Pelco Server C1553M-B User Manual
C1553M-B (4/05)
141
User Groups
User groups are a security feature. A user group embodies a set of privileges, called group permissions, that are granted to every member of the
group. These permissions delineate which parts of the VMX300(-E) software group members can access. To limit a user’s access to the software,
restrict the user’s permissions.
group. These permissions delineate which parts of the VMX300(-E) software group members can access. To limit a user’s access to the software,
restrict the user’s permissions.
Setting up user groups requires forethought about what tasks you want different users to do. If you want a user to do a certain task, you must set
up a user group with the permissions needed for that task, then make the user a member of that group. Conversely, if there are certain tasks that
you want to preclude a user from carrying out, you must make sure the user does not belong to any group that grants the permissions needed for
that task.
up a user group with the permissions needed for that task, then make the user a member of that group. Conversely, if there are certain tasks that
you want to preclude a user from carrying out, you must make sure the user does not belong to any group that grants the permissions needed for
that task.
A user can belong to more than one user group. When a user who belongs to more than one group logs in to the VMX300(-E) server, the permis-
sions are treated as cumulative in the sense that the user is granted all the permissions of each group he belongs to. For example, a user who
belongs to two groups, Group A and Group B, has all the permissions of Group A in addition to all the permissions of Group B when logged in to
the server.
sions are treated as cumulative in the sense that the user is granted all the permissions of each group he belongs to. For example, a user who
belongs to two groups, Group A and Group B, has all the permissions of Group A in addition to all the permissions of Group B when logged in to
the server.
Unlike the server, the VMX300(-E) client does not treat permissions cumulatively. When the user logs in, the client prompts the user to specify
which group he wants to log in under. For the duration of that session, the user’s permissions are limited to those granted by the group he logged
in under. To exercise the permissions of another, different group he belongs to, the user must log out and log in again, this time logging in under
the other group.
which group he wants to log in under. For the duration of that session, the user’s permissions are limited to those granted by the group he logged
in under. To exercise the permissions of another, different group he belongs to, the user must log out and log in again, this time logging in under
the other group.
GROUP PERMISSIONS
Table D lists the group permissions available on an unconfigured server, and the privileges each permission grants. The core permissions fall into
three categories: Administrative, Client Workspaces, and Window Content. Other categories are added to the list as needed. For example, when
you first add a map to the server configuration, a Maps category is added to the Group Permissions.
three categories: Administrative, Client Workspaces, and Window Content. Other categories are added to the list as needed. For example, when
you first add a map to the server configuration, a Maps category is added to the Group Permissions.
Table D. Core Group Permissions
The following permissions are added to the group permissions as they become relevant:
•
Maps: Selecting the permission for a particular map allows a user with that permission to view the map.
•
Global scripts: Selecting the permission for a particular global script allows an operator with that permission to run the global script
directly. This permission does not affect the execution of local scripts that call the global script.
directly. This permission does not affect the execution of local scripts that call the global script.
•
Devices: For a complete list of a device’s permissions, refer to the following pages.
PERMISSION
ENABLES USER TO
Administrative
Can configure software
Edit alarms and events, clients, connections, device drivers, labels, maps,
global scripts, global tags, prompts, recipient groups, schedules, server ties,
timers, user groups, users. View logs.
global scripts, global tags, prompts, recipient groups, schedules, server ties,
timers, user groups, users. View logs.
Can manage users
Edit users.
Can modify schedules
Edit schedules. View logs.
Client Workspaces
Show ‘All Devices’ in device list
Include sublist that lists all devices in Device List.
Can load workspaces
Open workspaces. Set workspace preferences.
Can edit workspaces
Edit the current workspace.
Can save workspaces
Save the current workspace under its original name or under a new name.
Window Content
Can view live video
View live video in an appropriately configured custom window.
Can view archived video
View archived video in an appropriately configured custom window.
Can view maps
View maps in a custom window.
Can view web pages
View an Internet browser in a custom window.
Can view remote PCs
View and control remote workstations in a custom window.