User Groups

 

The User Group tab is used for user management. New users can be added, modified or removed and each user can be added to a specific user group. A user group is a group of users who share the same access rights and privileges. Example: each usergroup can have it’s own set of layouts it can access, or it’s own set of cameras (see devicegroup).

To add a user-group use the ’+’-button, give it an appropriate and unique name in the dialog. To remove an user-group use the ’-’-button.

The following privileges can be assigned:

  • Details

  • Users

  • Servers

  • Device groups

  • Multi-layouts

  • Layouts

  • Fixed Layouts

  • Functions

  • Monitors

  • Viewer macros

Assigning privileges is done with drag and drop. For example to assign a device group, simply drag the devicegroup to the explorer and drop it on the user-group. To delete de device-group (or any other privilege) from the user-group use the ’delete’-key on your keyboard. Multiple items can be dragged and dropped at once. To select multiple items use CTRL-click (non-consecutive items) or shift-click (consecutive items).

Adding/modifying users
To add a new user first select the ’Users’-tab and use the ’+’-button below the user list. In the dialog give the user a name, password and language. To remove a user use the ’-’-button. Double click on an existing user to change name or password. 

When adding multi-layouts to an user-group the layouts contained in the multi-layout are automatically added. When a multi-layout is removed the contained layouts in the multi-layout are not removed from the user-group. Layouts have to be removed manually with the ’delete’-key on your keyboard.

When an user logs in, the ’user-server’ checks name and password, does a lookup of all privileges and returns all assigned device-groups, (multi-)layouts and settings back to the Sense. The user only has access to these privileges. When the ’administrator’ logs in all privileges are send back to the Sense and thus the ’administrator’ has always full control.

It is recommended to change the default administrator password.

The default administrator password is ’!DVadmin’ (without the quotes).

User Functions

The following user functions can be assigned as an user privilege:

Live access
The user can view live and playback video, switch layouts, etc. A usergroup with Live access will have all Livemenu options available unless one or more of the Livemenu functions have been added.

Server management
The user is allowed to view servers, devices, profiles, etc. with read-only rights. The following setup tabs are available: ’Servers’, ’Devices’, ’Profiles’, ’Calendar’, ’Server macros’, ’POS’ and ’Statistics’.

Viewer management
The user is allowed to change layouts, add layouts and multi-layouts, etc. The following setup tabs are available: ’Layouts’, ’Monitors’ and ’Viewer macros’.

PTZ control
The user is allowed to operate PTZ devices. A dialog to set the PTZ priority will appear when dragging this setting in an user group. This determines the priotity of PTZ control for users in this usergroup. A higher number means a higher priority. If a user with a higher priority tries to use a dome which is currently used by a user with lower priority, it will be able to use the dome instantly and it will block PTZ command for the low priotiy user for 60 seconds.  PTZ Control also allows the user to start and stop Tours and traces

PTZ Store Preset Control
The user is allowed to store or overwrite presets

PTZ Tours Control
The user is allowed to edit tours

PTZ Trace Control
The user is allowed to edit trace

Event list Control
The user is allowed to control the behavior of the event list.

Audio Control
The user is allowed to hear audio from live and playback audio streams.

Export Control
The user is allowed to export video.

Export Image Control
The user is allowed to export an image to a PDF file.

Keep Layout Changes
Hold layout changes while switching between layouts.

Live menu Multi Layouts
Enable the Multi Layouts-item in the Livemenu.

Livemenu Layouts
Enable the Layouts-item in the Livemenu.

Livemenu FixedLayouts
Enable the Fixed Layouts-item in the Livemenu.

Livemenu Cameras
Enable the Cameras-item in the Livemenu.

Livemenu Monitors
Enable the Monitors-item in the Livemenu.

Livemenu Camera Sequence
Enable the Camera Sequence-item in the Livemenu.

Livemenu Events
Enable the Systems Events-item in the Livemenu.

API Access
Add this option if users are allowed to view cameras via the HTTP API, IOS app, Android app or Sense Webpage. Without this privilige you are able to login to VDG Sense, but no devices will be displayed.

 

*Note: If a usergroup has “Live Access”, it will have access to all of the Livemenu features. If one or more of the Livemenu functions has been added to the usergroup, the usergroup will only have access to the given functions.

 

Identity Provider

The Identity Provider button opens the dialog to configure an Identity Provider using Keycloak integration. This is used to import users from Active Directory or other identidy provider configured in Keycloak.

The following dialog is opened:

 

  • Token URI: It is recommended to run Keycloak on the management server do the host is 127.0.0.1 by default using port 8080 (default for keycloak). This URI is to get an access token for the 'realm' (bold) configured in keycloak. This can be different depending on keycloak configuration:

  • Query URI: It is recommended to run Keycloak on the management server do the host is 127.0.0.1 by default using port 8080 (default for keycloak). This URI is to retrieve the users in the 'realm' (bold) configured in keycloak. This can be different depending on keycloak configuration:

  • Client ID: ClientID configured in Keycloak

  • Client Secret: Client Secret configured in keycloak for the Client ID

If these settings are configured correctly the '+' button to add user will have an extra option to add users from the identity provider:

Selecting ‘Identity Provider' will open the following dialog:

These are the users available in Keycloak which could be added to the VDG Sense userlist. Double-click on a user will add the user to the userlist:

It is in bold to highlight that this user is from an external identity provider. These users can also be added to user groups just like normal VDG Sense users. Password cannot be changed because that is defined within the Identity Provider. It can be given administrator rights if required.