Hi All,

I need assistance with PI Vison implementation. We must implement PI Vision in our PI System; we have PI DA & AF upgraded to the latest versions; the fact is that PI Vision we can`t implement PI Vision web server because the Active Directory is required to complete this task. I s there any Methode to deploy PI Visions out the Active Director infrastructure?

Pi vision Service Account should be created in AD, but this account can be created locally (Pi Vision Server)?

The main issue is with the PI Users authentication Methode.

Any advice please?

thanks

MIKO

Parents

0 MainelyInnovations over 1 year ago

If by latest version, you mean PI Server 2023, then yes you can do it that way by using OpenID. Otherwise, you'd need PI Vision on a domain as well and configure a trust between the two domains which should allow the SPNs & Kerberos Delegation to work, but users would still likely be prompted for credentials due to cross-domain actions.

Short answer, if you have PI Server 2023, using OpenID should work for you. Otherwise, install PI Vision & PI Server on the same domain on your business network and bring the data up from your lower environment (or the less recommended solution - put PI Vision in the lower environment instead of the business network, but this is not a recommended approach from a cybersec standpoint).
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 MainelyInnovations over 1 year ago

If by latest version, you mean PI Server 2023, then yes you can do it that way by using OpenID. Otherwise, you'd need PI Vision on a domain as well and configure a trust between the two domains which should allow the SPNs & Kerberos Delegation to work, but users would still likely be prompted for credentials due to cross-domain actions.

Short answer, if you have PI Server 2023, using OpenID should work for you. Otherwise, install PI Vision & PI Server on the same domain on your business network and bring the data up from your lower environment (or the less recommended solution - put PI Vision in the lower environment instead of the business network, but this is not a recommended approach from a cybersec standpoint).
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 anguemamiko over 1 year ago in reply to MainelyInnovations

Hi,

I really appreciate your assistance, unfortunately we are using PI Server 2018 SP3.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 MainelyInnovations over 1 year ago in reply to anguemamiko

Then you'll want to look at either installing PI Vision at the lower network where the PI Server & Asset Framework servers are located, or you'll want to install PI Server & Asset Framework in the upper environment (a more recommended approach) where PI Vision is. You will not be able to get data in your current setup without AD on both networks and without a domain trust.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel