User configuration tabs

User - Properties tab

In the Properties tab, you can configure the user’s personal information and password.

Status:
Activate or deactivate the user profile. A user cannot log on when their profile is deactivated. Deactivating a user’s profile while the user is logged on will immediately log off the user.
Personal information:
The personal information of a user can be imported from your company’s directory service.
- First and last name:
  First and last name of the user.
- Email address:
  The email address of the user. Can be used to send emails, reports, or messages to the user.
Password settings:
All users require a password to log on to Security Center. The user must have the Change own password privilege for the password options to be enabled.
- Expires:
  Turn this option on to force the user to change their password after a given number of days.
- Change on next logon:
  Turn this option on for Genetec Patroller™ or Security Desk to force the user to change their password the next time they log on.
- Change password:
  To change someone else's password, you need to have the Modify user properties privilege.
User level:
Set the user level. A user level is a numeric value assigned to users to restrict their ability to perform certain operations, such as controlling a camera PTZ, viewing the video feed from a camera, or staying logged on when a threat level is set. Level 1 is the highest user level, with the most privileges.
- Inherit from parent:
  The user level can be inherited from a parent group. If the user has multiple parents, the highest user level is inherited. If the user has no parent group, the lowest user level (254) is inherited. You must set Inherit from parent option to Override in order to change this setting.
- Configure PTZ overrides:
  Set different user level values for selected PTZ cameras. The override values allow you to give this user higher or lower priority over certain PTZ cameras.

User - Access rights tab

In the Access rights tab, you can view and configure the user’s access rights over partitions. This tab only appears when user-created partitions exist in the system.

List of partitions:
Select a partition to grant access rights for that partition to the user. Access rights over parent and child partitions can be configured independently. Access rights inherited from parent user groups cannot be revoked.
Administrator:
Select this option to grant full administrative rights over all entities contained in that partition to the user, including the rights to create and delete users, user groups, and child partitions.
Display checked items ():
Click to toggle the display between showing only selected partitions and all partitions.

User - Privileges tab

In the Privileges tab, you can view and configure the user’s privileges. The privileges of a user can be inherited inherited from parent user groups.

Allow:
The privilege is granted to the user.
Deny:
The privilege is denied to the user.
Undefined:
This privilege must be inherited from a parent user group. If the user is not a member of any group, or if the privilege is also undefined to the parent user group, then the privilege is denied.
Exceptions:
Basic privileges can be superceded at the partition level if the user is authorized to access multiple partitions. Only Administrative and Action privileges, plus the privileges over public tasks, can be overwritten at the partition level.
Additional settings ():
Click to view additional commands for privilege templates.
- Apply template:
  Select one of the privilege templates to apply.
- Set configuration to read-only:
  Set all entity configuration privileges found under the Administrative privileges group to View properties.
- Set configuration to read-write:
  Allow the modification of all entity configurations, including Add and Delete.

User - Advanced tab

In the Advanced tab, you can configure the user’s advanced settings.

Logon settings:
Configure the user’s logon settings.
- User logon schedule:
  Restrict the user logon according to schedules. A schedule can either be used to allow user logon or to block user logon.
- Logon supervisor of:
  Lists the users whose logons are supervised by this current user. When a user in this list needs to log on to the system, the current user must also provide their username and password to complete the logon. A user can have more than one logon supervisor.
- Limit concurrent logons:
  Set the maximum number of different workstations a user can log on to at the same time. This limit only applies to Security Desk. Config Tool is not restricted by this setting.
- Auto-lock:
  Set this option to ON to lock the user out of their Security Desk session after a period of inactivity. To resume their current session, the user must re-enter their password. This requirement can be inherited from a parent user group. You must set Inherit from parent to Override in order to change this setting.
  NOTE: If the user is authenticated through ADFS with passive authentication, the user will be logged off and their current session closed instead of being locked.
Security Desk settings:
Configure the user’s Security Desk workspace.
- List of active tasks:
  Displays the tasks found in the user’s active task list.
- Hot actions:
  Displays the hot actions mapped to the PC keyboard function keys (Ctrl+F1 through Ctrl+F12) when this user is logged on to Security Center using Security Desk.
- Allow remote control over:
  Lists the Security Desk workstations this user is allowed to control remotely using the Remote task in Security Desk, or a CCTV keyboard. You can specify which workstations can be controlled by user, user group, or by specific workstation.
- Start task cycling on logon:
  Turn this option on so that next time the user logs on from Security Desk task cycling starts automatically.
Security settings:
Configure what the user can see in the system.
- Limit archive viewing:
  Turn this option on to restrict the user's ability to view archived video to the last n days. This limitation can be inherited from a parent user group. If the user has multiple parents, the most restrictive limitation is inherited. If the user has no parent group, no restriction will be imposed. You must set Inherit from parent to Override to change this setting.
- Scramble entity names:
  (Only non-administrative users) Turn this option on to display the entity GUID in Security Desk and Config Tool, everywhere the entity name is supposed to be displayed for this user. This option also prevents the user from updating the entity name fields in Config Tool.
- Include additional properties on export/snapshot:
  Turn this option on to enable the user to include metadata to exported videos or snapshots, such as camera name, creation date, and camera coordinates, which can be useful for investigation.
Default map:
The map loaded by default when the user opens the Maps task. If none is defined, the global default map configured at the Map Manager role level is used.