User group configuration tabs - Security Center 5.11

Security Center Administrator Guide 5.11

Product
Security Center
Content type
Guides > Administrator guides
Version
5.11
Language
English
Last updated
2024-07-05

This section lists the settings found in User group configuration tabs, in the User management task.

User group - Properties tab

In the Properties tab, you can view and configure the members of the user group.
External unique identifier
Only used for third-party authentication. This field is used to match groups coming from an external identity provider to user groups in Security Center. This identifier defaults to the group name. If your identity provider uses a separate ID to identify groups, that ID must be added here.
Email address
Email address that is used by all members of the group. This information can be imported from your company’s directory service. The email address can be used to send emails, reports, or messages to the users.
User level
Set the user level. A user level is a numeric value assigned to users to restrict their ability to perform certain operations, such as controlling a camera PTZ, viewing the video feed from a camera, or staying logged on when a threat level is set. Level 1 is the highest user level, with the most privileges.
Inherit from parent
The user level can be inherited from a parent group. If the user has multiple parents, the highest user level is inherited. If the user group has no parent group, the lowest user level (254) is inherited. You must set Inherit from parent option to Override in order to change this setting.
Configure user-level overrides
Set a different user level for the selected areas or cameras. These override values take precedence over the general user level for the cameras you specify.
NOTE: If you override the user level for an area, it applies to all cameras in that area.
Members
List of user group members. By default, the members inherit the privileges and partition rights of the user group.

User group - Access rights tab

In the Access rights tab, you can view and configure the access rights shared by the members of the user group. This tab only appears when user-created partitions exist in the system.
List of partitions
Select a partition to grant access rights for that partition to the user group. Access rights over parent and child partitions can be configured independently. Access rights inherited from parent user groups cannot be revoked.
Administrator
Select this option to grant full administrative rights over all entities contained in that partition to the user group, including the rights to create and delete users, user groups, and child partitions.
Display checked items ()
Click to toggle the display between showing only selected partitions and all partitions.

User group - Privileges tab

In the Privileges tab, you can view and configure the user group’s privileges. The privileges of a user group can be inherited by the members of the group, or can be inherited from other user groups.
Allow
The privilege is granted to the user group.
Deny
The privilege is denied to the user group.
Undefined
This privilege must be inherited from a parent user group. If the user group is not a member of any other group, or if the privilege is also undefined to the parent user group, then the privilege is denied.
Exceptions
Basic privileges can be superseded at the partition level if the user group is authorized to access multiple partitions. Only Administrative and Action privileges, plus the privileges over public tasks, can be overwritten at the partition level.
Additional settings ()
Click to view additional commands for privilege templates.
Apply template
Select one of the privilege templates to apply.
Set configuration to read-only
Set all entity configuration privileges found under the Administrative privileges group to View properties.
Set configuration to read-write
Allow the modification of all entity configurations, including Add and Delete.

User group - Advanced tab

In the Advanced tab, you can configure common advanced settings for the group members.
Logon settings
Configure the common logon settings for the group members.
Logon supervisor of
Lists the users whose logons are supervised by the members of this user group. When users from this list need to log on to the system, any member of this user group can help them complete their logon.
Auto-lock
Set this option to ON to lock members of the user group out of their Security Desk session after a period of inactivity. To resume their current session, the user must re-enter their password. This requirement can be inherited from a parent user group. You must set Inherit from parent to Override in order to change this setting.
NOTE: If the user is authenticated through ADFS with passive authentication, the user will be logged off and their current session closed instead of being locked.
Security Desk settings
Configure the common Security Desk settings for the group members.
Allow remote control over
Lists the Security Desk workstations the members of this user group are allowed to control remotely using the Remote task in Security Desk, or a CCTV keyboard. You can specify which workstations can be controlled by user, user group, or by specific workstation.
Limit archive viewing
Turn this option on to restrict the user group's ability to view archived video to the last n days. This limitation can be inherited from a parent user group. If the user group has multiple parents, the most restrictive limitation is inherited. If the user group has no parent group, no restriction will be imposed. You must set Inherit from parent to Override to change this setting.
Enable video watermarking
Turn this option on to overlay an identifying text on all video requested by this user group through Config Tool, Security Desk, Web Client, or the Genetec™ Web App. Click Configure to set the overlaid text. The video watermark can be inherited from a parent user group. If the user group has multiple parents, only the video watermark from the first parent group is inherited. You must set Inherit from parent to Override to change this setting.
Manage partition memberships
Turn this option on to grant the Manage partition memberships privilege to the user group. With this option enabled, the user group can copy and move any type of entity from one partition to another to which they have access. If the user group has multiple parents, the most restrictive limitation is inherited. You must set Inherit from parent to Override to change this setting.
Default map
The map loaded by default when a user belonging to this user group opens the Maps task. The default map can be inherited from a parent user group. In a multiple-parent hierarchy, where the user group has more than one parent, only the default map from the direct parent group is inherited. To select a personalized default map for the group, you must change the Default map setting from Inherit from parent to Override