Web-based Management 2:
Security - User management
Valid from firmware release 2025.0 - for earlier firmware see WBM User Authentication
By default, on a PLCnext Control only a single user is configured and assigned to the Admin user role.
Of course, other users and user roles need to be assigned, once the controller is put into production, which is done by means of the User management WBM 2 page. The procedure is designed to be mostly selfexplanatory: By clicking the 
icon, you'll be led through a step-by-step configuration.
Please note the guidelines in our PLCnext Technology ‑ Security Info Center.For developing secure-by-design, IEC 62443‑2 compliant applications with PLCnext Technology, get a good grasp of the concepts used in the Security context.
Existing User roles
| WBM 2 pages | Access permission for: | User role | ||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
||
| Information or Overview section | General Data | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Network configuration | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |||
| Cockpit | ✓ | ✓ | ✓ | ✓ [1] |
✓ [1] |
✓ [2] |
✓ [2] |
✓ [2] |
✓ [1] |
✓ [1] |
✓ [1] |
|
| Diagnostics section | PROFINET | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| Local Bus | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Notifications | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Integrated UPS | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Configuration section | Network - LAN Interfaces tab |
✓ | ✓ | ✓ read- only |
✓ read- only |
✓ read- only |
✓ read-only |
|||||
| Network - Netload Limiter tab |
✓ | ✓ | ✓ read- only |
✓ | ✓ read, reset |
✓ read, reset |
||||||
| Date and Time [3] | ✓ | ✓ | ✓ read- only |
✓ read- only |
✓ read- only |
✓ read- only |
✓ read- only |
✓ read- only |
✓ read- only |
✓ read- only |
✓ read- only |
|
| System Services | ✓ | ✓ | ||||||||||
| PLCnext Store | ✓ | ✓ | ||||||||||
| Proficloud (legacy platform) |
✓ | |||||||||||
| Proficloud Services (V3 platform) |
✓ | ✓ | ||||||||||
| SPLC | ✓ | ✓ | ✓ | ✓ | ||||||||
| Fan Control | ✓ | ✓ | ||||||||||
| Web Services | ✓ | ✓ | ||||||||||
| Security section |
Security Profile | ✓ | ✓ | |||||||||
| User Authentication | ✓ | ✓ | ✓ | |||||||||
| LDAP configuration | ✓ | ✓ | ✓ | |||||||||
| Firewall | ✓ | ✓ | ||||||||||
| SD Card | ✓ | ✓ | ||||||||||
| Certificate Authentication | ✓ | ✓ | ✓ | |||||||||
| Syslog Configuration | ✓ | ✓ | ||||||||||
| System section |
Firmware Update | ✓ | ✓ | |||||||||
| PLCnext Apps [4] | ✓ | ✓ | ✓ | |||||||||
| License Management | ✓ | ✓ | ||||||||||
- These user roles can only change the user password.
- These user roles cannot reboot or reset.
- These user roles can access the Date and Time page with "read-only" rights:
- FileReader
- FileWriter
- EHmiLevel1 to EHMILevel10
- EHmiViewer
- EHmiChanger
- SoftwareUpdate
- SafetyEngineer
- SafetyFirmwareUpdater
- This WBM 2 page can be inaccessible if the App Manager has been deactivated in the System → System services WBM 2 page.
• Published/reviewed: 2025-05-28 ✿ Revision 079 •