WinCC TIA Archiving ServerNAS DOC v2.0 en

Data Storage on
Windows Server or
NAS Hard Disk
SIMATIC HMI Comfort Panels, Sharing Network Drives

Siemens
and Folders Industry
Online
https://support.industry.siemens.com/cs/ww/en/view/92346478 Support
Legal information
Legal information
Use of application examples
Application examples illustrate the solution of automation tasks through an interaction of several
components in the form of text, graphics and/or software modules. The application examples are
a free service by Siemens AG and/or a subsidiary of Siemens AG ("Siemens"). They are
non-binding and make no claim to completeness or functionality regarding configuration and
equipment. The application examples merely offer help with typical tasks; they do not constitute
customer-specific solutions. You yourself are responsible for the proper and safe operation of the
products in accordance with applicable regulations and must also check the function of the
respective application example and customize it for your system.
Siemens grants you the non-exclusive, non-sublicensable and non-transferable right to have the
application examples used by technically trained personnel. Any change to the application
examples is your responsibility. Sharing the application examples with third parties or copying the
application examples or excerpts thereof is permitted only in combination with your own products.
The application examples are not required to undergo the customary tests and quality inspections
of a chargeable product; they may have functional and performance defects as well as errors. It is
your responsibility to use them in such a manner that any malfunctions that may occur do not
result in property damage or injury to persons.
Disclaimer of liability
Siemens shall not assume any liability, for any legal reason whatsoever, including, without
limitation, liability for the usability, availability, completeness and freedom from defects of the
application examples as well as for related information, configuration and performance data and
any damage caused thereby. This shall not apply in cases of mandatory liability, for example
under the German Product Liability Act, or in cases of intent, gross negligence, or culpable loss of
life, bodily injury or damage to health, non-compliance with a guarantee, fraudulent
non-disclosure of a defect, or culpable breach of material contractual obligations. Claims for
damages arising from a breach of material contractual obligations shall however be limited to the
© Siemens AG 2021 All rights reserved
foreseeable damage typical of the type of agreement, unless liability arises from intent or gross
negligence or is based on loss of life, bodily injury or damage to health. The foregoing provisions
do not imply any change in the burden of proof to your detriment. You shall indemnify Siemens
against existing or future claims of third parties in this connection except where Siemens is
mandatorily liable.
By using the application examples you acknowledge that Siemens cannot be held liable for any
damage beyond the liability provisions described.
Other information
Siemens reserves the right to make changes to the application examples at any time without
notice. In case of discrepancies between the suggestions in the application examples and other
Siemens publications such as catalogs, the content of the other documentation shall have
precedence.
The Siemens terms of use (https://support.industry.siemens.com) shall also apply.
Security information
Siemens provides products and solutions with Industrial Security functions that support the secure
operation of plants, systems, machines and networks.
In order to protect plants, systems, machines and networks against cyber threats, it is necessary
to implement – and continuously maintain – a holistic, state-of-the-art industrial security concept.
Siemens’ products and solutions constitute one element of such a concept.
Customers are responsible for preventing unauthorized access to their plants, systems, machines
and networks. Such systems, machines and components should only be connected to an
enterprise network or the Internet if and to the extent such a connection is necessary and only
when appropriate security measures (e.g. firewalls and/or network segmentation) are in place.
For additional information on industrial security measures that may be implemented, please visit
https://www.siemens.com/industrialsecurity.
Siemens’ products and solutions undergo continuous development to make them more secure.
Siemens strongly recommends that product updates are applied as soon as they are available
and that the latest product versions are used. Use of product versions that are no longer
supported, and failure to apply the latest updates may increase customer’s exposure to cyber
threats.
To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed
at: https://www.siemens.com/industrialsecurity.
Server and file server access

Entry ID: 92346478, V2.0, 03/2021 2
Table of Contents
Table of Contents
Legal information ..................................................................................................... 2
1 Data Storage on a Windows Server Operating System and File
Server (NAS) ................................................................................................... 4
2 User Administration and Sharing .................................................................. 5
2.1 Concept for Folders, Folder shares, and User Permissions ................ 5
2.2 Example ............................................................................................ 6
2.3 Creating Groups and Users ............................................................... 7
2.4 Checking and Revising Groups/Users .............................................. 12
2.5 Sharing Folders ............................................................................... 14
2.6 Necessary Settings for Folder Security ............................................ 21
2.7 Note on the Windows 10 Operating System ..................................... 28
3 User Login on a Panel .................................................................................. 30
3.1 Background Information ................................................................... 30
3.2 Login and Path Information .............................................................. 31
3.2.1 Save Login Data Permanently.......................................................... 31
3.2.2 Calling the Login Dialog Manually .................................................... 32
3.2.3 System Function to Reboot the Panel .............................................. 33
3.2.4 Configuration: Open EXCEL/WORD File via a Network .................... 34
3.2.5 Configuration: Specifying the Archiving Path .................................... 34
3.3 Common Questions on the Subject of "Logging into the Panel" ........ 35
4 Appendix....................................................................................................... 36
4.1 Service and support ......................................................................... 36
4.2 Related literature ............................................................................. 37
4.3 Document history............................................................................. 37

Entry ID: 92346478, V2.0, 03/2021 3
1 Data Storage on a Windows Server Operating System and File Server (NAS)
1 Data Storage on a Windows Server

Operating System and File Server (NAS)
Network access from the Panel to a parent file folder
The principle of network access to a file folder is very similar for a Windows Server
operating system, a NAS hard disk1, or a Windows 10 operating system.
The syntax for accessing a folder is:
\\Computer name\Share name
Note All settings (incl. images) have been made on a Windows 10 operating system.
However, they can also be applied to other operating systems without difficulty.
Contents of the following sections

The following sections provide a detailed description of the following:
• Windows 10 operating system
– Sharing folders.
– Locating the computer name.

– Creating or editing the Share name.
– Security settings.
• Required settings on the Panel.
Figure 1-1
1
NAS hard disk (Network Attached Storage, storage integrated in the network)
A NAS station basically consists of one or more hard drives. Folder and network shares can be
created via an integrated, manufacturer-specific operating system, usually with a web user
interface. The shares can be accessed via the network.

Entry ID: 92346478, V2.0, 03/2021 4
2 User Administration and Sharing
2.1 Concept for Folders, Folder shares, and User Permissions

2.1 Concept for Folders, Folder shares, and User
Permissions
Create a concept before you share folders or assign access permissions. Your
concept should include the following:
• Folder structure
– Which folders should be accessed from the Panel?
– Where might sensitive data be stored?
– Is there any overlap?
• Listing of all users
– Which users are there?
– Which users access the data of the parent file system via the Panel?
• Setting access permissions
– Which users can be assigned to a "Group"?
(user groups that all have the same permissions).
Advantage:
▪ You will not need to assign a permission to each individual user, but
only to the group.

▪ New users can be quickly assigned to or removed from the group.
▪ You can assign a user to different groups and, therefore, give the user
different access permissions.
CAUTION • You need administrative rights for making changes.

• Ensure that you only grant administrative rights to those users who actually
need them.
• Be especially careful when editing your own "account" (user). You may not be
able to access your system afterwards.
• Changes in user administration can cause far-reaching damage through "data
misuse by unauthorized persons". Observe the security recommendations.
Further information on Industrial Security can be found at
http://www.siemens.com/industrialsecurity.

Entry ID: 92346478, V2.0, 03/2021 5
2.2 Example
2.2 Example
The following example shows you how a request can look in practice. This shows
how possible access restrictions and approvals might look.
Starting point
There are three file folders to be accessed over the network.
Main folder: Drive root directory (Data (D:))
Subfolder 1: 00_ProductionLine_01
Subfolder 2: 00_Machine_01
File folder: 01_ProductionData
02_MachineDocuments
03_OperatingManuals
Figure 2-1
The file folders are provided with different user permissions. For example, only the
production manager should have access to the folder "01_ProductionData".
Permissions overview
Table 2-1
Folder name User 1 User 2 User 3
Production Maintenance System operator
manager personnel
01_ProductionData yes No No
02_MachineDocuments yes yes No
03_OperatingManuals yes yes yes
(read only)

Entry ID: 92346478, V2.0, 03/2021 6
2.3 Creating Groups and Users

Calling up the user and group administration
Table 2-2
No. Action
1. Access Computer Management
• In the taskbar, click

"Windows Start Button > Control Panel".
• Select "Large symbols" (1) as the display.
1
• Click "Administration" (2).
2
2. "Administration" view
• Access the Computer Management via "Administration".

Entry ID: 92346478, V2.0, 03/2021 7
No. Action
3. "Computer Management" View
• Select the "Local users and groups" menu.

Under this menu, you will find the folders "Users" and "Groups". All stored
users and groups are listed in the folders.
Create new user
Table 2-3
No. Action
1. Create new user
• Right-click the "User" folder.

• Click "New user…" in the window.

Entry ID: 92346478, V2.0, 03/2021 8
No. Action
2. New User Window
• Enter a new username in the "Username" field and fill in the remaining fields.
– In this example.
Username: User01
Password: 111
• Then click "Create".

The new user is created.
• To enter another user, enter a new name in the "Username" field.

• Once you have created all users, complete the entry by clicking the "Close"
button.

Entry ID: 92346478, V2.0, 03/2021 9
Setting up a new group

Table 2-4
No. Action
1. Create new groups
• Right-click the "Groups" folder.

• Click "New group…" in the window.
2. • In the "New group" window, enter a group name in the "Group name" field.
– Then click the "Add" button (1).
• In the "Select user" window, click "Advanced" (2).
• Click "Search now" (3) in the following window.
– In the "Search results" list, use the left mouse button to select the user
you want to assign to this group. In this example, "User01". (By holding
down the "Ctrl" key, you can select several users at the same time).
– Confirm the entry with "OK".
• To assign additional users to this group, click "Advanced" again in the

"Select users" window (2). To complete the entry, press the "OK" button.
• In the "New Group" window, the "Members" field (4) displays all previously
assigned users of the group.
To create the new group, press the "Create" button (5).
3
2

Entry ID: 92346478, V2.0, 03/2021 10
No. Action
3. Create more groups
To create another group, repeat subsections 1 and 2.

In relation to the example, a total of three groups were created.
• Production manager
• Maintenance personnel
• Operators

Entry ID: 92346478, V2.0, 03/2021 11
2.4 Checking and Revising Groups/Users

The following example shows how to check and revise the settings for the
groups/users.
Table 2-5
No. Action
1. User
Right-click a user. You can use the context menu to access/change various
functions such as the password or the user's properties.
The "Member of" menu, for example, allows you to check which group(s) the user
is assigned to. Furthermore, you can also use this to assign the user to another
group. To do this, click the "Add" button.
Note
"User02" is assigned to the group "Maintenance personnel" and the group
"Users". The group "Users" is usually added automatically by the operating
system. This must be taken into account in the "Security" menu (see Section
2.6).

Entry ID: 92346478, V2.0, 03/2021 12
No. Action
2. Groups
Right-click a group.
You can use the context menu to execute various functions and to call up/change
the properties of the group.
You can use the "Properties" menu to control which users are assigned to this
group, for example. Furthermore, you can also assign additional users to the
group. To do this, click the "Add" button.
To close the window, press the "OK" button.

Entry ID: 92346478, V2.0, 03/2021 13
2.5 Sharing Folders
2.5 Sharing Folders
Note Observe the notes on the operating system "Windows 10, Version 1709" (see
Section 2.7, Note on the Windows 10 Operating System).
Introduction
To access a PC's folder over a network, that folder must have "Sharing" enabled. It
does not matter on which "drive" the folder to be shared is located or if it is located
in one or more "subfolders".
If the folder to be shared contains further subfolders or data, for example, these are
also shared.
Example:
D:Folder 1
Folder 1.1
Folder 1.2
Folder 1.3
If you enable sharing for "Folder 1.1", then you have also enabled access to
"Folder 1.2" and "Folder 1.3", as well as to the contents of these folders.
Table 2-6
No. Action
1. Open the folder properties
Select the file folder you want to share and open the folder's properties.

Entry ID: 92346478, V2.0, 03/2021 14
2.5 Sharing Folders
No. Action
2. Share
• Open the "Sharing" menu (1).

Currently, the network path is not enabled (2).
• Click the "Advanced Sharing" button (3).
3

Entry ID: 92346478, V2.0, 03/2021 15
2.5 Sharing Folders
No. Action
3. Sharing Folders
• Enable the option "Share this folder" (1).

• The default share name is the name of the selected folder. You can keep or
change the name. This does not change the name of the folder (2).
• Set the number of users who can access the folder at the same time. In this
example: 2
1
• Click the "Permissions" button.
2
4. Permissions (existing permission)
By default, a user or group is entered in the "Group or username" field. In this

example, it is the group "Everyone".
You can control the associated users of this group via the Computer
Management (see Section 2.4).
If you do not need the group, you can, for example, change the permissions from
"Allow" to "Deny".
Alternatively, remove the group using the "Remove" button.

Entry ID: 92346478, V2.0, 03/2021 16
2.5 Sharing Folders
No. Action
5. Add permissions
For this example, the group "Everyone" is not needed and is, therefore, deleted.
• Select the "Everyone" group and click the "Remove" button.

• Then press the "Add…" button.
6. • In the "Select Users or Groups" window, click

"Advanced…" (1).
• Click "Search now", as in the following image (2).

Entry ID: 92346478, V2.0, 03/2021 17
2.5 Sharing Folders
No. Action
7. Select user/group
• All stored groups and users are listed in the "Search results" list. Select the
group that should have the permission for the folder.
In this example it is the group "Production Manager".
• Confirm the entry with "OK".
8. View the selected "group".
• To add another group, click the "Advanced…" button and repeat step 7.
• To complete the process, click "OK".

Entry ID: 92346478, V2.0, 03/2021 18
2.5 Sharing Folders
No. Action
9. Set permissions
In the "Group or username" field, all the "groups/users" you have selected are
listed.
• Select one "Group" at a time and assign the associated permissions.
• Complete your entry with "OK".
Note
You can assign different permissions to each "group".
1

Entry ID: 92346478, V2.0, 03/2021 19
2.5 Sharing Folders
No. Action
10. Finished view of the "network path"
View of the shared network path. The complete share name in this case
is \\HH-PC\01_ProductionData
This completes the settings for sharing the folder. The settings under the
"Security" menu follow.
Note
As described at the beginning, there is no "drive letter" and no name of a
"subfolder" in the name of the network path.
11. Changing/extending the permissions
You can subsequently add additional "groups/users" or edit or delete

"permissions" that have already been created. To do this, call up the menus as
described above.
Note Then check the settings under the menu item "Security" in the "Windows folder".
For this, see Section 2.6.

Entry ID: 92346478, V2.0, 03/2021 20
2.6 Necessary Settings for Folder Security

Introduction
In the previous Section, the settings to share a file folder were described.
The settings that were configured there were related to network security.
This Section describes the settings for local permission on the PC.
The settings for this are carried out for a file folder under the menu item "Security".
All users stored under the "Security" menu have access to this local folder and the
files it contains.
Users can only access a "shared folder" if they also have the appropriate
permission under the "Security" menu.
Process for accessing the shared folder

For network access to the shared folder, the parameterized security mechanisms
under "Sharing" and "Security" apply.
First, the permissions given via the "Sharing" menu are checked.
Then, the local permissions that have been made under the "Security" menu are
checked.
Example:
A user has been assigned the "Full Control" permission under the "Sharing" menu.
If no permissions have been assigned to this user under the Security menu, then
the user will not be able to access the folder.
Note "Local" permission is decisive for the access to the folder!

Entry ID: 92346478, V2.0, 03/2021 21
Basic information about "Group or usernames"

The following figure shows the "Security" folder menu of a file folder. In the field
"Group and or usernames", different users/groups are automatically preset by
default (1).
Figure 2-2
1
What does this mean for security?

Through the listed group "Authenticated Users", all logged-in users of the PC have
access to this folder.
Through the listed group "Users", all logged-in users of the PC usually also have
access to the folder.
Background:
When creating a new user via "Computer Management" (see Section 2.3), the
operating system automatically assigns the new user to the "Users" group.
What options are there to ensure that only specified users have access to
this folder?
1. Computer Management
– In Computer Management, you can control the properties of the groups
listed here and, for example, remove all users from this group who do not
belong to it.
2. Create new groups or usernames
– The easiest way to do this is to remove the system default groups from this
folder and assign your own groups to the folder.
Advantage:
The default settings in the Computer Management are not changed. This
means that you always have the option of reverting to the "old status" (e.g.,
if you create a new folder, it will always have the default setting specified
by the system).
In the following section, the "2nd method" is described in detail.

Entry ID: 92346478, V2.0, 03/2021 22
Create a new group assignment

Table 2-7
No. Action
1. Open the folder properties
Select the file folder for which you want to adjust the group membership. To do
this, open the properties of the folder.
2. "Security" menu
• Open the "Security" menu (1).

• Then press the "Advanced" button (2).

Entry ID: 92346478, V2.0, 03/2021 23
No. Action
3. Extended security conditions
• Click the "Change permissions…" button.

4.
• Deactivate the option "Inheritable permissions…" by clicking on the selected
option (1).
A security message appears. Read the message.
• Click the "Remove" button (2).

Entry ID: 92346478, V2.0, 03/2021 24
No. Action
5. • There are now no entries in the "Authorization entries" field. Click the
"Add…" button to add a new permission.
Note
In this example, the option "All permissions for…" has been activated (1).
6. Select group
• In the "Select user or group" window, click "Advanced…" (1).

• Click "Search now" in the next window and select the desired group (2) in
the "Search results" window. Confirm the entry with "OK".
• After confirmation, the previous screen is displayed again. To add another
group, click "Advanced…" again. Click "OK" to complete the process.

Entry ID: 92346478, V2.0, 03/2021 25
No. Action
7. Permissions settings
You can now use this window to define the individual permissions in detail. In this
case, the assigned group "Production Manager" has full control of the folder.
Confirm the entry with "OK":
8. The "Authorization entries" field displays the previously selected "groups".

• To add another group, click "Add…" again. Click "OK" to complete the
process.
• Confirm the still-open windows with "OK".
Note
In this example, the group "Administrators" has also been added

Entry ID: 92346478, V2.0, 03/2021 26
No. Action
9. View of folder properties
The image shows the changed settings under

"Group or usernames". (Left is before → right is after)
This completes the "Security" settings.


Entry ID: 92346478, V2.0, 03/2021 27
2.7 Note on the Windows 10 Operating System

SIMATIC Operator Panels with Windows CE operating system use the
"SMB protocol" for file access to shared folders.
As of Windows 10, version 1709, the "SMB v1.0 protocol" has been disabled by
default on PCs.
This measure prevents Operator Panels that use the "SMB protocol" from
accessing shared folders.
See the Microsoft support pages for detailed information about this action.
https://docs.microsoft.com/de-de/windows-server/storage/file-
server/troubleshoot/smbv1-not-installed-by-default-in-windows
Remedy
To continue accessing the shared file folders on a PC, you have the following
options.
1. SIMATIC HMI Option+ Manager (recommended)

With the "SIMATIC HMI Option+ Manager" \4\ you can manage your Operator
Panels under a uniform user interface and, for example, exchange data between
the Operator Panel and a PC.

A description of this can be found in the document
"92346478_TCP_IP_Networks_Panel_DOC_v2.0" (Integrating HMI Operator
Panels into TCP/IP networks). The document is in the same application example
from which this document is taken.
2. Enabling "SMB v1.0 protocol" (not recommended)

Microsoft has fixed a security vulnerability for the Windows 10 operating system by
disabling the "SMB v1.0 protocol", among other things.
You can manually reverse this action and enable the SMB v1.0 protocol but doing
so creates a security vulnerability.
Enable SMB v1.0 protocol

The following section shows you how to reactivate the "SMB v1.0 protocol" under
Windows 10 in order to be able to again access a folder shared by the PC with the
Operator Panel.
CAUTION Enabling the "SMB v1.0 protocol" in Windows creates a potential security
vulnerability in your system.
Before you re-enable the "SMB v1.0 protocol", please refer to the Microsoft
support pages to find out what effects enabling the "SMB v1.0 protocol"
may have on your installation.

Entry ID: 92346478, V2.0, 03/2021 28
Instructions
1. Open the Settings app from the Windows Start bar.
2. Open "Apps" (1).
The "Apps & Features" page opens (2).
3. From the "Apps & Features" page, open the function
"Program & Features" (3). The "Uninstall or change programs" window opens.
Note
If "Program and Features" is not visible, you can widen the window to show the
feature.
Figure 2-3
3
2
1
4. Select the function "Activate or deactivate Windows features" via the page
"Uninstall or change program" (4). The "Windows Features" window opens.
5. In the "Windows Features" window, activate the options (5).
"SMB Direct".
"SMB 1.0/CIFS File sharing Support".
6. Confirm the entry with "OK".
Note The changes will only take effect after a restart of the computer.
This completes the settings related to "SMB protocol". Access to the shared folders
is possible again.
Figure 2-4

Entry ID: 92346478, V2.0, 03/2021 29
3 User Login on a Panel
3.1 Background Information

3.1 Background Information
Logging in when accessing network shares
The previous Sections described how to share a folder with different user
permissions on the network.
In order to access one of these network shares from the Panel, it is necessary to
log in via the Panel. The Panel provides an operating system function for this
purpose.
Operating system function for logging into the network

There are several ways to log into the network.
• If, for example, archiving takes place via the network, a login screen appears
automatically after Runtime is started.
• When you open a file over the network for the first time, a login screen appears
automatically.
• In the device setting of the Panel, you can permanently store the login
information. You do not need to fill in the login dialog every time after switching
on the Panel.
• You can call the logon dialog directly from Runtime using a system function.
Note that only one user can be specified for the network shares. If you use multiple
network shares, then this user must have permission for all network shares.
Further information can be found in Section 3.2.1.
Panel user administration

The user administration of the Panel is independent of the "network shares". Both
functions are to be considered separately.
Via the user administration of the Panel, you can control the access to functions of
the Panel or the operation of a button.

Entry ID: 92346478, V2.0, 03/2021 30
3.2 Login and Path Information

3.2.1 Save Login Data Permanently
When should you permanently store user login data?

• If, for example, you have specified a network drive as the archiving path, the
user data must be stored before archiving can be started. If this is not the case,
archiving is not started.
• If you do not want to re-enter the login data each time after switching on the
supply voltage.
View Menu item to permanently store the login data on the Panel
1. Call up the device settings of the Panel.
2. Click the "Network ID" icon.
3. Enter the login data in the window.
4. Confirm the entry with "OK".
Figure 3-1
OP Properties, Save Registry/Save Files

Save the settings you made previously.
To do this, click the "Save Registry" button on the Panel under the "OP >
Persistent Storage" menu item and then the "Save Files" button.
Figure 3-2

Entry ID: 92346478, V2.0, 03/2021 31
For the changes to the Panel to take effect, perform a "Reboot". To do this, press
the "Reboot" button on the Panel under the "OP > Device" menu item.
Figure 3-3
3.2.2 Calling the Login Dialog Manually
For example, if you try to access a network drive and you do not have the login
data stored on the Panel, a login dialog will automatically appear on the Panel.
If, for example, you close the login dialog by mistake without completing the entry,
you can call the login dialog manually using a system function.
View login dialog at the Panel

Figure 3-4
Configuration: Calling the Login Dialog Manually

Configure a button for this purpose. Via the system function "StartProgram", you
can call the login dialog directly from Runtime on the Operator Panel.

Entry ID: 92346478, V2.0, 03/2021 32
Configuration view
Figure 3-5
Program parameters
Program name: CTLPNL.exe
Program parameters: cplmain.cpl,2
3.2.3 System Function to Reboot the Panel
If, for example, you have specified a network drive as the archiving path, then the
user data must be stored before the Panel Runtime is started. If this is not the
case, a login dialog appears automatically.
A restart (reboot) of the Panel is required so that archiving can start after
successful login.
Configure a button for this purpose. Via the system function "StartProgram", you
can call the "OP Properties" directly in Runtime on the
Operator Panels via the program parameter "op_apl.cpl" and execute the "Reboot
function" under the tab "Device".
Configuration view
Figure 3-6
Program parameters
Program name: CTLPNL.exe
Program parameters: op_apl.cpl

Entry ID: 92346478, V2.0, 03/2021 33
3.2.4 Configuration: Open EXCEL/WORD File via a Network
The Comfort Panels have an integrated EXCEL/WORD Viewer. With the Viewer,
you can display Word documents created with WORD 2010, for example, via the
Panel.
To ensure that only authorized persons have access to the document, protect the
call of the function, e.g., via the "Security" button (user administration of the Panel).
You can call the EXCEL/WORD Viewer directly from Runtime of the Operator
Panel via the system function "StartProgram".
Configuration view
Figure 3-7
Program parameters
Program name: \\ComputerName\ShareName\NameFile.docx
\\hh-pc\01_ProductionData\01_PData.docx
3.2.5 Configuration: Specifying the Archiving Path
If you specify a network drive for archiving, the archiving path is created up as
follows.
\\Computer name\Share name
For this example:

\\hh-pc\02_MashineDocuments
Figure 3-8

Entry ID: 92346478, V2.0, 03/2021 34
3.3 Common Questions on the Subject of "Logging into the Panel"
3.3 Common Questions on the Subject of "Logging into

the Panel"
When is the user data stored on the Panel?
When logging into the Panel for the first time, the user data is immediately saved
on the Panel without a "reboot" of the Panel.
How can an existing user be deleted?

A logged-in user cannot be deleted directly via a system function. The current user
can be overwritten by entering a new user. Afterwards a "reboot" of the Panel is
necessary.
How does one delete the existing password?

A password cannot be deleted by a system function. The current password can be
overwritten by entering a new password (invalid). Afterwards a "reboot" of the
Panel is necessary.
What happens after the supply voltage is switched off?

The user data is stored in a "network fail-safe" manner.
How can different network shares be implemented?

If you have different network shares, then the logged-in user must have user
permissions for all network shares. Alternatively, enter new user data and perform
a "reboot" of the Panel.
When must a network share user be made known to the Panel?

Whenever user permissions are stored on the network drive, a login via the Panel
must be performed beforehand.
What happens to the login data after a project download?

You want to open an Excel file as described in Section 3.2.4 ("Configuration: Open
EXCEL/WORD File via a Network").
If the login data is permanently stored in the Control Panel, the data is retained
even after a project download (see Section 3.2.1).
If you enter the login data via the "automatic login dialog", then the data must be
entered again after a project download.
Why does the login dialog appear even though the login data is stored?
Ensure that the system time is identical between the Panel and the connected
PLC. To do this, perform a time synchronization.

Entry ID: 92346478, V2.0, 03/2021 35
4 Appendix
4.1 Service and support
4 Appendix
4.1 Service and support
Industry Online Support
Do you have any questions or need assistance?
Siemens Industry Online Support offers round the clock access to our entire
service and support know-how and portfolio.
The Industry Online Support is the central address for information about our
products, solutions and services.
Product information, manuals, downloads, FAQs, application examples and videos
– all information is accessible with just a few mouse clicks:
support.industry.siemens.com
Technical Support
The Technical Support of Siemens Industry provides you fast and competent
support regarding all technical queries with numerous tailor-made offers
– ranging from basic support to individual support contracts.
Please send queries to Technical Support via Web form:
support.industry.siemens.com/cs/my/src
SITRAIN – Digital Industry Academy

We support you with our globally available training courses for industry with
practical experience, innovative learning methods and a concept that’s tailored to
the customer’s specific needs.
For more information on our offered trainings and courses, as well as their
locations and dates, refer to our web page:
siemens.com/sitrain
Service offer
Our range of services includes the following:
• Plant data services
• Spare parts services
• Repair services
• On-site and maintenance services
• Retrofitting and modernization services
• Service programs and contracts
You can find detailed information on our range of services in the service catalog
web page:
support.industry.siemens.com/cs/sc
Industry Online Support app

You will receive optimum support wherever you are with the "Siemens Industry
Online Support" app. The app is available for iOS and Android:
support.industry.siemens.com/cs/ww/en/sc/2067

Entry ID: 92346478, V2.0, 03/2021 36
4 Appendix
4.2 Related literature

Table 4-1
Subject area Title
\1\ Siemens Industry http://support.industry.siemens.com
Online Support
\2\ Download page of https://support.industry.siemens.com/cs/ww/en/view/9234647
this entry 8
\3\ FAQ How can certain entries of the system control be started directly from
Runtime on the Operator Panel on a Comfort Panel?
https://support.industry.siemens.com/cs/ww/en/view/59885461
\4\ Application SIMATIC HMI Option+ (SIMATIC HMI Option+ Manager)
https://support.industry.siemens.com/cs/ww/en/view/109754400
4.3 Document history

Table 4-2
Version Date Change
V1.0 03/2016 First version
V1.2 01/2019 Note on operating system Windows 10, version 1709.
V2.0 03/2021 Section 2.7 Note about SIMATIC HMI+ Manager.
Chapter 3.2.1 Adapted ("Save Registry "; "Save Files").

Entry ID: 92346478, V2.0, 03/2021 37

WinCC TIA Archiving ServerNAS DOC v2.0 en

Uploaded by

Copyright:

Available Formats

WinCC TIA Archiving ServerNAS DOC v2.0 en

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

WinCC TIA Archiving ServerNAS DOC v2.0 en

Uploaded by

Copyright:

Available Formats

Data Storage on

SIMATIC HMI Comfort Panels, Sharing Network Drives

Server and file server access

Server and file server access

1 Data Storage on a Windows Server

Contents of the following sections

– Locating the computer name.

Server and file server access

2 User Administration and Sharing

only to the group.

CAUTION • You need administrative rights for making changes.

Server and file server access

Server and file server access

2.3 Creating Groups and Users

• In the taskbar, click

• Access the Computer Management via "Administration".

Server and file server access

• Select the "Local users and groups" menu.

Create new user

• Right-click the "User" folder.

Server and file server access

• Then click "Create".

• To enter another user, enter a new name in the "Username" field.

Server and file server access

Setting up a new group

• Right-click the "Groups" folder.

• To assign additional users to this group, click "Advanced" again in the

Server and file server access

To create another group, repeat subsections 1 and 2.

Server and file server access

2.4 Checking and Revising Groups/Users

Server and file server access

Server and file server access

2.5 Sharing Folders

Server and file server access

• Open the "Sharing" menu (1).

Server and file server access

• Enable the option "Share this folder" (1).

4. Permissions (existing permission)

By default, a user or group is entered in the "Group or username" field. In this

Server and file server access

• Select the "Everyone" group and click the "Remove" button.

6. • In the "Select Users or Groups" window, click

Server and file server access

8. View the selected "group".

Server and file server access

Server and file server access

11. Changing/extending the permissions

You can subsequently add additional "groups/users" or edit or delete

Server and file server access

2.6 Necessary Settings for Folder Security

Process for accessing the shared folder

Note "Local" permission is decisive for the access to the folder!

Server and file server access

Basic information about "Group or usernames"

What does this mean for security?

In the following section, the "2nd method" is described in detail.

Server and file server access

Create a new group assignment