Here is where you can change the passwords and options. If you are logged on as a User, here is the screen you will see:
Allow Compile without running Controller Supervisor – this option will allow you to do either a full or an incremental compile of
permissions without having any running CSUP.exe programs. The compile process updates the data that is sent to the controllers for possible standalone operation. If there are no running CSUP.exe programs, these data will not reach the controllers. If this option is not set, the system prevents the compile step by disabling the buttons on the Permissions screen.
Export On Compile – this option will cause the system to automatically export three database tables to CSV (Comma Separated Values) files whenever a compile is done. The three tables are Network (definition of controller network), people
(definition of people and assigned badgeids) and access (definition of which badgeids are authorized for which controllers during what time intervals)
Skip Send on Compile – this option tells the system to NOT send stand alone records to the controllers, regardless of whether or not controller supervisor program(s) are running.
If you are logged on as the administrator you will have access to the
Administrative tab on this screen. The administrative tab provides access to the administrative and monitor passwords.
The system ships with the following default values: Administrative password - apassword Operations Level 0 - opassword Operations Level 1 - opassword1 Operations Level 2 - opassword2 Operations Level 3 - opassword3
Monitor - mpassword
The Audit button on the Administrative tab gives you access to the following screen:
This audit screen shows all updates (Insert, Change or Delete actions) for the critical files that define access rights. These files are:
BADGES – which defines badge id and pin code values. IDFILE – which defines people
GROUPS – which define the people who are members of groups RIGHTS – which define the doors or doorgroups that groups of people
have rights to during selected shifts
SPBADGES – which define special badges which may have access rights to selected doors.
Whenever these files are modified, audit records are created. The audit record includes the User Name that was used to log on to the system. The tabs at the top of the screen allow you to select sort orders in which to view the records. At the bottom of the screen you will see the record count of the audit records and a button which will allow you to delete obsolete information which is no longer needed.
If you have the Advanced Security Option enabled, you will have access to the Users tab. This allows you to define user names, areas, authority levels, and assign or reassign passwords.
AREA
There is always an area called COMMON. With administrative authority you can use the Network/View Area screen shown below to define any number of
additional areas with any names you choose. Applies To
The authority level values define the scope of authority that applies to the username. The Applies To shows whether the password is valid for the
Administrative program, the Monitor program, or both. Here is the screen that is used to define or modify the usernames.
Every door, shift, holiday, group, person and UserID is associated with an area. There are different levels of authority and control provided to the UserId
depending on the Area and Authority Level assigned. Authority Level
The authority level values define the scope of authority that applies to the username. Within the Administrative program, here are the meanings of the different levels
Scope Level Capabilities/Limitations
Administrator na Full control of everything including defining UserIds and Passwords COMMON 3 Full control of everything except the administrative and monitor
passwords.
COMMON 2 Can do everything except defining UserIds and Passwords
COMMON 1 Can only define people, assign them badges and put them in groups. Can do these things for all areas. Can not define Shifts, Holdiays, IOGroups or Permissions. Can not define network
AREA 3 Can define Groups, Shifts and Holidays for the AREA and can define
permissions using those Groups and Shifts for doors that are defined as part of the AREA or doors that are defined as part of the special
COMMON area. Can define and use IO Groups for the AREA.
AREA 2 Can define Groups, Shifts and Holidays for the AREA and can define
permissions using those Groups and Shifts for doors that are defined as part of the AREA. Can NOT define permissions for COMMON area doors but can add or delete people from Groups that are associated with the named area which may have permissions for COMMON doors. No
access to IO Groups.
AREA 1 Can only define people and badges and put them in groups which are
associated with the given area.
Within the Monitor program, if a user is logged on to an area they will only have the ability to see doors that are within that area or within the COMMON area. They will have the ability to do an Operations Admit to those doors only. They will have the ability to UNLOCK, LOCKDOWN or reset to NORMAL only doors within their own area.
This construct implements a “Property Management” model for access control. To understand this model, consider a building with many tenants. There are COMMON areas such as main entrances and exits, garages and perhaps additional common areas such as shared conference rooms or lounges. Then there are “private” areas that are totally controlled by a single tenant. The
Landlord needs to define and administer some aspects of the overall system but would prefer to delegate to individual tenants the “full” control of their own space. The tenants need to have some limited ability to deal with the common area, for example when they add or terminate an employee, that person has to be granted or refused access to the COMMON areas.
Applies To
The Applies To shows whether the password is valid for the Administrative program, the Monitor program, or both. Here is the screen that is used to define or modify the usernames.