Logging on with the WBM

Log on with user name and password

Enter a configured user name.

You will find information on the first logon in the section "Logging on after the new installation".
Enter the corresponding password.

You will find information on the first logon in the section "Logging on after the new installation".

If you have forgotten the password, you can reset it with "Reset password"
Click the "Log in" button. The start page of the WBM opens.

"TOTP-based two-factor authentication" is enabled by default.

A user agreement may be displayed, see section "User agreement". If you click the "Accept" button, the start page appears.

Changing the current password

As a logged-on user, you can change your current password; refer to the section "Changing the current password".

Logging on as UMC user

Licensing on UMC server

The UMC server is part of the SINEMA RC client program download/program DVD.
With the installation of the software, you can manage up to 10 user accounts without a license. For more user accounts, you require a license.
You can cumulate this license. If you have multiple licenses, the permissible configuration limit for user accounts is derived from the sum of the licenses.

The license is required for the ring server of the User Management Component domain. The license is offered as Rental License for 365 days. The Certificate of License (CoL) can be downloaded directly.

Software/License	Article number
TIA Portal User Management Component (UMC) Rental License for 100 user accounts and 365 days Certificate of License for download	6ES7823-1UE30-0YA0
TIA Portal User Management Component (UMC) Rental License for 4000 user accounts and 365 days Certificate of License for download	6ES7823-1UE10-0YA0

Software/License

Article number

TIA Portal User Management Component (UMC) Rental License for 100 user accounts and 365 days

Certificate of License for download

6ES7823-1UE30-0YA0

TIA Portal User Management Component (UMC) Rental License for 4000 user accounts and 365 days

Certificate of License for download

6ES7823-1UE10-0YA0

Requirements on the SINEMA RC server

A user is created on the UMC and assigned to a UMC user group.
A valid SINEMA RC UMC license (MLFB 6GK1724-2VH03-0BV0) or trial license is activated on SINEMA RC.
The connection to the UMC server is set up on SINEMA RC, see section "UMC".
A role is created on SINEMA RC and uses the same name for the UMC user group to which the relevant user is assigned on the UMC; see section "Create new role".

Procedure

Select the "UMC" tab on the SINEMA RC login Web page.
Enter the user name.
Enter the corresponding password.
Click the "Log on with UMC" button.

After successful login, the "Two-factor authentication" page opens. The prerequisite is that two-factor authentication is enabled for the UMC user group.

On first login, scan the QR token with the authenticator app or enter the alphanumeric token in the app.

This page is only shown on first login to the UMC server.
If the QR token is already enabled, enter the one-time token generated with the authentication app.

Note

Changing the data of a UMC user

UMC users logged onto SINEMA RC cannot edit their access data and their profile in SINEMA RC.

The administrator only has the rights to delete a UMC user from the user list or assign the name of a UMC user group to a role.

Logging on with the PKI card

Requirement

A card reader on the PC or notebook
The card reader is connected according to the manufacturer's instructions and the driver belonging to it is installed.
The PKI CA certificate chain is installed on the SINEMA RC Server, see section "PKI CA certificate".
A smart card with a valid PKI certificate derived from one of the PKI CA certificates imported into SINEMA RC.
PKI DN filter rules have been created.
For the user, the corresponding login method has been set, see section "Create a new user".
The client software (Web browser or SINEMA RC client) is capable of communicating with the card reader.
- Internet Explorer, Microsoft Edge and Google Chrome: Use Windows Crypto API which automatically recognizes an attached card reader.
- Firefox and SINEMA RC client: The suitable PKCS11-DLL must be selected for the card reader and smartcard.

Procedure

Insert your PKI card in the card reader device.
Click the PKI card symbol.
Enter your PIN and click on "PKI Login".
A user agreement may be displayed, see section "User agreement". If you click the "Accept" button, the start page appears.

Result

During the logon, a check is made to establish whether the PKI certificate is valid. Then a check is made as to whether the attributes of the PKI DN filter rules are included in the PKI certificate.

User identification

If the PKI DN filter rule applies precisely to a user, the PKI card with this user name is logged on with the SINEMA RC Server, see section "Creating a new user".
Temporary users

If the PKI DN filter rule applies to a role, a temporary user "carduser_X" is created. The temporary user is listed in "User accounts > Users & Roles". The user receives the rights and the access to the participant groups assigned to the role.

In the role, you also specify when the temporary user will be deleted, see section "Create new role". You can also delete the temporary user in "User accounts > Users & Roles".

Logging on after installing new

After the new installation log on as user name and password "admin".
Click on Log on. The WBM page "Change password" opens.
Specify the user name and the password for the administrator. The new password must be at least 8 characters long and contain special characters, upper and lowercase characters as well as numbers, refer to the section "Permitted characters". The admin user name is not permitted. The "admin" role is assigned to this user automatically.

This administrator has the right to access all functions and can set up the system. This includes creating users and assigning roles and rights to them. Click the "Save" button.
After saving, you are automatically logged on with the newly created administrator. The "admin" user is no longer available.

"TOTP-based two-factor authentication" is enabled by default.
Once you have logged on successfully, the start page appears.

A user agreement may be displayed, see section "User agreement". If you click the "Accept" button, the start page appears.

Entering the wrong user name or password

If you enter a user name that is not configured, an error message is displayed regardless of the password entered. A user name or a variety of incorrect user names can be entered any number of times without the system being locked.

Note

Loss of the administrator password

Note down a newly assigned or modified administrator password and keep this in a safe place.

If only one administrator is set up, the loss of the administrator password means that no more administrator tasks can be performed.

There is no possibility of resetting the assigned administrator password.

Note

Incorrect entry of the password

If you enter an incorrect password with the user name an error message is displayed.

If you enter an incorrect password, a lock out time begins that is extended with each attempt to logon with an incorrect password.