Logins are associated with user accounts, and have a single password that provides access to GENESIS64 applications. Only an administrator should be allowed the ability to gain to the Security Server where security policies can be altered. When you open the Workbench if you are using Windows Active Directory as the validation method, then your Windows login serves as your authentication to GENESIS64 . If you are using the Security Server database as the validation method, or require access to the system under a user account that is different than your Windows login you will need to log into the system and provide your credentials. Once a user logs in, the login ID appears in the status bar in GraphWorX64.
Two Status Bars: Logged in ("Administrator") and "Not Logged In"
This topic contains the following discussions:
To log in or log out of any GENESIS64 application:
Click the application's File menu, then select Log In\Log Out, as shown in the figure below.
Note: There are icons available elsewhere in the application where you can elect to log in or log out; they work the same way as described here. For example, the GraphWorX64 status bar (for both runtime and configuration modes) shows the currently logged in user. Clicking in that area in the status bar opens the Security Login/Logout dialog. |
Log In\Log Out on an Application Main Menu
In the Security Login dialog box (shown below in its Basic and Advanced formats), enter the account name in the User Name text box and the current password in the Password field; then click the OK button. This logs you into the application. Other options available in this dialog box are described below.
Security Login Dialog Box in Basic Mode
Security Login Dialog Box in the Expanded Advanced View
Clicking the Keypad button opens the virtual keypad shown below. The keypad is particularly valuable for touch screen applications where no physical keyboard is provided.
Keypad Utility
If you wish to change an account password, you can do so by clicking on the Change Password button in the Log In/Log Out dialog box. You will need to enter the user name, current password, and the new password twice. You can also access the change password function from the context menu of the account icons in the navigation tree.
Change Password Dialog Box
You will also have to log back into the system if you have been locked out due to a period of inactivity exceeding the lock out period. If you find that the navigation tree's items are grayed out or that the applications are unresponsive to your keyboard input, try logging back into the system. The time out interval is set as an account policy by the Auto Logout After property in the Security application.
GENESIS64 can use either the Active Directory or the ICONICS Security Server database for authenticating users. This is a Global Setting that applies to all uses, so that one and only one authentication method exists. If you select Database in the Security mode list box in Global Security Settings, then the latter system is used. Otherwise, select Active Directory to use single sign on Windows domain authentication. The figure below shows these settings.
Security Mode Selection
If you have selected Active Directory, it is necessary to define the directory connection and provide the means by which user accounts in the Security Server are mapped to Active Directory user accounts. In the Security mode setting, select Active Directory to change the Active Directory Settings.
You will need to provide the domain name as well as an administrators account and password. You will also need to provide the mapping instructions for the identification field. The two choices shown above (SAMAccountName and userPrincipleName) refer to the name of the Account ID in the Active Directory or to the field used by the user as an identifier on the Internet for their account. Usually the userPrincipleName is entered by a user as username@domain.com, but not always. Once these settings are entered you can click Apply to enforce them.
ICONICS has put into place a fail safe system that will enable an administrator to gain access to GENESIS64 applications should he or she forget the password or have a login failure. This system is called "Security Challenge" and is initiated by clicking on the Challenge Security button, shown below, in the Workbench Home ribbon.
Challenge Security Button
The Challenge Security button opens the Security Challenge dialog box. Once this happens, take the following action:
Call ICONICS Technical Support and tell the ICONICS technician the string contained in the top text box.
The technician will be able to provide you with an answer, which you enter into the Answer field.
Click the OK button. This gives you one-time access to the system as an administrator.
Once you are back in the Workbench, resolve your security issues so that you are able to log back into the system a second time.
There may be times when a user account becomes locked, for example when a user exceeds the number of login attempts because he or she has forgotten the password. To unlock the user's account:
Go to Security Server.
In the Project Explorer, expand Users and double-click the user account. This displays the user's form. You can see that the user's account is locked because the Account Locked check box is selected.
Click the Account Locked check box to remove the check mark.
Click Apply. This unlocks the account; the user can now log in.
If the user has forgotten his or her password, give the user a new password, as described below in Changing a User's Password.
If a user has forgotten his or her password, give the user a new password by following these steps:
In the Project Explorer, right-click the user account. From the pop-up menu, select Change Password. This opens the Change Password dialog box.
Type the new password in the New Password and Confirm Password fields, then click OK.
Tell the user the new password so that the user can now log in. You might suggest that the user change the password to something only the user knows.
See also: