Configuring PI Data Archive Security

Learn how PI Identities and PI AF Identities are mapped to applications and active directory accounts and how custom permissions are configured for each of these identities

About this course

In this course, we will guide you on how to create a variety of PI ProcessBook displays, such as trends and bar graphs, to monitor your process. Additionally, this course leverages the power of the intuitive PI AF asset structures to enable you to display attributes of an asset, search in AF, and build element relative displays.

By the end of the course, you will be able to:

  • Create a custom PI System security plan that makes sense for your PI System.
  • Enable PI API and PI SDK applications to connect to your PI System.
  • Create security identities with minimal PI System permissions.
  • Map your incoming PI System connections to appropriate PI System identities.
  • Troubleshoot common authentication, permission, and connection problems.

Audience: This course is best suited for a PI System administrator who is responsible for setting up and maintaining how users and applications connect and authenticate with the PI System. It is designed to help perform security-related administrative tasks as well as introduce the tools available for common security management.

Level: Introductory

Time: Study 3-4 hours/week, for 3 weeks

Prerequisites: 

  • Basic knowledge of Windows Active Directory users and groups.
  • PI System Basics: typical PI System components and architectures, understanding PI Points, searching PI points

Students without prior knowledge of the PI System should review Chapter 1: PI System Basics of the PI System Administration workbook


Price: 

  • 259 USD: By signing up for this course you will have access to:
    • OSIsoft Engineers who can review your final project
    • Cloud Environment
    • Sharable certificate of completion that can be directly posted on LinkedIn (*To obtain the certificate of completion, you need to pass the final project.)

You can also audit the video lecture content on the OSIsoft Learning YouTube Channel. This does not include the exercises, supplementary readings, graded final project or certificate of completion. 

Software Requirements:

Once you register for this course, you will receive access to the learning cloud environment where you can practice the skills taught in this class. The environment will include the following software:

  • Access to AD users/groups
  • PI Data Archive 3.4.380 or later.
  • PI AF Server 2016 or later.
  • An interface using PI API and PI Buffer Subsystem 2016 or later.

Grading and Certification of Completion: Once you register for this course, you must select one of the final submission review periods below. During this period, our course facilitators will be available to review and grade your project. If you don't receive a passing grade in the first submission, you can re-submit your work again during the 1 week review period.

Final Project Submission Deadline

Event Date Spaces left
Configuring PI Data Archive Security (Final Project Due) - Virtual Oct. 28, 2019, midnight -
Nov. 1, 2019, 4 p.m. PDT
91

Course Outline

  • Getting Started
  • Key Course Information
  • Course Grading Scheme
  • Final Project Submission Deadline
  • How to Navigate This Course
  • Offline Course Videos for Blocked YouTube Users
  • Course Workbook
  • Launch Cloud Environment
  • Lesson 1 - Gaining Administrator Access
  • Knowledge Check: Gaining Administrator Access
  • Lesson 2 - Introduction to PI Data Archive
  • What are Identities, Mapping, & Trusts? (High Level PI Server Security Map)
  • Data Archive Security Deep Dive Map - Security Areas, Defaults and Customization
  • Lesson 3 - Online Courses's Example Security Model
  • Demo of Custom Data Archive Security Plan in Action
  • Knowledge Check: Who and What Else Needs Access?
  • Lesson 4 - Configuring Security
  • Configure Overall PI Data Archive Security for Users and SDK Applications
  • Knowledge Check: Granting User and Application Access
  • Setup Custom Security on PI Points for Both Users and Applications
  • Knowledge Check: Granting Access in Bulk
  • Configuring Minimum Permissions for PI Interfaces and Buffering
  • Knwledge Check: Securing Interface Access
  • Disable the Least Secure Authentication Options on Your Data Archive
  • Configure Windows Credentials for a Workgroup Interface Machine
  • Knowledge Check: Granting Access From Outside a Domain
  • Create, Map, and Grant Permissions to Custom Identities in AF Server 2015
  • Knowledge Check: Selectivity Secure AF Elements
  • Lesson 5 - Troubleshooting Security Issues
  • Basic Data Archive Security Troubleshooting - Check Common Errors and User Authentication
  • Advanced PI Data Archive Security Troubleshooting - Check Connections/Permissions in PI SMT
  • Final Project
  • Create a Custom Security Plan with out Online Course Security Plan Worksheet
  • Final Project: Create a customer security plan for your organization
  • Course Evaluation
  • How did it go?
  • Next Steps
  • Additional Resources

About this course

In this course, we will guide you on how to create a variety of PI ProcessBook displays, such as trends and bar graphs, to monitor your process. Additionally, this course leverages the power of the intuitive PI AF asset structures to enable you to display attributes of an asset, search in AF, and build element relative displays.

By the end of the course, you will be able to:

  • Create a custom PI System security plan that makes sense for your PI System.
  • Enable PI API and PI SDK applications to connect to your PI System.
  • Create security identities with minimal PI System permissions.
  • Map your incoming PI System connections to appropriate PI System identities.
  • Troubleshoot common authentication, permission, and connection problems.

Audience: This course is best suited for a PI System administrator who is responsible for setting up and maintaining how users and applications connect and authenticate with the PI System. It is designed to help perform security-related administrative tasks as well as introduce the tools available for common security management.

Level: Introductory

Time: Study 3-4 hours/week, for 3 weeks

Prerequisites: 

  • Basic knowledge of Windows Active Directory users and groups.
  • PI System Basics: typical PI System components and architectures, understanding PI Points, searching PI points

Students without prior knowledge of the PI System should review Chapter 1: PI System Basics of the PI System Administration workbook


Price: 

  • 259 USD: By signing up for this course you will have access to:
    • OSIsoft Engineers who can review your final project
    • Cloud Environment
    • Sharable certificate of completion that can be directly posted on LinkedIn (*To obtain the certificate of completion, you need to pass the final project.)

You can also audit the video lecture content on the OSIsoft Learning YouTube Channel. This does not include the exercises, supplementary readings, graded final project or certificate of completion. 

Software Requirements:

Once you register for this course, you will receive access to the learning cloud environment where you can practice the skills taught in this class. The environment will include the following software:

  • Access to AD users/groups
  • PI Data Archive 3.4.380 or later.
  • PI AF Server 2016 or later.
  • An interface using PI API and PI Buffer Subsystem 2016 or later.

Grading and Certification of Completion: Once you register for this course, you must select one of the final submission review periods below. During this period, our course facilitators will be available to review and grade your project. If you don't receive a passing grade in the first submission, you can re-submit your work again during the 1 week review period.

Live events

Final Project Submission Deadline

Event Date Spaces left
Configuring PI Data Archive Security (Final Project Due) - Virtual Oct. 28, 2019, midnight -
Nov. 1, 2019, 4 p.m. PDT
91

Course Outline

  • Getting Started
  • Key Course Information
  • Course Grading Scheme
  • Final Project Submission Deadline
  • How to Navigate This Course
  • Offline Course Videos for Blocked YouTube Users
  • Course Workbook
  • Launch Cloud Environment
  • Lesson 1 - Gaining Administrator Access
  • Knowledge Check: Gaining Administrator Access
  • Lesson 2 - Introduction to PI Data Archive
  • What are Identities, Mapping, & Trusts? (High Level PI Server Security Map)
  • Data Archive Security Deep Dive Map - Security Areas, Defaults and Customization
  • Lesson 3 - Online Courses's Example Security Model
  • Demo of Custom Data Archive Security Plan in Action
  • Knowledge Check: Who and What Else Needs Access?
  • Lesson 4 - Configuring Security
  • Configure Overall PI Data Archive Security for Users and SDK Applications
  • Knowledge Check: Granting User and Application Access
  • Setup Custom Security on PI Points for Both Users and Applications
  • Knowledge Check: Granting Access in Bulk
  • Configuring Minimum Permissions for PI Interfaces and Buffering
  • Knwledge Check: Securing Interface Access
  • Disable the Least Secure Authentication Options on Your Data Archive
  • Configure Windows Credentials for a Workgroup Interface Machine
  • Knowledge Check: Granting Access From Outside a Domain
  • Create, Map, and Grant Permissions to Custom Identities in AF Server 2015
  • Knowledge Check: Selectivity Secure AF Elements
  • Lesson 5 - Troubleshooting Security Issues
  • Basic Data Archive Security Troubleshooting - Check Common Errors and User Authentication
  • Advanced PI Data Archive Security Troubleshooting - Check Connections/Permissions in PI SMT
  • Final Project
  • Create a Custom Security Plan with out Online Course Security Plan Worksheet
  • Final Project: Create a customer security plan for your organization
  • Course Evaluation
  • How did it go?
  • Next Steps
  • Additional Resources