User group configuration tabs - Security Center 5.9

Security Center Administrator Guide 5.9

Applies to
Security Center 5.9
Last updated
2022-10-25
Content type
Guides > Administrator guides
Language
English
Product
Security Center
Version
5.9

This section lists the settings found in User group configuration tabs, in the User management task.

User group - Properties tab

In the Properties tab, you can view and configure the members of the user group.
External unique identifier
Only used for third-party authentication. This field is used to match groups coming from an external identity provider to user groups in Security Center. This identifier defaults to the group name. If your identity provider uses a separate ID to identify groups, that ID must be added here.
Email address
Email address that is used by all members of the group. This information can be imported from your company’s directory service. The email address can be used to send emails, reports, or messages to the users.
User level
Set the user level. A user level is a numeric value assigned to users to restrict their ability to perform certain operations, such as controlling a camera PTZ, viewing the video feed from a camera, or staying logged on when a threat level is set. Level 1 is the highest user level, with the most privileges.
Inherit from parent
The user level can be inherited from a parent group. If the user has multiple parents, the highest user level is inherited. If the user group has no parent group, the lowest user level (254) is inherited. You must set Inherit from parent option to Override in order to change this setting.
Configure PTZ overrides
Set different user level values for selected PTZ cameras. The override values allow you to give this user group higher or lower priority over certain PTZ cameras.
Members
List of user group members. By default, the members inherit the privileges and partition rights of the user group.

User group - Access rights tab

In the Access rights tab, you can view and configure the access rights shared by the members of the user group. This tab only appears when user-created partitions exist in the system.
List of partitions
Select a partition to grant access rights for that partition to the user group. Access rights over parent and child partitions can be configured independently. Access rights inherited from parent user groups cannot be revoked.
Administrator
Select this option to grant full administrative rights over all entities contained in that partition to the user group, including the rights to create and delete users, user groups, and child partitions.
Display checked items ()
Click to toggle the display between showing only selected partitions and all partitions.

User group - Privileges tab

In the Privileges tab, you can view and configure the user group’s privileges. The privileges of a user group can be inherited by the members of the group, or can be inherited from other user groups.
Allow
The privilege is granted to the user group.
Deny
The privilege is denied to the user group.
Undefined
This privilege must be inherited from a parent user group. If the user group is not a member of any other group, or if the privilege is also undefined to the parent user group, then the privilege is denied.
Exceptions
Basic privileges can be superceded at the partition level if the user group is authorized to access multiple partitions. Only Administrative and Action privileges, plus the privileges over public tasks, can be overwritten at the partition level.
Additional settings ()
Click to view additional commands for privilege templates.
Apply template
Select one of the privilege templates to apply.
Set configuration to read-only
Set all entity configuration privileges found under the Administrative privileges group to View properties.
Set configuration to read-write
Allow the modification of all entity configurations, including Add and Delete.

User group - Advanced tab

In the Advanced tab, you can configure common advanced settings for the group members.
Logon settings
Configure the common logon settings for the group members.
Logon supervisor of
Lists the users whose logons are supervised by the members of this user group. When users from this list need to log on to the system, any member of this user group can help them complete their logon.
Auto-lock
Set this option to ON to lock members of the user group out of their Security Desk session after a period of inactivity. To resume their current session, the user must re-enter their password. This requirement can be inherited from a parent user group. You must set Inherit from parent to Override in order to change this setting.
NOTE: If the user is authenticated through ADFS with passive authentication, the user will be logged off and their current session closed instead of being locked.
Security Desk settings
Configure the common Security Desk settings for the group members.
Allow remote control over
Lists the Security Desk workstations the members of this user group are allowed to control remotely using the Remote task in Security Desk, or a CCTV keyboard. You can specify which workstations can be controlled by user, user group, or by specific workstation.
Limit archive viewing
Turn this option on to restrict the user group's ability to view archived video to the last n days. This limitation can be inherited from a parent user group. If the user group has multiple parents, the most restrictive limitation is inherited. If the user group has no parent group, no restriction will be imposed. You must set Inherit from parent to Override to change this setting.