openPDC Manager :: Access Denied


#1

We are receiving an error with openPDC v2.3 on Server 2008 and a Win 7 Box running MySql that says ‘Error loading security provider:: Failed to load a valid security context - no application roles were found for node ID’XXXXXXXXXX’. Verify the node ID in the config.

What does this mean? I can’t find any documentation on it.


#2

The openPDC.exe.config file has a NodeID parameter.

<configuration>
  <categorizedSettings>
    <systemSettings>
      <add name="NodeID" value="f53a782c-1cd9-4f36-b80d-0d4ca345f0f7" description="Unique Node ID" encrypted="false" />
    </systemSettings>
  </categorizedSettings>
</configuration>

There is also a Node table in the database. There should be a record in that table with an ID that matches the NodeID in the config file.

SELECT ID, Name FROM Node

ID                                      Name
------------------------------------    -------
F53A782C-1CD9-4F36-B80D-0D4CA345F0F7    Default

And there should be some records in the ApplicationRole table that are referencing the Node table.

SELECT * FROM ApplicationRole

ID                                      Name            Description             NodeID
------------------------------------    -------------   ------------------      ------------------------------------
306F32AD-CF26-4AF2-9FCD-2E43A001FC9D    Administrator   Administrator Role      F53A782C-1CD9-4F36-B80D-0D4CA345F0F7
15049973-4BA2-4676-A5D5-9908AF93EAFC    Editor          Editor Role             F53A782C-1CD9-4F36-B80D-0D4CA345F0F7
2A4B6EEF-C363-430D-8ADD-99E82E46582E    Viewer          Viewer Role             F53A782C-1CD9-4F36-B80D-0D4CA345F0F7

The error occurs when openPDC is not able to find any records in the ApplicationRole table that reference the Node which is referenced by the config file. Note that the ApplicationRole table is also one of a few tables that are cached to a file in the Configuration Cache folder called AdoSecurityCache.bin. If the system is unable to load the security tables from the database for some reason, it may try to load the data from the cache folder, and that file may be empty if the service was never able to successfully load that data from the database. So the error you are receiving may be masking a more relevant database connectivity error.


#3

Thanks, Stephen.

I’m familiar with the NodeID parameter in the CONFIG file, so I will verify that tomorrow. We have had a few issues trying to install openPDC on a Server 2008R2 box with MySQL, which may be contributing to our issues.

Ultimately, our installation looked like this:

  1. Install MySQL (5.7 or something?, whatever the latest is)
  2. Install .NET Framework
  3. Install MySQL connector
  4. Install OpenPDC, DO NOT PROCEED WITH CONFIG UTILITY YET
  5. Run SQL Scripts for MySQL through SQL Workbench to create the schema
  6. Proceed with Config Utility and select ‘Use existing configuration’, ‘Use MySQL Database’, and then localhost, username/password, etc.
  7. Launch openPDC, receive error.

We couldn’t get openPDC to install by just going straight into the Config Utility. It seemed like it was throwing some sort of .NET error at the end and we weren’t sure we were doing the Historian bit right. We tried following the instructions step by step but still kept hitting errors.

I assume something in our ‘use existing configuration’ deviation is what might have caused there to not be a record in the Node and/or ApplicationRole table. We will look into this tomorrow and report back.

Anything jump out to you about the scenario I’ve described?

Thanks,
Jason


#4

The first thing I will say is that the system is definitely designed to install the database via the Configuration Setup Utility. The options for “Use existing configuration” are mainly designed for reinstalls and upgrades. That said, it’s not impossible to set up the system the way you’ve described, but the Configuration Setup Utility will not be able to help you nearly as much as it would have when creating the database from scratch. Here are two scenarios that work for me.

Using SampleDataSet.sql

  1. Create the openPDC database by running openPDC.sql, InitialDataSet.sql, and SampleDataSet.sql, in that order.
  2. Add my Windows user account to the UserAccount table.
  3. Add a record to the ApplicationRoleUserAccount table to make my account an admin.
  4. Run the Configuration Setup Utility with “Use existing database as-is” options.

Without using SampleDataSet.sql

  1. Create the openPDC database by running openPDC.sql and InitialDataSet.sql, in that order.
  2. Run the Configuration Setup Utility with “Use existing database as-is” options.
  3. Start the openPDC service. This creates the default Node record.
  4. Run the Configuration Setup Utility again with “Use existing database as-is” options. This creates the ApplicationRole records associated with the default node.
  5. Add my Windows user account to the UserAccount table.
  6. Add a record to the ApplicationRoleUserAccount table to make my account an admin.
  7. Restart the openPDC service.

The steps to run without the SampleDataSet.sql script are a little convoluted. If you do not want to use SampleDataSet.sql, it may be easier to simply modify the script to remove everything except the INSERT and UPDATE statements for the Node table and the ApplicationRole table.


#6

i am having the same problem. i have added a screenshot on also… my nde ID are same so why i am facing the problem? and a pictorial guideline will be great

image

how to add the ID ?


#7

i am having the same problem. i have added a screenshot on also… my nde ID are same so why i am facing the problem? and a pictorial guideline will be great

how to add the ID ?

Edit Post


#8

Hi ssnoureen,

It seems there is one additional possible cause for this error that was uncovered just a few weeks ago. It has to do with the MySQL Connector/NET version. Please see the following issue on GitHub for details.

Thanks,
Stephen