• Replies 4 replies
  • Subscribers 585 subscribers
  • Views 228 views
  • Users 0 members are here
Options
Related

Peer-Peer Win Network and Encryption, Deployment and License Server Redundancy Issues

Zachariah Hirschy

I have a network setup of three Win10 machines running Plant  SCADA 2023 with two as servers and one client. The machines are peer-peer and no domain or AD. This is an upgrade from Citect 2018. I can get the project to run, licenses from one machine to the other (have not setup client yet). But I cannot enable the server encryption, deployment servers or license server redundancy to work. I can get thru Configurator fine on both machines.

I know I could have multiple issues with each item, but trying to confirm if anyone has used these successfully on this type of network. I know that getting some services to work across this type of Win network is sometime not possible so I don't want to waste any more time if that is the answer here. I have already setup both machines to have identical users to get the Configurator to work.

I am currently working with tech support as well, but wanted to get some community advice.

Parents

  • For encryption in a Windows workgroup environment, you may have to create an identical user account with the same password on each machine and all machines should be logged in with the same user. Currently there is an issue with deployment server in this environment, where the current Windows session user is always used for authenticating a remote deployment client. 

  • in reply to Jacky Lang

    I did create the same user accounts on both machines and have them both logged in to an admin account with the same name and password. This did fix issues with getting Configurator to finish, but does not seem to work for encryption. I may have another issue, I did not really troubleshoot this one too far. I was getting some type of certificate error listed in the runtime project's hardware alarms.

    So have you successfully used encryption in this setup? If so then I'll continue digging deeper into the specific errors. Just don't want to waste the time if its a non-starter.

    Thanks

  • in reply to Zachariah Hirschy

    The other issue might be related to access to the certificate private key on the server side. Take a a look at IO or any other server processes' syslog or tracelog files where "failed to access private key" could be reported already.

    On the server machines, try to

    • Configure "Run Runtime Manager as a service" in Configurator
    • Run /x client if UI is required (it doesn't consume any license when it runs on a licensed server machine)

    The encrypted mode has been tested in the Windows Workgroup environment.

    If the problem persists, please reach out to Technical Support for a further investigation.

Reply
  • in reply to Zachariah Hirschy

    The other issue might be related to access to the certificate private key on the server side. Take a a look at IO or any other server processes' syslog or tracelog files where "failed to access private key" could be reported already.

    On the server machines, try to

    • Configure "Run Runtime Manager as a service" in Configurator
    • Run /x client if UI is required (it doesn't consume any license when it runs on a licensed server machine)

    The encrypted mode has been tested in the Windows Workgroup environment.

    If the problem persists, please reach out to Technical Support for a further investigation.

Children
No Data
© 2024 AVEVA Group Limited or its subsidiaries. All Rights Reserved.