Note
This mode is supported only by S7-1500 PLCs with firmware 3.1 or later.
PLC can be configured in this mode by applying access protection via access protection levels and access protection via user management at the same time.
An example PLC configuration could look like this:
{
"Devices": [
{
"Name": "Device1",
"Modules": [
{
"Name": "PLC_1",
"TypeIdentifier": {
"OrderNumber": "6ES7 516-3AP03-0AB0",
"Version": "V3.1"
},
"AccessProtection": {
"AccessLevel": "NoAccess"
},
"UserManagement": {
"Users": [
{
"Name": "User2",
"AssignedRoles": [
"DownloadCapableRole"
]
}
],
"Roles": [
{
"Name": "DownloadCapableRole",
"FunctionRights": [
"AccessProtectionFullAccess"
]
}
]
},
}
]
}
]
}
- In the example above, a single user named
User2is defined which is given the roleDownloadCapableRole. As this role is granted the AccessProtectionFullAccess function right, this user is allowed to perform a download to the plc. - As there is
AccessProtectionconfiguration withNoAccessvalue in the hardware declaration file, and asUser2is granted AccessProtectionFullAccess function right; PLC access is allowed only if- Access protection password is provided or,
User2and its password are provided.