Users of Eocortex applications (Enterprise and ULTRA licenses)🔗

To set up the rights of users of the Eocortex system running on Enterprise or ULTRA license, run the Eocortex Configurator, open the /config/svg/ico-tab-users.png Users page and select the Users of Eocortex applications tab.

../../_images/app-users-ultra-group-overview.png
The tree of the groups and the users

The left part of the window contains a hierarchical tree of groups with the surveillance system users created in them. To configure an existing group or an individual user, select the required item in the list — the settings page of the selected group/user will be displayed in the right part of the window.

For the convenience of finding the necessary groups/users, the search field above the list can be used.

Note

Particularities and limitations of user rights:

  • The rights are provided only to the entire groups of users and are extended to all the users of the group. Individual users cannot de granted any rights that differ from the rights of the group.

  • A single user can belong to only one group. A group may not contain users at all, but it is not possible to create a user which does not belong to any group.

  • Every user is assigned a unique password.

  • A user can be moved from one group to another, maintaining its password. The rights of the user in this case are modified according to those of the current group.

User groups in Eocortex running on Enterprise or ULTRA licenses have three levels of rights:

  • Senior administrators: System administrator access level. An embedded group that cannot be deleted, and its rights cannot be modified. Only one group of users with such access level can exist in the system. The users belonging to this group have unlimited configuration access: they are allowed to configure the whole system, create, modify and delete other groups and users, view and listen to any cameras, both in real time and from the archive. This group cannot be deprived of its rights. The configuration of the system must contain at least one member of this group (The default configuration of a system always contains an embedded user named root).

  • Junior administrators: System administrator access level. Users of such group have also the ability to change the selection of the main server, as well as add new cameras and servers to the system. However, they are not allowed to configure the plans and users of the system. Removing a server from the system is available to the junior administrator only if no cameras that are unavailable for this user are bound to this server.

  • Operators: Regular system user access level. The rights of group members with this level of access are limited to viewing cameras without access to the system configuration.

Note

The Senior administrators group must contain at least one account with Eocortex user type. Otherwise, the system configuration will not be applicable.

Warning

When updating the system running on Eocortex ULTRA version 1.4 or older to a later version, the following changes will be applied to user rights:

  • Senior administrators group will be created. All the users with full system configuring rights will be transferred there.

  • All groups which have the rights to partially configure the system become groups with junior administrator level.

  • All groups which do not have system configuration rights become groups with operator level.

At rollback Eocortex to a version earlier than 1.4, all groups with junior administrator rights will have full access to perform configuring of the whole system.

Below is the list of actions available when setting up users of the system. These actions can be performed either from the context menu of the group/user, or using the buttons below the list of users and groups, or via links on the group or user information page. Some actions can be performed in multiple ways, including using hotkeys.

  • /config/users/svg/ico-usersgroup-add.png Add group: Opens the window of adding a group.

  • /config/users/svg/ico-user-add.png Add user: Opens the window of adding a user to the selected group.

  • Add group based on the selected one: Adds a new group with the rights identical to those of the selected group.

  • Edit: Opens the editing window for the selected group or user.

  • Delete: Removes the selected group or user from the configuration.

Warning

The settings will come into effect only after they are applied.

Access levels🔗

Below is a list of the access rights that can be set for the user group with the Junior administrator access level.

Permissions tree
Configuring

Section of access rights settings, which is responsible for the ability to configure the system by a user included in a group with these rights.

Includes the following subsections:

The Servers subsection of access rights settings defines the list of servers that a user from this group can configure.

The Cameras subsection of access rights settings defines the list of cameras that a user from this group can configure.

In addition to setting up the list of cameras available for editing, it is possible set the level of access to camera configuration, which determines a user's ability to change camera settings in the system.

Access levels for configuring cameras:

  • No access

    Complete prohibition on viewing and changing camera settings. The Cameras section of the Configurator application containing camera settings is not available to users with this access level.

  • Viewing settings and adding cameras

    Partial prohibition. Users with this access level can add new cameras and view the settings of cameras that already exist in the system, while at the same time not being able to delete or change the settings of existing cameras, even if they were added by this user.

  • Modifying settings

    Partial prohibition. Users with this access level can view and change the settings of existing cameras without having the right to add new cameras or delete existing cameras.

  • Changing settings and adding cameras

    Partial prohibition. Users with this access level can view and change the settings of existing cameras, as well as add new cameras to the system. Removal of cameras added to the system is not available.

  • Modifying settings, deleting and adding cameras

    No prohibition. Users with this access level can: view and change the settings of existing cameras, add new cameras, delete added cameras.

Surveillance

Access rights settings section, which is responsible for interaction with Eocortex using client applications.

Includes the following subsections:

The Basic subsection determines the accessibility of sections and functions of the Eocortex Client application to users belonging to this group.

  • Camera control

    • Audio streaming from camera

      Provides the ability to listen to the sound received from the camera microphone. To receive sound in the system, the camera must have the Sound capturing option enabled in the connection settings.

    • Broadcast sound to camera

      Provides the ability to transmit sound from a microphone installed at a user's workplace to the camera speaker. To transmit sound from the system, the camera must have the Sound transmission option enabled in the connection settings.

    • Observation mode change

      Provides the ability to arm one or more cameras with the Guard mode in the Eocortex Client application in order to receive notifications when alarm events occur.

    • PTZ Cameras management

      Provides the ability to use the PTZ functionality of the camera in the Eocortex Client application. To use the PTZ functionality, the camera must have the PTZ capabilities option enabled in the connection settings. Eocortex systems with Enterprise and ULTRA allow the system administrator to additionally prioritize user commands in case of simultaneous control of a single camera from multiple workplaces. The following priority levels are available:

      • Priority: minimum

      • Priority: low

      • Priority: medium

      • Priority: high

      • Priority: maximum

      Note

      When using PTZ functionality by two users with equal priority, the commands of a user who started controlling the camera first will be executed.

    • Archiving management

      Provides the ability to manually enable recording of the camera stream to the Eocortex archive, if the recording option Manual, On motion or Scheduled is selected for this camera in the Archive Recording Settings.

  • Configuring

    • Changing password from client

      Gives a user the ability to change the password for his system account in the Eocortex Client application.

    • Configure workplace

      Gives a user the ability to change the Workplace Settings in the Eocortex Client application.

    • Editing face database and license plate database data

      Determines the possibility of adding, modifying and deleting entries in the databases of the License Plate Recognition and Face Recognition modules.

  • Eocortex client applications capabilities

    • Log access

      Specifies whether the Events Log is available to a user.

      Access to the Log can be granted to a user with one of two levels:

      • Current user in log only

        For a user, in addition to general system events (loss of connection with the camera, analytics events, etc.), only those events that were caused by his actions (execution of a user task, archive export, etc.) will be displayed.

      • All system users in log

        A user will see all system messages will be displayed, including those caused by the actions of other users.

    • Videowall access

      Determines the availability of the Video Wall functionality for a user.

      Even if this right is disabled for a user, the monitor from his workplace still can be used to create a video wall controlled from another workplace.

    • Chat access

      Determines the availability of the Chat functionality for a user.

    • Access to reports

      Determines for a user the ability to build reports based on the data collected by the Eocortex system (Archive depth, Face Recognition Report, etc.).

    • Access to archive marks

      Determines for a user the ability to create and view Archive Bookmarks.

    • Access to the episode archive

      Determines for a user the ability to create, view and delete archive episodes in the Episode Archive.

      This right has several access levels:

      • Viewing (only your own)

      • View (all)

      • Creating and viewing (only your own)

      • Creating and viewing (all)

      • Creating, viewing, and deleting (only your own)

      • Creating, viewing, and deleting (all)

    • Access to maps

      Determines the availability of the Maps section for a user.

    • Access to search for objects

      Determines for a user the ability to use data collected by the system using the Search for Objects module.

    • Close application

      Determines the ability for a user to close the window of the Eocortex Client application using standard methods.

    • Limitation of the number of connections

      Sets a limit on the number of simultaneous connections using the credentials of the same user.

    • Application launch delayed

      Prevents a user from being forced to immediately restart the application when changes are made to the system settings.

      Warning

      This right allows to delay the restart of the Eocortex Client application, but the user must still restart the application when appropriate for the changes to take effect.

    • User tasks launch

      Provides the ability to execute User tasks.

    • Camera cell control

      Provides a user with the ability to interact with camera cells: drag and drop cameras between cells, use the context menu and cell interface elements.

    • Access to face and license plate databases

      Provides a user with the ability to view entries in the databases of the License Plate Recognition and Face Recognition modules.

      Warning

      Disabling this right will automatically disable the Editing face database and license plate database data right.

    • Adjusting the number of occupied parking spots

      Allows a user to make changes to the data displayed in the Occupied Parking Spots counter of the License Plate Recognition module.

    • Accept alarms without obligatory comments

      Allows a user to confirm receipt of an alarm event of the camera without having to add a comment about the received alarm. Upon deactivation of a right the automatic alarm acceptance will be disabled.

    • Archive export

      Provides the ability to export fragments of the system archive as MCM, MP4 or AVI files.

    • Archive expert mode access

      Allows a user to interact with the archive in the mode of simultaneous viewing of multiple cameras.

    • Editing views

      Allows a user to create and edit views.

      Applies only to views created in the Eocortex Client application directly at a user's workplace.

      Does not affect server views created and edited in Eocortex Configurator.

    • Blurring disabled

      Allows a user to disable image blurring imposed by the Frame area blurring module.

  • Interaction with external components

    • Receive push notifications

      Allows a user to receive Push notifications in Eocortex mobile applications (iOS, Android) authorized under his account.

    • Connection via mobile devices and Web-Client

      Allows using a user account for authorization in Eocortex mobile applications (iOS, Android) and Web Client.

The Cameras subsection defines the list of cameras available for viewing in Eocortex client applications. Both full access to the camera, and partial access to only the archive or only to the live video of the camera can be provided.

One right for surveillance and archive

An option that speeds up the process of setting up access to cameras. If enabled, a user will be granted both access rights to the camera at the same time — to the live video and to the archive of the camera. Can be disabled for more fine-grained access customization with separate rights.

  • Surveillance

    The user has access to the camera's live video.

  • Archive

    The user has access to the camera's archive recordings.

The Views subsection defines the list of views available to a user in the Eocortex Client application.

The Modules subsection defines the list of video analytics modules available to a user in the Eocortex Client application.

The Plans subsection defines the list of plans available to a user in the Eocortex Client application.

Adding a group

Adding the group

To add a group, press the Add a group button at the bottom of the panel. In the window that appears, specify the Group name and Role, the Notes field is optional.

../../_images/jun-adding-group.png

Granting rights

Permissions for this user group are configured on the Configuring and Surveillance tabs.

../../_images/jun-granting-right.png

Group permissions overview

The permissions configured for a group are displayed when the corresponding group is selected.

../../_images/jun-group-permissions-overview.png
Editing the group

To edit the group settings, press the Edit button or select the corresponding item in the context menu.

../../_images/jun-editing-group.png

To edit one permission item, just select the item and press the /mobile/web/svg/ico-pencil.svg icon.

../../_images/jun-editing-group-individual.png
Adding the user

To add a user, press the Add user button at the bottom of the panel. In the window that appears, specify the name of the user.

../../_images/jun-adding-user.png

To edit the user settings, press the Edit button or select the corresponding item in the context menu.

../../_images/jun-editing-user.png

Below is a list of the access rights that can be set for the user group with the Operator privilege level.

Permissions tree

The Surveillance section of access rights settings is responsible for interaction with Eocortex using client applications.

Includes the following subsections:

The Basic subsection determines the accessibility of sections and functions of the Eocortex Client application to users belonging to this group.

  • Camera control

    • Audio streaming from camera

      Provides the ability to listen to the sound received from the camera microphone. To receive sound in the system, the camera must have the Sound capturing option enabled in the connection settings.

    • Broadcast sound to camera

      Provides the ability to transmit sound from a microphone installed at a user's workplace to the camera speaker. To transmit sound from the system, the camera must have the Sound transmission option enabled in the connection settings.

    • Observation mode change

      Provides the ability to arm one or more cameras with the Guard mode in the Eocortex Client application in order to receive notifications when alarm events occur.

    • PTZ Cameras management

      Provides the ability to use the PTZ functionality of the camera in the Eocortex Client application. To use the PTZ functionality, the camera must have the PTZ capabilities option enabled in the connection settings. Eocortex systems with Enterprise and ULTRA allow the system administrator to additionally prioritize user commands in case of simultaneous control of a single camera from multiple workplaces.

      The following priority levels are available:

      • Priority: minimum

      • Priority: low

      • Priority: medium

      • Priority: high

      • Priority: maximum

      Note

      When using PTZ functionality by two users with equal priority, the commands of a user who started controlling the camera first will be executed.

    • Archiving management

      Provides the ability to manually enable recording of the camera stream to the Eocortex archive, if the recording option Manual, On motion or Scheduled is selected for this camera in the Archive Recording Settings.

  • Configuring

    • Changing password from client

      Gives a user the ability to change the password for his system account in the Eocortex Client application.

    • Configure workplace

      Gives a user the ability to change the Workplace Settings in the Eocortex Client application.

    • Access to new added cameras

      If enabled, a user from this group will be automatically granted access rights to all cameras added to the system later. If security policies require strict restriction of camera accessibility for users, it is recommended to disable this option and grant access to the required cameras to each user group manually.

    • Editing face database and license plate database data

      Determines the possibility of adding, modifying and deleting entries in the databases of the License Plate Recognition and Face Recognition modules.

  • Eocortex client applications capabilities

    • Log access

      Specifies whether the Events Log is available to a user.

      Access to the Log can be granted to a user with one of two levels:

      • Current user in log only

        For a user, in addition to general system events (loss of connection with the camera, analytics events, etc.), only those events that were caused by his actions (execution of a user task, archive export, etc.) will be displayed.

      • All system users in log

        A user will see all system messages will be displayed, including those caused by the actions of other users.

    • Videowall access

      Determines the availability of the Video Wall functionality for a user. Even if this right is disabled for a user, the monitor from his workplace still can be used to create a video wall controlled from another workplace.

    • Chat access

      Determines the availability of the Chat functionality for a user.

    • Access to reports

      Determines for a user the ability to build reports based on the data collected by the Eocortex system (Archive depth, Face Recognition Report, etc.).

    • Access to archive marks

      Determines for a user the ability to create and view Archive Bookmarks.

    • Access to the episode archive

      Determines for a user the ability to create, view and delete archive episodes in the Episode Archive. This right has several access levels:

      • Viewing (only your own)

      • View (all)

      • Creating and viewing (only your own)

      • Creating and viewing (all)

      • Creating, viewing, and deleting (only your own)

      • Creating, viewing, and deleting (all)

    • Access to maps

      Determines the availability of the Maps section for a user.

    • Access to search for objects

      Determines for a user the ability to use data collected by the system using the Search for Objects module.

    • Close application

      Determines the ability for a user to close the window of the Eocortex Client application using standard methods.

    • Limitation of the number of connections

      Sets a limit on the number of simultaneous connections using the credentials of the same user.

    • Application launch delayed

      Prevents a user from being forced to immediately restart the application when changes are made to the system settings.

      Warning

      This right allows to delay the restart of the Eocortex Client application, but the user must still restart the application when appropriate for the changes to take effect.

    • User tasks launch

      Provides the ability to execute User tasks.

    • Camera cell control

      Provides a user with the ability to interact with camera cells: drag and drop cameras between cells, use the context menu and cell interface elements.

    • Access to face and license plate databases

      Provides a user with the ability to view entries in the databases of the License Plate Recognition and Face Recognition modules.

      Warning

      Disabling this right will automatically disable the Editing face database and license plate database data right.

    • Adjusting the number of occupied parking spots

      Allows a user to make changes to the data displayed in the Occupied Parking Spots counter of the License Plate Recognition module.

    • Accept alarms without obligatory comments

      Allows a user to confirm receipt of an alarm event of the camera without having to add a comment about the received alarm. Upon deactivation of a right the automatic alarm acceptance will be disabled.

    • Archive export

      Provides the ability to export fragments of the system archive as MCM, MP4 or AVI files.

    • Archive expert mode access

      Allows a user to interact with the archive in the mode of simultaneous viewing of multiple cameras.

    • Editing views

      Allows a user to create and edit views.

      Applies only to views created in the Eocortex Client application directly at a user's workplace.

      Does not affect server views created and edited in Eocortex Configurator.

    • Blurring disabled

      Allows a user to disable image blurring imposed by the Frame area blurring module.

  • Interaction with external components

    • Receive push notifications

      Allows a user to receive Push notifications in Eocortex mobile applications (iOS, Android) authorized under his account.

    • Connection via mobile devices and Web-Client

      Allows using a user account for authorization in Eocortex mobile applications (iOS, Android) and Web Client.

The Cameras subsection defines the list of cameras available for viewing in Eocortex client applications.

One right for surveillance and archive

An option that speeds up the process of setting up access to cameras. If enabled, a user will be granted both access rights to the camera at the same time — to the live video and to the archive of the camera. Can be disabled for more fine-grained access customization with separate rights.

  • Surveillance

    The user has access to the camera's live video.

  • Archive

    The user has access to the camera's archive recordings.

The Views subsection defines the list of views available to a user in the Eocortex Client application.

The Modules subsection defines the list of video analytics modules available to a user in the Eocortex Client application.

The Plans subsection defines the list of plans available to a user in the Eocortex Client application.

Adding a group

Adding the group

To add a group, press the Add a group button at the bottom of the panel. In the window that appears, specify the Group name and Role, the Notes field is optional.

../../_images/adding-group.png

Granting rights

Permissions for this user group are limited to the Surveillance tab.

../../_images/granting-right.png

Group permissions overview

The permissions configured for a group are displayed when the corresponding group is selected.

../../_images/group-permissions-overview.png
Editing the group

To edit the group settings, press the Edit button or select the corresponding item in the context menu.

../../_images/operator-editing-group.png

To edit one permission item, just select the item and press the /mobile/web/svg/ico-pencil.svg icon.

../../_images/operator-editing-group-individual.png
Adding and editing the user

To add a user, press the Add user button at the bottom of the panel. In the window that appears, specify the name of the user.

../../_images/operator-adding-user.png

To edit the user settings, press the Edit button or select the corresponding item in the context menu.

../../_images/operator-editing-user.png
Adding the user

To add Active Directory group or user, press Change type to Active Directory user link.

In the opened window type Active Directory name and password of the user who has rights to search Active Directory catalogue.

Then in the Add User window, in the filter section, enter part of the name or description which will be used for searching; mark the types of entries to be searched for (Users and/or Groups), then click Start search.

In the lower part of the window you will see a list of found users/groups. If Name and Description fields are left blank, the complete user/group list will be displayed.

config/users/img/ultra/app-users-ultra-new-user-ad.gif

Note

When Active Directory group is added to the list of users, the corresponding permissions will be extended to all users of this Active Directory group.