starts of the DigiLock configuration dialog.

If you forget the password, please contact our technical service to get immediate
assistance.

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

10

DigiLock

5 User interface
5.1 Menu overview DigiLock

File

Save
Backup
Restore
Password..
Exit

save current file

backup of the current file
restore file from backup
change the password of DigiLock
exit DigiLock

Edit

Add
Delete
Modify
Rename
Set password..

add a new entry

delete entries
modify entries
rename users or groups
change user password

View

Users
Group
Toolbar
Status bar

user data
group data
switch on / switch off
switch on / switch off

5.2 Description of the Toolbar

All important functions are represented by buttons in the toolbar.

di4008uk.bmp

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

11

DigiLock

6 Configuring users and groups with DigiLock

6.1 Group data, system rights
DigiLock-menu View Groups

di4009uk.bmp

Group name
CONF
COMM
LOCK

defined by user
May configure
May commission, i.e. establish connection to process station and
download programs
May start DigiLock

Group entries can be edited, deleted or created with the Edit menu or with the appropriate tool
from the toolbar.

The group GUEST is always available and cant be edited, renamed or deleted.These
settings apply to every project run on the associated engineering station.

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

12

DigiLock

6.1.1 Add a new group

Edit Add Enter a new group
or
Button ADD from toolbar Enter a new group

6.1.2 Delete a group

Edit Delete
or
Select group Button DELETE from toolbar

6.1.3 Modify group entries

Select group entry Edit Modify
or "edit group data"
Double clicking on group entry
or
Select group entry Button MODIFY from toolbar

di4015uk.bmp

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

13

DigiLock

6.2 User Data

DigiLock-menu View User

di4010uk.bmp

User entries can be edited, deleted or created with the Edit menu or with the appropriate tool
from the tool bar.

Only the user GUEST cant be edited, renamed or deleted.

A user obtains the system rights of the group assigned to him/her.
Login name

Name of the user, to be used for logging in into system. May be 8

characters long.

User long name:

Arbitrary text. Preferably the exact identification of user.

User group

Name of the group the user is assigned.

A user can be assigned to several groups through different login names.

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

14

DigiLock

6.2.1 Add a new user

Edit Add Enter a new user
or
Button ADD from toolbar Enter a new user

6.2.2 Delete an user

Select user entry Edit Delete
or
Select user entry Button DELETE from toolbar

6.2.3 Modify user entries

Select user entry Edit Modify or
Double clicking on user entry or
Select user entry Button MODIFY from toolbar

di4014uk.bmp

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

15

DigiLock

6.2.4 Change user password

A users password is initially set to the corresponding login name. The password can
be changed by the user, either in DigiVis or in DigiTool.
If a user changes his password, the new password is not changed for all PCs in the
Freelance system. The user has to change his password on every PC in the Freelance
2000 system, if he wants to have the same password everywhere as the configuration of
DigiLock is stored locally. See also page 21, DigiLock and several PCs.
If necessary the supervisor can input a new password for each user.
Menu DigiLock Edit Set password

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

16

DigiLock

7 DigiLock on the Operator Station

Group and user data must also be configured on every control station. This can be done in the
same manner as described on page 12, Configuring users and groups with DigiLock.
To spare unnecessary work, the file Digimat.UID from the engineering PC can be copied
to operator stations after configuring the groups and users.
On the operator station (with DigiVis), the DigiLock operator sees the following:

Each user must log in before being allowed to perform any operations.
The user name always appears in the status line.
Entries or operator actions recorded in the signal sequence log can include the login name.

Standard user names

NOLOCK No DigiLock licence

GUEST No one logged on, e.g. just after DigiVis is started
SYSTEM System-initiated operation events (may appear in the signal sequence log)

When a user without proper authorisation attempts to operate a display, the following message
box will pop up:

di4011uk.bmp

In addition, the lack of authorisation will be signalled in the status line by highlighting the user
name and focus icon in red.

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

17

DigiLock

8 Access rights configuration for the project

8.1 Specification of target PC user groups in the project
Different user groups can be defined on the engineering station and the operator stations. For
this reason, the user groups of the target PC must be specified in the project.
The project tree has a submenu for configuration of access groups.

Edit Access groups

di4005uk.bmp

When a new group is added, it is, by default, given "visualise but no "operate access rights to
all currently existing objects (see further below).

>

The selected local engineering station groups are added to this project

>>

All groups on the local engineering station are added to this project.

ADD

Add a new access group to this project.

DEL

Delete an user group from the project.

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

18

DigiLock

8.2 Configuring access rights to displays and logs with DigiTool.

Which faceplates can be accessed by which user groups is specified in the DigiTool tag list.
See also DigiTool 1 manual.
Project tree System Tag list
select one or more tags by dragging the mouse over them (with the mouse button
depressed)
Edit Access rights

Which standardised displays, logs and graphic displays can be accessed by which access
groups is specified in the DigiTool project tree
Project tree select one or more displays in the project tree by dragging to mouse over
them (with the mouse button depressed)
Edit Access rights

8.3 Inheritance hierarchy of access rights

On filing an new object, this object will obtain the access rights of its next-higher project tree
node (parent node) as a default entry.
The following inheritance hierarchy has been established in order to simplify the configuration

An existing object has to get the modified access rights applying to its next-higher project
tree node (parent node).
access rights dialog INHERIT

The rights currently applying to a project tree node can be forcibly assigned to all of the
objects under it (its children).
access rights dialog PROPAGATE

When an object is moved or copied, its rights (or those of the copy), remain unchanged.

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

19

DigiLock

di4012uk.bmp

Access right applies to all selected objects (displays or tags)

Access right applies to only some of the selected objects.
Access right does not apply to any of the selected objects (displays or
tags).
INHERIT

Set the rights over each of the selected objects to those of the project tree
node above it.

PROPAGATE

Force the currently configured access rights applying to the selected

project tree node to apply to all of the objects below it (child objects).

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

20

DigiLock

9 DigiLock and several PCs

If a user changes his password on a PC, the new password is not changed for all PCs in the
Freelance system. The configuration of DigiLock (user names, passwords and the assigned
user groups) is stored in a file called DIGIMAT.UID in the Windows directory.
The user has to change his password on every PC in the Freelance 2000 system, if he wants
to have the same password everywhere.
Also it is possible by copying the file DIGIMAT.UID to the other PCs with a floppy disk. This is
not possible if the operator station is active.
The configuration of DigiLock is local.
This makes it possible for one user to be assigned to different groups on several control
stations and therefore to obtain different rights, depending on which control station is
logged in.

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

21

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

DigiLock

Index

A
Add a new group
Add a new user

13
15

C
Call-up of DigiLock
Change user password

9
16

D
Delete a group
Delete an user
DigiLock and several PCs

13
15
16, 21

G
Group data
Group GUEST

12
12

I
Inherit
Inheritance hierarchy of access rights
Initial password
Installation

19
19
8, 10
6

M
Menu overview
Modify group entries
Modify user entries

11
13
15

P
Password

10

S
Standard user names
Guest
Nouser
System

17
17
17
17

T
Technical Limitations:
Toolbar

5
11

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

23

DigiLock

U
User Data
User groups of the target PC
User GUEST

14
18
14

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827

24

Gross Automation, 1725 South Johnson Road, New Berlin, WI 53146, www.ssacsales.com, 800-349-5827