In any NiagaraAX station database, station users are represented as individual User components, located under the station's user service. Typically, you use the User Manager view of this service to add, modify, and delete users. Until recent station security changes, you were able to manually copy user components from one station to other stations. However, this method no longer works, due to more secure password storage. It also never provided change coordination. If an edit is needed for such a user, the same change had to be made to that user in each (separate) station. This was an inefficient process.

Solution: Stations are configurable to allow users to be added, modified, or deleted in one station, and then have those changes automatically replicated (or “synchronized”) in other stations. The term “network user” applies to these users. Related are configurable user “prototypes.” When adding users, prototypes can be used in network user “strategies” between station. Note these station user changes are standard, but optional—accomplished with additional slots on existing components.

To provide this functionality, there are areas of configuration changes in the station:

Every User component (user) in the station has 2 related configuration properties: Network User (boolean) and Prototype Name (string). Currently, prototype name matters only if the user is network user, as this can be used in a “sync strategy” for distributing changes to network users.

Related to this, the UserService has a frozen child container slot User Prototypes, with a frozen child “Default Prototype” user component. If establishing network users, you can duplicate and edit additional user prototypes. User prototypes currently have the same properties as users, and are seen in the Nav tree and in the property sheet of the UserService--but are not listed in the User Manager view. Instead, when you add a User, the new property “Prototype Name” provides a selection list of available prototypes.

In the User Manager view of the user service in any station, whenever you manually add a new user, property values in the Default Prototype are always used as defaults (regardless of whatever Prototype Name you may select in the Add dialog). In this way, the Default Prototype serves as a “template” to populate a new user’s properties (all except password). This can simplify user management even in a “non network user” scenario, to specify typical user property settings in the UserService’s Default Prototype. For more details see Default Prototype.

For more details on UserService items related to network users, see:

Each NiagaraStation (device component) under the station's NiagaraNetwork has a Users device extension, in addition to other standard device extensions like Points, Histories, Schedules, and Alarms. The Users extension contains properties that enable/configure network user synchronization “in” and “out” of this station, in relation to the station with its NiagaraNetwork. There is no special view (apart from property sheet) on this Users device extension, nor is it a container for other components.

Associated with this device extension is a view on the parent NiagaraNetwork: the User Sync Manager. This tabular view provides an aggregate look at all Users device extensions (one for each NiagaraStation). Each row represents a station, and columns lets you see every station's Users properties for sync configuration, sync status, sync “strategy,” and so on. You can select any or all rows for an edit dialog to make configuration changes, or issue manual sync commands.

User synchronization requires stations (Supervisor, JACEs) to be using compatible password storage mechanisms. So, for two stations to successfully synchronize user accounts, both stations must be running either “pre-update” builds, or 2013 update release or later builds (e.g. AX-3.8, AX-3.7u1, AX-3.6u4). Otherwise, a user sync from an AX-3.8 or AX-3.7u1 Supervisor to a station (JACE) running an earlier (pre-update) release will fail. The corresponding NiagaraStation’s Users device extension will also be in fault.

For more details on the “Niagara Network side” of network users, see these sections in the Drivers Guide: