Note
This mode is supported only by S7-1500 PLCs with firmware 3.1 or later.
Access protection via User Management can be activated for a PLC via performing the following steps:
- Assign one of the Access Protection Function Rights to a user via Assigning user rights for the PLC in the hardware declaration file.
An example user management configuration for access protection function right assignment could look like this:
{
"Devices": [
{
"Name": "Device1",
"Modules": [
{
"Name": "PLC_1",
"TypeIdentifier": {
"OrderNumber": "6ES7 516-3AP03-0AB0",
"Version": "V3.1"
},
"UserManagement": {
"Users": [
{
"Name": "User2",
"AssignedRoles": [
"DownloadCapableRole"
]
}
],
"Roles": [
{
"Name": "DownloadCapableRole",
"FunctionRights": [
"AccessProtectionFullAccess"
]
}
]
}
}
]
}
]
}
- In the example above, a single user named
User2is defined which is given the roleDownloadCapableRole. As this role is granted AccessProtectionFullAccess function right, this user is allowed to perform a download onto the PLC_1. -
As
User2is the only defined user, and as there is noAccessProtectionconfiguration defined in the hardware declaration file, all operations are prevented whenUser2and its password are not provided. -
Create the user and assign a password to the
User2via manage user credentials.