1. To open the Resource Editor, highlight an application or area, right click, and then select Resource Editor.
You will be notified that using resource groups with mixed versions of FactoryTalk Services Platform may cause undesired results. If you have installed FactoryTalk Services Platform for the first time, and have no other versions of FactoryTalk Automation Platform installed, click Yes to continue.
The Resource Editor opens.
2. To add resources, click the Add Resources button and then select the resources you want for the application or area.
If you are using only network relative paths, ignore the options at the top of the dialog box.
If you are using logical names, use the options to view all the logical names for the resources in your in your system, or view only the ones you have not already assigned.
Click > to add a resource, and click < to delete a resource.
When you add resources for this area, they will appear here.
Click Add New Logical Name to create a new logical name, so you can add the logical name to an application or area.
Click Delete Logical Name to delete names that are no longer in use in the system, but are still visible in this window. This can happen if you added a logical name, but later removed the device associated with that name. If the logical name is in use, this button is disabled.
3. When you are done, click OK to close the dialog box.
Adding a logical name
A logical name is an alias that identifies a control network or device. You can use the logical name to provide a shorter or more intuitive name to identify a device instead of using its network relative path. Logical names also change the way devices inherit security permissions.
Why use logical names?
Control devices with identical logical names share security permissions across different control networks and across different computers, without requiring identical RSLinx Classic driver names or relying on identical network paths. For examples of how to use logical names, see Configuration scenarios for networks and devices and How logical names map to network relative paths.
You must define logical names in FactoryTalk Administration Console before configuring security for Logix5000 controllers. For details, see “Enable security for Logix Designer application” on page 97. For all other types of control hardware, you can choose whether to associate security settings with logical names or with network relative paths. You might choose to define logical names as aliases for control devices with multiple paths, to associate each instance of the device with a single set of security permissions.
1. To add a logical name, click the Add New Logical Name button and enter the logical name you want to use. For this example, use Oven05Temp.
The name cannot contain spaces or the $!:/\? characters
2. Select a resource or type the network relative path to a device. When you’re done, click OK in both windows to return to the Resource Editor.
What happens when you define a logical name?
If you define a logical name for a control device, the security system automatically uses the security permissions associated with that name, rather than with the device’s network relative path, to determine access permissions. After defining a new logical name, you must also establish security permissions for the control device. Be sure to define an identical logical name for the control device on each computer on the network that has access to the device, if the different computers have different relative paths to the device.
If you configure security on a control device identified by a network relative path, and then later you define a logical name for the device, the original security permissions are not lost; they remain associated with the path, but they do not transfer to the name. As a result, the original security permissions are no longer accessible, because security now attempts to access the security permissions using the name, not the path.
If you later change a control device’s logical name, the original security permissions remain associated with the first logical name. You must re-define security permissions for the device, to associate them with the new logical name.
Security can be assigned to either the logical name or the relative path, depending on the type of resource. For example, ControlLogix controllers only support logical name-based security — a ControlLogix controller must have a logical name assigned.
For RSLogix 5 and 500 controllers, the logical name is associated with the relative path and not the physical controller.
PLC-5 and SLC 500 controllers support both path-based and logical name-based security.
What happens when you undefine a logical name?
When you undefine a logical name, the security system automatically uses the security permissions associated with the device’s network relative path.
The logical name and its associated security permissions still exist in the security system after a name is undefined. For example, suppose the name “MyPLC1” is assigned to Device1 on Computer A and Computer B, and each computer has a different relative path to Device1. When a user attempts to perform an action on Device1 from either computer, the security system checks the permissions associated with “MyPLC1.”
Now suppose we undefine the name “MyPLC1” on Computer A, but leave it assigned on Computer B. If a user attempts to perform an action on Device1 from Computer A, security uses the permissions associated with the Device1’s network relative path. If a user attempts to perform an action on Device1 from Computer B, however, security uses the permissions associated with the logical name “MyPLC1.”
Do not undefine logical names for Logix5000 controllers. Because Logix5000 controllers do not have network relative paths, undefining a logical name can cause unexpected results. For details, see “Enable security for Logix Designer application” on page 97.
Where to go from here
Do one of the following:
Continue adding and configuring resource groups, if desired.
Go to Chapter 9 on page 85 to learn how to use FactoryTalk Security with RSLinx software.
Go to Chapter 10 on page 95 to learn how to use FactoryTalk Security with Logix Designer application to secure projects.
Go to Chapter 11 on page 115 to learn how to use FactoryTalk Security with FactoryTalk View SE.
Go to Chapter 12 on page 137 to learn how to use FactoryTalk Security with FactoryTalk View ME.
Go to Chapter 13 on page 161 to learn how to use FactoryTalk Security with FactoryTalk Batch components
Go to Chapter 14 on page 179 to learn about deploying a FactoryTalk system to runtime computers.