Before you can share and synchronize cardholders, cardholder groups, credentials, and badge templates with other sites, there are some steps you must take.
Before you begin
IMPORTANT: You should not attempt to deploy the Global Cardholder Management solution on your own if you intend to bring together systems that have data to share on both ends, meaning that both the sharing host and the sharing guest have existing data to share. If this is your situation, we strongly recommend that you book a technical consultation with a GTAP specialist.
Decide which Security Center system is going to be the sharing host.
The sharing host is typically the system running at your head office or the system that is synchronized with your corporate Active Directory.
- If the sharing host is protected behind a firewall, open a port to allow the Global Cardholder Synchronizer role to connect to the sharing host.
Decide what types of updates the users on the guest systems are allowed to perform on
the shared global partitions.
You can limit their range of actions by restricting the privileges of the user representing the GCS roles on the host system.
Make sure you follow the recommended best practice:
- Avoid assigning cardholders directly to access rules. Assign cardholder groups instead.
- Avoid assigning cardholders or cardholder groups directly to doors. Use access rules instead.
- Back up the Directory database on all the systems you intend to synchronize and enable scheduled backups.