This section lists the settings found in User group configuration tabs, in the User management task.
User group - Properties tab
In the Properties tab, you can view and configure the members of the user group.
- Email address
- Email address that is used by all members of the group. This information can be imported from your company’s directory service. The email address can be used to send emails, reports, or messages to the users.
- User level
- Set the user level. A user level is a numeric value assigned to users to restrict their ability to perform certain operations, such as controlling a camera PTZ, viewing the video feed from a camera, or staying logged on when a threat level is set. Level 1 is the highest user level, with the most privileges.
- Inherit from parent
- The user level can be inherited from a parent group. If the user has multiple parents, the highest user level is inherited. If the user group has no parent group, the lowest user level (254) is inherited. You must set Inherit from parent option to Override in order to change this setting.
- Configure PTZ overrides
- Set different user level values for selected PTZ cameras. The override values allow you to give this user group higher or lower priority over certain PTZ cameras.
- List of user group members. By default, the members inherit the privileges and partition rights of the user group.
User group - Access rights tab
In the Access rights tab, you can view and configure the access rights shared by the members of the user group. This tab only appears when user-created partitions exist in the system.
- List of partitions
- Select a partition to grant access rights for that partition to the user group. Access rights over parent and child partitions can be configured independently. Access rights inherited from parent user groups cannot be revoked.
- Select this option to grant full administrative rights over all entities contained in that partition to the user group, including the rights to create and delete users, user groups, and child partitions.
- Display checked items ()
- Click to toggle the display between showing only selected partitions and all partitions.
User group - Privileges tab
In the Privileges tab, you can view and configure the user group’s privileges. The privileges of a user group can be inherited by the members of the group, or can be inherited from other user groups.
- The privilege is granted to the user group.
- The privilege is denied to the user group.
- This privilege must be inherited from a parent user group. If the user group is not a member of any other group, or if the privilege is also undefined to the parent user group, then the privilege is denied.
- Basic privileges can be superceded at the partition level if the user group is authorized to access multiple partitions. Only Administrative and Action privileges, plus the privileges over public tasks, can be overwritten at the partition level.
- Additional settings ()
- Click to view additional commands for privilege templates.
- Apply template
- Select one of the privilege templates to apply.
- Set configuration to read-only
- Set all entity configuration privileges found under the Administrative privileges group to View properties.
- Set configuration to read-write
- Allow the modification of all entity configurations, including Add and Delete.
User group - Advanced tab
In the Advanced tab, you can configure common advanced settings for the group members.
- Logon settings
- Configure the common logon settings for the group members.
- Logon supervisor of
- Lists the users whose logons are supervised by the members of this user group. When users from this list need to log on to the system, any member of this user group can help them complete their logon.
- Set this option to ON to lock members of the user group
out of their Security
after a period of inactivity. To resume their current session, the user must
re-enter their password. This requirement can be inherited from a parent user
group. You must set Inherit from parent to
Override in order to change this setting.NOTE: If the user is authenticated through ADFS with passive authentication, the user will be logged off and their current session closed instead of being locked.
- Security Desk settings
- Configure the common Security
settings for the group members.
- Allow remote control over
- Lists the Security Desk workstations the members of this user group are allowed to control remotely using the Remote task in Security Desk, or a CCTV keyboard. You can specify which workstations can be controlled by user, user group, or by specific workstation.
- Limit archive viewing
- Turn this option on to restrict the user group's ability to view archived video to the last n days. This limitation can be inherited from a parent user group. If the user group has multiple parents, the most restrictive limitation is inherited. If the user group has no parent group, no restriction will be imposed. You must set Inherit from parent to Override to change this setting.