A station with an LDAP user service (from the ldap module) can still have “local” NiagaraAX users. In fact, the standard two “frozen” user accounts (admin “super user” and
guest user) are present in any of these user services, just as in the standard baja UserService component. More local users, if needed, can be added in the standard way—in the Ldap User Manager view, click the button, and so on.
Typically, local station users are rarely used, except for the possible initial “super user” level configuration of the station. However, often an additional local user is added, to use exclusively as a NiagaraNetwork “service user”. This service user would be referenced in other (remote) NiagaraAX stations, in the “ClientConnection” container of the NiagaraStation device that represent this station.
Although (in theory) an LDAP-sourced “service user” could be used, that is not recommended. Instead, create and use a local user as a service user. This makes the initial configuration of a NiagaraNetwork more straightforward. It also provides immunity from station-to-station communication issues that might arise, say from LDAP password expiration rules, or in the unlikely event of LDAP server problems.
The default view of any NiagaraAX LDAP user service is the Ldap User Manager.
This view is identical to the default User Manager view for the standard (baja) UserService, with only one addition: a “User Type” column (by default, selected to display). As shown in Figure 9, the value for each user is either “Local” or “LDAP”.
Apart from this, the Ldap User Manager functions exactly the same as the standard (baja) User Manager view for the management of all local station users. This includes “Password Configuration” properties for local station users. For related details, see “UserService” in the NiagaraAX User Guide.
One exception to this is the “network user” function, which is not applicable to any users under any LDAP user service—either
local station users or LDAP users.