 |
UaGateway
1.4.4.357
|
|
UaGateway
1.4.4.357
|
The Administration Tool is a graphical user interface to configure general settings of the UaGateway itself. The Administration Tool can only be started with administrator privileges.
Directly after installation the setup procedure will startup the Administration Tool. You must configure the basic settings regarding UA Certificates of the UaGateway and you must choose the User Context the UaGateway service will run in. For more information, see the section Initial Startup of the Administration Tool.
The settings which can be performed using the Administration Dialog are grouped into seven tabs:
Change autostart settings, set the user context for the UaGateway service, change configuration permissions, enable/disable remote DCOM access.
Specify log-on settings, add, remove and configure UA Endpoints for the UaGateway’s UA Server.
Configure the OPC COM DA Server: set the default namespace, configure property mapping of COM DA properties to UA attributes.
Configure the OPC COM AE Server: set the default namespace, configure the mapping of OPC UA event types to COM A&E categories and OPC UA event fields to COM A&E attributes.
Enable/disable the different OPC client channels like COM DA client, UA client, XML-DA client, COM A&E client or COM HDA client.
Configure namespace prefixes to be used to construct unique COM ItemIDs.
Start/stop the trace of UaGateway application and UA Stack.
Each tab (except of the “Certificates” tab) contains two buttons at the lower right corner:
To apply the changes made using the Administration Tool, press the button “Apply”, pressing the button “Revert” reverts the dialog window to the currently active settings. A dialog window containing a warning about unsaved changes will appear when changing to another tab or closing the Administration Tool.
Any changes made take no effect until you restart the UaGateway. If you press the “Apply” button while the UaGateway is running, you’ll be asked if you’d like to stop it now. After choosing “Yes”, another dialog window will inform you about the changes being applied and ask you if you’d like to restart UaGateway.
Here, you can configure the autostart behaviour of UaGateway. Select “UaGateway Runtime Process” to automatically start the UaGateway Service when starting the computer, and select “Notification Area Icon” to start the Notification Area Icon when a user logs on. For further information see Notification Area Icon of UaGateway.
The UaGateway runs as Windows NT service. A specific user context is assigned to this service to allow proper COM/DCOM configuration. The user you select is assigned to the UaGateway service. In addition, the user is granted the LogOnAsService right (to allow him/her to start the service) and is added into a local user group (“UaGatewayUsers”). This group is added to the Access Control List (ACL) of the local machine. For proper COM/DCOM configuration you now just need to add all users that should be able to start and access the UaGateway to this group.
It is possible to allow only certain users to change the configuration of UaGateway, i.e. to add or remove connections to underlying servers. You can choose between the following settings:
Everyone (including the UA anonymous log-on) connecting to UaGateway can perform configuration changes.
Ony local users and users from the same domain can change the configuration.
When checking “Allow Remote Connection to UaGateway OPC COM Server”, DCOM port 135 and the UaGateway executable are added to the firewall exception list.
When “Allow starting UaGateway by DCOM Clients” is disabled, DCOM clients cannot start UaGateway. In this case, UaGateway can still be started or stopped using the Notification Area Icon or the start menu entries.
Here you can set if the UaGateway should register at the Local Discovery Server.
The UA Endpoint is the connection information a UA Client needs to connect with UaGateway. The following paragraphs describes the UA Endpoint Configuration using the Administration Tool.
Use the check boxes to specify which log-on methods a client can use to connect to your UaGateway.
Here, you can perform all required settings for different UA Endpoints. By default the endpoint configuration is set to standard values. It is represented by one single UA Endpoint that offers three security options: None, Basic256 and Basic256Sha256.
The None security policy allows every UA Client to connect to the UaGateway, it is recommended to use this configuration just during commissioning and testing, in a production environment this configuration should be switched off.
The different configuration elements are described in the following paragraphs.
The supported security settings of the Endpoint can be configured here. Check the boxes in front of the security policies that should be allowed for a specific Endpoint. For policies other than None, the available message security mode(s) must be specified. Signing ensures that messages cannot be changed and are exchanged between the applications that have established the communication. Encryption ensures that nobody can read the messages.
Some of the OPC UA security checks are optional in OPC UA or cause interoperability issues with older OPC UA clients. Check the box in front of an override to activate it.
The following paragraph describes the configuration of the COM DA Server of the UaGateway using the Administration Tool.
ItemIDs of the COM DA Server are constructed of the namespace URI and the identifier of the variable node in the OPC UA address space. The namespace part can be omitted for a specified namespace. In the drop-down box “Default NameSpace” the default namespace can be set to a namespace of an underlying OPC Server. The ItemIDs of that particular namespace will then be accessible using the identifier only, because the default namespace is internally automatically added when accessing the Item. This feature can be used to avoid reconfiguring all ItemIDs in the Client that accesses the UaGateway’s Server used as tunnelling solution for an underlying COM DA Server and to preserve the ItemIds of the original COM DA Server.
In the second drop-down box, the Timestamp Source can be set. The following options are available:
If “Browse Next Level for Variables” is selected, COM DA2 and DA3 browsing is forced to investigate the next deeper level for browsing. This means that browsing will go down into leafs/variables, not only branches/folders. Variables with children will be shown as folders.
When connecting to the OPC COM DA Server of the UaGateway, all six standard properties (DataType, Value, Quality, TimeStamp, AccessRights and ScanRate) are mapped automatically. Underlying OPC Servers may provide additional properties (e.g. user defined properties, DI properties, etc.) Those properties can be mapped to vendor specific properties (PropertyID ≧ 5000) in the UaGateway’s COM DA Server.
These vendor specific PropertyIDs are assigned automatically when the properties are requested for the first time. You can use this dialog to change the assigned PropertyIDs or to configure how the OPC UA properties in the UaGateway’s address space should be mapped to COM DA vendor specific properties. You must specify the UA side property name and the namespace of the property in the UaGateway and assign them to COM DA PropertyIDs. When connecting to the COM DA Server of the UaGateway you can QueryAvailableProperties of an individual OPCItem and you will see the mapped properties as configured (in the range of vendor specific PropertyIDs above 5000).
To add or remove a specific property, press the buttons “+” or “-”. To change the content of a certain field, double-click on it and enter the desired values. Double-clicking on a value in the column “UA Property NameSpace URI” displays a drop-down menu to choose from.
When adding a new property by pressing the button “+”, the values of the last entries are copied to the new line and the Property ID is counted up automatically.
The following paragraphs describe the configuration of the COM AE module of the UaGateway using the Administration Tool.
Fully qualified Area and Source names of the COM A&E Server are constructed of the namespace URI and the identifier of the corresponding nodes in UaGateway’s OPC UA address space. The namespace part can be omitted for one namespace. In the drop-down box “Default NameSpace” the default namespace can be set to a namespace of an underlying OPC Server. The Areas and Sources of that particular namespace will then be accessible using the identifier only, because the default namespace is internally automatically added when accessing the Item. This feature can be used to avoid reconfiguring all Areas and Sources in the Client that accesses the UaGateway’s Server used as tunnelling solution for an underlying COM A&E Server and to preserve the Areas and Sources of the original COM A&E Server.
All OPC UA event types in the UaGateway’s address space are mapped to COM A&E categories in the UaGateway’s COM A&E Server. This mapping is created automatically when a COM A&E Client queries for available categories. The list of OPC UA event types in the UaGateway’s OPC UA address space is defined by the UaGateway configuration. All other settings are used to represent these UA event types as categories in the UaGateway’s COM A&E Server.
You can use this dialog to modify or hide the assigned COM A&E category information for an OPC UA event type.
To manually add or remove a specific event type to category mapping, press the buttons “+” or “-”. To change the content of a certain field, double-click on it and enter the desired values. Double-clicking on a value in the column “Event Type” displays a drop-down menu where you can choose between “Simple”, “Condition”, and “Tracking”. Another menu appears when double-clicking on an entry in the column “UA Event Type” where you can choose the namespace index and the identifier type from a drop down-menu, and enter the Event Type ID in different formats.
When adding a new event by pressing the button “+”, the values of the last entries are copied to the new line and the Property ID is counted up automatically.
All OPC UA event fields defined by OPC UA event types in the UaGateway’s address space are mapped to COM A&E attributes in the UaGateway’s COM A&E Server. This mapping is created automatically when a COM A&E Client queries for available attributes. The list of OPC UA event fields in the UaGateway’s OPC UA address space is defined by the UaGateway configuration. All other settings are used to represent these UA event fields as attributes in the UaGateway’s COM A&E Server.
You can use this dialog to modify or hide the assigned COM A&E attribute information for an OPC UA event field.
To manually add or remove a specific event field to attribute mapping, press the buttons “+” or “-”. To change the content of a certain field, double-click on it and enter the desired values. Double-clicking on a value in the column “Data Type” displays a drop-down menu where you can pick one of the available Data Types. Another dialog appears when double-clicking on an entry in the column “UA Event Field Path” where you can change the settings to your liking.
When adding a new attribute by pressing the button “+”, the values of the last entries are copied to the new line and the Property ID is counted up automatically
At “General”, you can select which channels should be available in the Configuration Tool, i.e. which type of servers can be added/configured via the Configuraton Tool. When enabled, a corresponding entry in the Devices Address Space Window of the Configuration Tool will show up.
The following channels are available:
If the UA channel is activated, you can add static OPC UA namespaces by importing the namespace from a standard OPC UA Nodeset XML file at “UA Channel Nodeset Files”.
Namespaces imported as static namespaces are not replicated for aggregated OPC UA Servers. This is necessary to preserve the original namespace URI and to avoid duplicates of identical standard namespaces provided by different aggregated OPC UA Servers.
As described above, ItemIDs of UaGateway’s COM DA Server are constructed of the namespace URI and the identifier of the variable node in the OPC UA address space. Usually, this results in quite long ItemIDs. The following screenshot shows how the dialog looks like when UaGateway is connected to Unified Automation’s C++ Demo Server.
The C++ Demo Server’s namespaces show up in UaGateway’s namespace table with indexes 4 to 7. This means, for instance, that by default, the variable node Demo → 001_Dynamic → Scalar → DateTime in the C++ Demo Server’s address space gets the COM ItemID urn:KM-PC:UnifiedAutomation:UaServerCpp/http://www.unifiedautomation.com/DemoServer/|Demo.Dynamic.Scalar.DateTime. When “Use Alias as Prefix in ItemID” is enabled, the ItemID is shortened to ns5|Demo.Dynamic.Scalar.DateTime. The default namespace prefix is “ns<Namespace Index>”. It can be changed by double-clicking on the respective table cell. Furthermore, you can pick the delimiter to use from the drop-down list.
The UaGateway provides several tracing capabilities for being able to analyze any problems that might occur during runtime of the UaGateway. You can enable the tracing functionality of either the Application Trace or both the Stack Trace and the Application Trace.
If you should encounter problems using the trace functionality, see if the section called “Trace Files Missing” under Troubleshooting contains a solution.
Depending on the depth of information you need, different trace levels can be applied. The trace level has massive impact on the performance and the amount of data that is created. By default, both traces are set to the highest level.
By pressing the button “Open Folder...” the folder of the generated log file(s) can be opened. To set the path of the log file just press the button “...”.
Here, you can enable the Application Trace and select the desired Trace Level from the drop down menu.
The trace levels of the Application Trace are (in ascending order):
Here, you can enable the Stack Trace and select the desired Trace Level from the drop down menu.
The trace levels of the Stack Trace are (in ascending order):
This tab can be used to manage certificates. It displays a list of the certificates an certificate revocation lists in UaGateway’s certificate store. There is a separate tab for issuers.
Different icons indicate the certificates’ statuses:
A right-click on a certificate displays a context menu providing various actions, depending on the status of the certificate (see screenshot): You may trust untrusted certificates, reject already trusted certificates, delete a certificate, or view the certificate’s content.
When clicking on the orange arrow symbol in the bottom left corner (see screenshot), the contents of the certificate store are reread.
When clicking on the button Open Certificate Location, the folder containing trusted certificates is opened in Windows Explorer.
Furthermore, it is possible to create a new application instance certificate (see Create an Application Instance Certificate for UaGateway) if the existing one has expired, will be expired soon, other security settings are required, etc. The input fields are filled out beforehand with values from the existing application instance certificate.
