Professional Documents
Culture Documents
BF Ref 241
BF Ref 241
Reference Guide
Document ID: BF-REF-241
Revision Date: September 2011
Copyright, Notices, and Trademarks
Release Information
Business FLEX: Release 241
Revision Date: September 2011
Business FLEX Database Version: BF241.0.00
Document ID: BF-REF-241
Contents
Security within Business FLEX 241 1
Overview 1
Who Should Use This Guide 1
Conventions Used in This Guide 1
Related Documents 2
Contact Us 2
Oracle Security 3
Introducing Security Administration 3
Introduction 3
Overview of Security Administration 3
Creating the First Security Administrator Application User 4
Oracle and Windows Users 5
Using the Security Configuration Forms 6
Introduction 6
Using the Change User Password Form 6
Using the Commit All Permissions Form 8
Using the Update a Role Form 9
Using the Update Users Form 10
Using the Menu Access Configuration Form 11
Using the Menu Caption Configuration Form 12
Using the Role Configuration Form 13
Using the Role Permissions Configuration Form 15
Using the User Profile Configuration Form and User Role Configuration Form16
Introducing TPI Administration 17
Configuring Permissions for the Business FLEX Application Server 17
Configuring the UNISERVER Permissions 17
Granting Permissions for the Application Server 17
Auditing 58
Overview 58
Auditing Details 58
Configuring the jobs for auditing 59
Configuring Application Audit Job 61
Configuring Purge Application Audit Job 63
Configuring Insert User Details Job 66
Enabling auditing of users 69
Viewing the auditing data 70
Overview
This document provides an overview of the various security models and security
settings that are required as part of the configuration of a complete Business
FLEX System.
This guide covers the settings required in Oracle (if installed), SQL Server,
Experion Application Framework (EAF), and the base platform.
TIP: Identifies advice or hints for the user, often in terms of performing a
task.
CAUTION Indicates a situation which, if not avoided, may result in equipment or work
(data) on the system being damaged or lost, or may result in the inability to
properly operate the process.
Related Documents
Further information about Business FLEX Database and related applications can
be found in the following documents.
Document Title
BF-INS-241 Business FLEX Installation Guide
TPI-ADM-USR- TPI Administration User Guide
241
SCO-USR-241 Business FLEX System Console User Guide
For more information on the other Business FLEX applications, see the
Documentation folder on the Business FLEX 241 Software DVD.
Contact Us
Please send any comments or questions to the Help Desk at
support@honeywell.com. Ensure that you type Business FLEX Security in the
subject line of your e-mail.
Oracle Security
Introduction
The Business FLEX Oracle security is divided into two functional areas:
the need to manage the system
the requirement to access data.
The first is the responsibility of the System Administrator. The second may be a
general requirement with users being restricted to specific subsets of access
based on roles. Roles are assigned functional levels of permission. Users may
belong to more than one role definition and inherit the highest level of
permission from each role.
Function Security
A role can be assigned to a specific function group or groups. If a user is not a
member of at least one role matching the list of required roles assigned to read,
write, or configure a particular function, the system will deny the attempted
access to that function.
Functions definitions are grouped together using the Function Group field found
on the Function Definition configuration form. The user must first define desired
Function Group names in the Plant Reference Model by using the Lookup Value
Configuration form.
UNISERVER User
The Oracle user UNISERVER is used by the Business FLEX Application
Scheduler for logging on to the Oracle database.
The name UNISERVER is used throughout this document, but any site-specific
name can be used, as long as the domain name and this name combined total 30
or fewer characters. UNISERVER needs to be a member of the Windows
Administrators group.
The Business FLEX database install/upgrade automatically adds the Oracle user
UNISERVER to the Business FLEX user table. The TPI COMMIT ALL
PERMISSIONS routine creates/activates the user in Oracle.
During installation/upgrade of the Business FLEX Database System, the
Windows user, UNISERVER, is configured to run the Business FLEX
Application Scheduler. UNISERVER is setup the same as the Windows user,
TOTALPLANT.
Introduction
The following summary shows which form to use to perform the security
definitions:
Task Business FLEX TPI
Application install or Attach Tables
upgrade.
Commit All Permissions
Create a new user(s), User Profile Configuration
assign existing roles.
User Role Configuration
Update Users
Create a new role, assign Role Configuration
existing users.
User Role Configuration
Role Permissions Configuration
Menu Access Configuration
Update Role
Assign an existing user to User Role Configuration
an existing role.
Update Users
Assign a new user to a new User Profile Configuration
role.
Role Configuration
User Role Configuration
Role Permissions Configuration
Menu Access Configuration
Commit All Permissions
Change logon password. Change User Password
Change roles assigned to a User Role Configuration
user.
Update User
Change role permissions. Role Permissions Configuration
Update Role
Change menu access for a Menu Access Configuration
role.
Deactivate a user. User Profile Configuration
Update User
Fields
The following fields appear on the Change User Password form. The asterisk (*)
indicates mandatory fields.
In this field… Do this…
*User Name Enter the user for which you want to change the password. A list
of values is available.
The password can be changed only for password authenticated
users.
*New Password Enter the new value for the user password. Passwords can
consist of upper and lower case letters ( A-Z ), numbers ( 0-9 ),
the underscore ( _ ), a period ( . ) and a hyphen ( - ).
*Verify Enter the new password again to prevent typing mistakes.
Buttons
The form does not close until you click Close. This allows you to change several
users' passwords without re-opening the dialog each time.
Note: New users do not exist in the system and cannot have their passwords
changed until the user has been established by clicking Update Users, Update a
Role, or Commit All Permissions on the Database Administration form or from the
Security Administration application.
Buttons
The following buttons appear on the Commit All Permissions form:
Click this… To do this…
Commit All Update the roles, users, and permissions defined in the
Permissions application security system.
Cancel Close the form without making the change.
A log file, BFX_SECURE.LOG, is created in the Log Files folder located under
the main Business FLEX folder whenever Commit All Permissions is executed.
Fields
The following fields appear on the Update a Role form. The asterisk (*) indicates
mandatory fields.
In this field… Do this…
*Role Name Select the role for which you want to update permissions.
A list of values is available and is validated against the
Role Configuration form.
Buttons
Buttons
The following buttons appear on the Update Users form:
Click this… To do this…
Update Users Update user permissions.
Cancel Close the Update Users form without making the change.
Buttons
The following fields appear on the Menu Access Configuration form. The
asterisk (*) indicates mandatory fields.
In this field… Do this…
*Role Select the role name for which the menu item is enabled. Only
entries configured using the Role Definition form appear in the list.
*Menu Item Select the menu item name of the form or report enabled for the
role. The menu item names in the list are restricted to licensed
products.
Fields
The following fields appear on the Menu Caption Configuration form. The
asterisk (*) indicates mandatory fields.
In this field… Do this…
*Language Select the multi-language file that contains the menu caption.
*Menu Item Select the menu item name for the form or report. The menu item
names in the list are restricted to licensed products.
Help File Enter the help file document that opens when you press F1 or enter
“N/A” if there is none.
Context ID Nothing. This field is not used.
*Menu Caption Enter the actual menu item text that appears on the main menu.
Status Bar Text Enter the text that appears at the bottom of the Microsoft Access
window when the menu item is selected.
The “SA ROLE CONFIGURATION” function assigns insert, update, and delete
permissions to this form in the Role Permissions Configuration form and assigns
menu access to this form in the Menu Access Configuration form.
Following is the Role Configuration form:
You can click the Initialize Role button on the title bar and grant full
permissions/full menu access to the application for a role. This is not usually
recommended with roles other than the FULLPERMISSION role. However, you
can use this method to simplify the process of adding a large number of
permissions and menu access to a role. Instead of adding a long list of
permissions, you need to remove only the unwanted permissions for the role.
You can use the “SA INITIALIZE ROLE” function to grant insert and delete
permissions in the Role Permissions Configuration form to any role assigned to a
user who uses the Initialize Role button. If the user’s role is granted insert and
delete permission for the “SA MENU ACCESS” function and the “SA ROLE
PERMISSIONS” function, then you do not need to grant insert and delete
permission on the “SA INITIALIZE ROLE” function.
Fields
The following fields appear on the Roles Configuration form. The asterisk (*)
indicates mandatory fields.
In this field… Do this…
*Role Enter the name assigned to a group of security and menu access
permissions. You cannot change or delete this field value if
dependent definitions exist. Only characters A-Z, 0-9, and _ are
valid entries for role names.
*Description Enter additional descriptive text to describe the role definition.
The ability to select or retrieve data is implied with the above functions and is
implicitly granted on all forms to all roles. The Menu Access Configuration form
is used to permit or prevent access to specific forms and reports, while the Role
Permissions form is used to define the type of data manipulation permitted on
those forms. The “SA ROLE PERMISSIONS” function assigns insert, update,
and delete permissions to this form in the Role Permissions Configuration form
and assigns menu access to this form in the Menu Access Configuration form.
Fields
The following fields appear on the Role Permissions Configuration form. The
asterisk (*) indicates mandatory fields.
In this field… Do this…
*Role Select the role name granted to the function and permissions.
Only entries configured via the Role Definition form appear in the
list.
*Function Select the application form or function on which the permission is
granted. Only the functions for which the application is licensed
appear in the list of allowed functions.
Insert Select insert authority for the role. A indicates that the role has
insert authority for the selected function.
Update Select update authority for the role. A indicates that the role has
update authority for the selected function.
Delete Select delete authority for the role. A indicates that the role has
delete authority for the selected function.
Introduction
SQL Server is the database used by Experion Desktop Server and many of the
Business FLEX applications. The following section describes the recommended
path for users to follow when installing Business FLEX 241 applications that will
run against the Experion Desktop Server.
In Summary
There is a problem when using <Identity impersonate=”true” /> in a web
application. When trying to load a satellite assembly, for example, for user with
locale fr-FR (after an IISReset), the assembly cannot be found if the user is not a
local administrator on the machine. So the user just gets the default resources,
rather than those of fr-FR. Once a user who has write access to the temporary
ASP.NET folder (that is, a local administrator) (same fr-FR locale) tries to load
the satellite assembly, it succeeds. Then all subsequent users of fr-FR locale see
the correct satellite assembly.
Workaround
Microsoft recommends that the impersonated identity Write and Modify
permissions on the Temporary ASP.NET Files folder. For Business FLEX
applications this would involve giving web server connected users access to this
folder.
10. Provide the credentials in the Username and Password fields and click
Update. Alternatively select the Use Windows Integrated Authentication option
and click Update.
This completes the task of associating a user to a data source.
The same steps as above can be followed to assign a security role directly to a
user.
7. Select the role from the Available list and click the > button to move the role
to the Associated list. Click the Update button to associate the list of roles in
the Associated list to the data source.
10. Provide the credentials in the Username and Password fields and click
Update. Alternatively select the Use Windows Integrated Authentication option
and click Update.
This completes the task of associating a role to a data source.
If this account does not have CoreAdmin rights, users may see errors messages
indicating “User is not a security administrator”.
1. Create the ASPNET worker process user in TPI (either ASPNET or Network
Service depending upon operating system – see previous note).
Note: If you are trying to create the NETWORK SERVICE account in TPI
be aware that TPI does not support the direct entry of names with spaces
(although these domain names are valid). To get around the issue, it is
recommended that the NETWORK SERVICE name be copied into the TPI
form from NOTEPAD or some other application.
2. Put Node Name in Domain Name field.
3. Grant FULLPERMISSION role to this account.
4. Run Update users.
Tag Security for all tags being written to from web-enabled version of OMOI
must be granted to the ASPNET worker process account.
Introduction
The asset-based security capability extends security configuration to allow the
assignment of security entitlements to perform tasks based on the equipment
hierarchy. Using the asset-based security configuration, it is possible to grant
someone a role or Application Operation for selected units in the plant hierarchy
so, for example, that they will be able to approve shift summary reports for only
selected units and not all units in the plant.
Users that are authorized to perform a task for a unit, generally are
authorized to perform that task for all of the equipment that are part of that
unit.
To facilitate effective configuration, you first identify which equipment in the
Plant Reference Model will serve as assignable assets. Equipment identified as
such are imported into Experion Application Framework and are used to form the
basis for security configuration. The security settings configured for an
assignable asset are inherited by its children in the equipment hierarchy, as long
as those children are not themselves assignable assets. 1
Example
An example of an abbreviated plant hierarchy is shown below:
North Area
Unit 1
Equipment A
Equipment B
Unit 2
Equipment C
Equipment D
Unit 3
Unit 4
Designating North Area as the only assignable asset would cause all equipment
in Units 1, 2, 3, and 4 to use the security assignments made against the North
Area.
If in addition, Unit 2 was identified as an assignable asset, then Equipment C and
D would use the same security assignments as those on Unit 2, while Unit 1, 3, 4
and the equipment in each of these units would use the security assignments
made against the North Area.
Only those equipment entities that have been identified as assignable assets can
have security settings assigned to them in Experion Application Framework.
While each of these assignable asset, equipment entities may receive different
security assignments, they may also share many assignments. The Experion
Application Framework hierarchical security configuration provides convenient
options for propagating security across a number of assignable asset, equipment
entities.
The primary difference between an equipment entity identified as an assignable
asset and one that is not, is that the equipment entity without the assignable asset
designation will always have security evaluated based on the assignments that
1
Stated another way: If you do not designate an equipment entity as an assignable
asset, it will inherit the security settings from its closest parent equipment that is an
assignable asset.
have been applied against its nearest ancestor in the PRM that holds an
assignable asset designation.
The second way to identify equipment used for security assignments is to assign
the SECURITY_ASSET attribute to the equipment entities in the Equipment
Configuration form as shown in the following figure.
Considerations
When identifying which equipment will be used to for security assignments, it is
important to consider a number of factors:
What level of granularity is needed for security assignments?
Fewer equipment identified for security assignments will yield better
performance, while,
More equipment identified for security assignments will allow for more
granular assignment of security entitlements.
The topmost ASSET node in the Plant Reference Model is not enabled for
security assignments. If you have multiple equipment that appear directly
below ASSET, security assignments will have to be done against each one.
A new parent equipment may be created below ASSET that can act as
hierarchy parent to these other equipment entities.
If the topmost equipment entity is not designated as an assignable asset, there
will be no way to associate security with that equipment entity.
Security authorization decisions are based on the equipment hierarchy that has
been synchronized with EAF. As a result, it is important to synchronize the
equipment hierarchy after changes are made to the PRM equipment hierarchy.
TIP: The only changes synchronized with Experion Application Framework are
those that reflect the hierarchical nature of the equipment model (parent/child
relationships) for equipment entities that have been identified as assignable
assets. It is not necessary to synchronize the PRM with Experion Application
Framework for other changes.
Procedure
The following figure shows the EAF Administration - Security display - HS
Synchronization tab. This is where synchronization between the PRM and
Experion Application Framework is performed.
Only users who have the EAF CoreAdmin role and who have permissions to
read from the BaseBFDatabase database instance (where the PRM is stored) can
perform the synchronization tasks.
In the HS Synchronization tab selected, select the ASSET hierarchy in the
Hierarchy Name list, and ensure that the BaseBFDatabase is selected in the
Datasource field. If this data source is not selected, select it from the list and
click Update.
There are two ways in which the PRM can be synchronized with Experion
Application Framework.
Bulk Loadis used to initially load the PRM into the Experion Application
Framework (Initial Load option) or to replace the PRM and all security
assignments (Force Load option).
CAUTION The Force Load option will remove all existing security assignments. If you
wish to import changes made to the PRM into Experion Application
Framework while preserving existing security configuration, use Bulk
Synchronization.
Only those applications that support asset-based security are shown in the
Applications list in this tab. To enable asset-based security, select the appropriate
applications in the Applications list and click the Enable Application button. At a
later time, if you wish to revert to system wide role-based security, this same
configuration screen can be used to Disable asset-based security for a selected
application.
The Configured Permission region (on the right side of the display) shows the list
of security assignments, and also serves as the location for making or changing
security assignments for the selected person/group and is described in the
following paragraphs.
With an equipment entity and one or more roles are selected, the Add button
is enabled. Clicking Add assigns the selected roles for the selected equipment
to the person/group.
Select the Enable Propagation option to make the same assignments for all
child equipment. If propagation is not enabled, the security assignments
apply only to the selected equipment entity and its children that are not
assignable assets. If propagation is enabled, the security assignments will
apply to all child equipment (whether or not the child equipment entities are
assignable assets).
The Configured Permissions list is where the list of security assignments
for the selected equipment can be viewed, as well as where changes to
security assignments can be made. Security assignments with a white
background are security assignments that have been made directly against the
selected equipment entity. Security assignments with a gray background are
security assignments that have been propagated from an equipment that is
higher in the equipment hierarchy.
Propagation can be changed by selecting or deselecting, one or more
assignments in the Propagate column, and clicking Update Propagation.
A security assignment can be removed by selecting the associated Delete
option and clicking Delete Checked Items.
Note: For propagated security assignments, the only change that can be made is
to change the propagation. On an inherited security setting, you can stop
propagation to assignable asset equipment that is lower in the hierarchy by
deselecting the associated Propagate option, and clicking Update Propagation.
Example
Following is an example of a fictitious equipment hierarchy that has been loaded
into the Experion Application Framework. Only assignable assets are shown.
WESTHOLLOW
ALUMINA
OPERATION CENTRE 1
DIGESTER UNIT 2
OPERATION CENTRE 2
FILTER UNIT 1
CHEMICALS
…
Next, the OIAuthorizer role is granted to Ed for only the equipment in the
ALUMINA area.
1. In the Item Tree, select ALUMINA.
2. In Application Operations list, select the OIAuthorizer role.
3. Clear the Enable Propagation option and click Add.
The results are shown in the following figure.
With the Enable Propagation option cleared when the OIAuthorizer role is
granted to Ed Engineer, Ed receives the OIAuthorizer role for only the
ALUMINA equipment entity and for the equipment in the ALUMINA area that
have not been designated as assignable assets. Note: The OIUser operation that
was propagated from the WESTHOLLOW equipment is also shown and appears
with a gray background indicating an assignment that was inherited.
Next, grant Ed the OIAuthor role for all equipment in OPERATION CENTRE 2.
1. In the Item Tree, select OPERATION CENTRE 2.
2. In Application Operations list, select the OIAuthor role.
3. Select the Enable Propagation option and click Add.
The results are shown in the following figure.
With Enable Propagation selected when the OIAuthor role is added, Ed is granted
the OIAuthor role for all equipment in OPERATION CENTRE 2.
The following figure shows that both the OIUser and OIAuthor propagated
permission on FILTER UNIT 1.
Security authorization decisions are based on the KPI hierarchy that has been
synchronized with EAF. As a result, it is important to synchronize the KPI
hierarchy after changes are made to the KPI definitions hierarchy using the KPI
Definition user interface.
TIP: The only changes synchronized with Experion Application Framework are
those that reflect the hierarchical nature of the KPIDefinitions tree (parent/child
relationships). It is not necessary to synchronize the KPI with Experion
Application Framework for other changes like the changes in other hierarchies.
For example, KPI Groups and KPI Templates.
Procedure
The following figure shows the EAF Administration - Security display - HS
Synchronization tab. This is where synchronization between the KPIDefinitions
hierarchy and Experion Application Framework is performed.
Only users who have the EAF CoreAdmin role and who have permissions to
read from the BaseBFDatabase database instance can perform the
synchronization tasks.
In the HS Synchronization tab, select the KPIDefinitions hierarchy in the
Hierarchy Name list, and ensure that the BaseBFDatabase is selected in the
Datasource field. If this data source is not selected, select it from the list and
click Update.
The two methods for synchronizing the KPIDefinitions hierarchy with Experion
Application Framework are Bulk Load and Bulk Synchronization.
Bulk Load is used to initially load the KPIDefinitions hierarchy into the Experion
Application Framework (Initial Load option) or to replace the KPIDefinitions
hierarchy and all security assignments (Force Load option). The Initial Load
option is disabled after the first bulk load operation.
CAUTION The Bulk Load option removes all existing security assignments enabled for
the KPIs. If you need to import changes made to the KPIDefinitions hierarchy
into Experion Application Framework while preserving existing security
configuration, use Bulk Synchronization.
Only those applications that support Hierarchical Security are shown in the
Applications list in this tab. To enable Hierarchical Security, select the KPI
Manager in the Applications list and click the Enable Application button.
Note: The HS Application tab is also used if, at a later time, you need to revert to
system wide role-based security. In that case, click Disable Application to disable
Hierarchical Security for KPI Manager.
The following table describes each security role and its privileges for KPI
Manager:
Example Overview
Following is an example of a fictitious KPI hierarchy that has been loaded into
the Experion Application Framework. Only secure KPIs are shown.
KPI Definitions
Area_1
Area_2
Area_3
Area_4
Area_5
Blend1-M
The following table describes the security entitlements required for KPI User1.
Role… To obtain the privileges of… In order to view…
KPIApprover KPIView Unapproved and Unapproved period records to approve
KPIView roles. them
The approved period records.
A period-to-date record.
KPIView KPIView role. The unapproved records but cannot
Unapproved approve them.
The approved period records.
A period-to-date record.
KPIView KPIView role. The approved period records.
A period-to-date record.
The following examples describe how you can configure these security
entitlements.
Note: If you want to add the KPIApprover role to all the child KPIs under
Area_3, select the Propagate option in the KPIApprover role and click Update
Propagation.
Note: The KPIView role that was propagated from KPI Definitions is also shown
and appears with a gray background. This indicates that the KPI period Area_3
and all its child KPIs can be viewed and approved.
If you want to add the KPIViewUnapproved role for the child KPIs under
Blend1-M, select the Propagate option in the KPIViewUnapproved role and click
Update Propagation.
Note: The KPIView operation that was propagated from KPI Definitions appears
with a gray background. This indicates that the KPI period records can be viewed
but cannot be approved as the role KPIApprover role has not been added.
TIP: When a role is added to a parent KPI, if you want to propagate the same
role to all of its children, select the required role in the Applications Operations
list for the parent. Select the option Enable Propagation and click Add. The role
is added to the parent KPI and propagated to all its children.
Workspace Security
Overview
By default all users that connect to the Experion Desktop Server will see the
Administration menu in the list of Installed Products. The following steps
describe how to secure the Administration workspace, workbooks and
worksheets, by hiding the menu from the default view. (See the Experion
Application Framework documentation for more details.)
Virus Scanning
Honeywell provides extensive documentation for customers on suggested virus
scan packages and also documents versions that have been included in our
testing. For details on the virus scanning options, consult
http://hpsweb.honeywell.com/; in Quick Links, click Microsoft Security
Information, then AntiVirus Information in the security information menu.
following links: Current Month Microsoft Security Updates and All Previous
Microsoft Security Updates. Business FLEX application information is
contained under the Uniformance groupings.
The reader is advised to check these updates prior to installing a Microsoft
security fix to ensure it has been properly validated by Honeywell.
4. Click the Add button and add the appropriate aspnet worker process account
(Windows 2000 Server - Machinename\ASPNET or for Windows 2003
Server - Machinename\Network Service) and give Full Control access for
this account as shown in the following figure.
Auditing
Overview
Auditing functionality enables tracking, recording, and reporting the total number
of named users who use the system. The auditing of users is performed only for
web applications. Service users or clients such as TPI, OMOI desktop tool, and
PB clients are not included for auditing.
The auditing information helps to understand the following.
When the user logged in to the system first time in a day?
Number of times the user has connected to the system in a day.
Auditing Details
Auditing displays the following details:
User Name
Application Name
Login Date and Time
Client IP Address
Auditing happens once for each session. Updating the existing records does not
happen during auditing. Whenever user opens the application in a new internet
explorer or a new session is created, a new record is inserted to a database table.
The following tables are created in the base components database for performing
auditing.
The BC_ApplicationAudit table contains the records of each user along with
the login date and time, application name and the IP address for each new
session created. The records can be viewed in the Business FLEX System
Console under the Application Audit node
The BC_ApplicationAuditHistory table contains the records of each user
along with the application name, first login, last login time, and the number
of times the application is used for a particular user. The records can be
viewed in the Business FLEX System Console under the Application Audit
History node.
The BC_AuditSummary table contains the consolidated data of each user
along with the user name, first login time, last login time, and the number of
times the user has connected in a day. The records can be viewed in Business
FLEX System console under the Audit Summary node.
NOTE: No separate reports are developed for viewing the auditing details. The
auditing records can be viewed through the Business FLEX System Console.
Refer to the Business FLEX System Console User Guide for viewing the data.
In Business FLEX., following applications are included for auditing.
Experion Desktop Server
Operations Monitoring
Operating Instructions
Operations Logbook
KPI Manager
Blend Management
Production Balance
If you want to change the configuration of the jobs, you can change and save it.
8. Choose an interval in the Occurrence section of the Job Details tab. The
available options are: Once on and Recurring.
9. If you select Once on option, choose from list the desired date and time.
Go to step 11.
If you select Recurring, click Edit to open the EditRecurringJob dialog
box. Select the desired Occurs, Frequency, and Duration options. The
Frequency (Time Frequency) and the Duration sections change depending
on the selected Occurs option.
By default, the Start date and time in the Duration section takes the
current date and time. However, ensure that the Start time is always
greater than the current time.
It is recommended to set the scheduler to run every day.
10. Click OK to save and close the Edit Recurring Job dialog box.
11. Click Save to save the new job details.
A confirmation message is displayed on successful saving of the tree data
details.
12. Click OK. You can view the new scheduler job (created in the Job Details tab)
in the Job Summary tab.
JobName PurgeApplicationAudit
Type Assembly
Execution String <Drive>:\Program Files\Honeywell\Experion PKS\Application
Framework\Desktop\Bin
\Honeywell.HPI.Common.ApplicationAudit.dll
Parameter <MethodInfo Name='PurgeApplicationAudit' Type='Method'
NameSpace='Honeywell.HPI.Common.ApplicationAudit'
ClassName='ApplicationAuditHistory'> <Parameters><Parameter
Type='System.String'>HPI</Parameter><Parameter
Type='System.String'><Drive>:\Program Files\Honeywell\Business
FLEX\HPI\WFL\Data\DDAObjects1.xml
</Parameter></Parameters></MethodInfo>
8. Choose an interval in the Occurrence section of the Job Details tab. The
available options are: Once on and Recurring.
9. If you select Once on option, choose from list the desired date and time.
Go to step 11.
If you select Recurring, click Edit to open the EditRecurringJob dialog
box. Select the desired Occurs, Frequency, and Duration options. The
Frequency (Time Frequency) and the Duration sections change depending
on the selected Occurs option.
By default, the Start date and time in the Duration section takes the
current date and time. However, ensure that the Start time is always
greater than the current time.
It is recommended to set the scheduler to run every day.
10. Click OK to save and close the Edit Recurring Job dialog box.
11. Click Save to save the new job details.
A confirmation message is displayed on successful saving of the tree data
details.
12. Click OK. You can view the new scheduler job (created in the Job Details tab)
in the Job Summary tab.
JobName InsertUserDetailsJob
Type Assembly
Execution String <Drive>:\Program Files\Honeywell\Experion PKS\Application
Framework\Desktop\Bin
\Honeywell.HPI.Common.ApplicationAudit.dll
Parameter <MethodInfo Name='InsertOrUpdateUserDetails' Type='Method'
NameSpace='Honeywell.HPI.Common.ApplicationAudit'
ClassName='UserDetails'> <Parameters><Parameter
Type='System.String'>HPI</Parameter><Parameter
Type='System.String'><Drive>:\Program Files\Honeywell\Business
FLEX\HPI\WFL\Data\DDAObjects1.xml
</Parameter></Parameters></MethodInfo>
8. Choose an interval in the Occurrence section of the Job Details tab. The
available options are: Once on and Recurring.
9. If you select Once on option, choose from list the desired date and time.
Go to step 11.
If you select Recurring, click Edit to open the EditRecurringJob dialog
box. Select the desired Occurs, Frequency, and Duration options. The
Frequency (Time Frequency) and the Duration sections change depending
on the selected Occurs option.
By default, the Start date and time in the Duration section takes the
current date and time. However, ensure that the Start time is always
greater than the current time.
It is recommended to set the scheduler to run every day.
10. Click OK to save and close the Edit Recurring Job dialog box.
11. Click Save to save the new job details.
A confirmation message is displayed on successful saving of the tree data
details.
12. Click OK. You can view the new scheduler job (created in the Job Details tab)
in the Job Summary tab.