Versions Compared

Version Old Version 11 New Version 12
Changes made by

Vinodhraj DP

Vinodhraj DP

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Introduction

Table of Contents
minLevel1
maxLevel6
outlinefalse
typelist
printablefalse

...

  1. Click on the Access navigation tab.

  2. Click on the User Access Groups, Floor Access Groups or Guest Access Groups link.

  3. In the Actions bar, click on Add Access Group. The following screen is displayed:

  4. Enter a Name and a Description.

  5. Select the Risk Levels during which this group will have access: Low, Guarded, Elevated, High or Severe (the current risk level is always displayed at the top of the Primis screen)
    For more information on Risk Levels see the Alert Level Managementsection.

  6. Select a Controlled Area for this group.

  7. Select a Schedule for the Controlled Area. If that controlled area is not going to be accessed by that User Access Group, leave the schedule as Always Off.

  8. If you need an additional line for extra Controlled Areas and/or Schedules, click the + button beside the current line. To delete a line, click the button.

  9. Click Save.

Global User Access Groups

...

  1. Create a new Controlled Area with the elevator reader.

  2. In the new Controlled Area’s Floor tab, select all the associated Floor Areas; specify the desired activation time and click +.

...

Create a Floor Access Group

...

  1. Click on the System navigation tab.

  2. On the left, click on the Utilities link.

  3. Click on the Import Data sub link.

  4. At the bottom of the page under To obtain a Data File Template, right-click on the template and select “Save Target As...”, ”Save Link As...”, or equivalent option from the pop-up menu that appears.

  5. Select a directory to save the Mesh data backup file in the ”Save as” dialog box.

  6. Name the template with the .xls extension. For example, user-template.xls.

  7. If the “Download complete” dialog box persists after the copy completes, click Close. Follow these steps carefully to append data to the database.

 Setting Setting up a database file to import:

...

  1. Login to the Primis administration software using the system user.  Call Identiv Support if you need the system password.  

  2. Click on the System navigation tab.

  3. On the left, click on the Administration link.

  4. Click on the System Parameters sub link.

    Image RemovedImage Added

  5. Click on the siteEngine.ini file to edit it.

  6. Edit the line that reads DBMode=single and change it to DBMode=slave

  7. Click Save.

  8. Select and edit a different System Parameters file called start.ini

  9. Edit the line that reads #sds.service=no and change it to Change to sds.service=yes

  10. Click Save and Reboot the server.

  11. Once the system is rebooted, log back in with the system user and go to the System tab.

  12. In the scope pane on the left, click on Utilities.

  13. Click DB Replication.

    Image RemovedImage Added

  14. Fill in the text boxes on the screen.

    1. Master Node Registration URL: The URL that the slave server will be connecting to for data replication. The URL should be set to the Sync URL configured on the master server.

    2. Sync Name: Name for the configuration. Enter something that will identify the slave server. This field must be alpha-numeric.

  15. Click the Attach button. The slave node configuration will be displayed in the Node section. The Detach button allows users to remove the node from the data replication. Detaching a slave node is a two steps process, refer to the Detaching Slave Server section below for details. The Stop Replication button allows users to stop the database replication process. The Restart Replication button allows users to restart the database replication process.

    Image RemovedImage Added

  16. To verify the slave server is configured properly, login to the master server and go to the System tab. Click on Utilities on the left and select DB Replication.  The client node should be listed.

    Image RemovedImage Added

  17. To verify that the configuration is good, add a controlled area on the master node and verify that it appears on the slave.

...

  1. Logon to the slave server with the system user and go to the System tab.

  2. In the scope pane on the left, click on Utilities.

  3. Click DB Replication.

    Image RemovedImage Added

  4. Click the Detach button to detach the node from the master.

  5. Logon to the master server with the system user and go to the System tab.

  6. In the scope pane on the left, click on Utilities.

  7. Click DB Replication.

  8. Find the client node and click the Delete button to detach the slave server.

    Image RemovedImage Added

Microsoft Active Directory (AD) Integration

...

Primis Commercial or Primis Enterprise links the Primis application to each server; there are three methods of deployment.

...

Understanding Graceful Access

...

  1. Login to Primis with the system account.

  2. Click on the System navigation tab.

  3. On the left, click on the Active Directory link.

    Image RemovedImage Added

Options

Description

Connection Timeout

The connection timeout in seconds to the active directory.

Audit Data Enabled

When this is enabled all changes made through the active directory integrations will be logged in the Audit logs. Enabling this option will dramatically increase the number of logs. The minimum hard disk space recommended is 500 GB when this feature is enabled.

Web Login Enabled

Groups of administrators can be assigned to an administrator account. That account will link the admin profile to that permission for administration. It is recommended that for these types of accounts you name them differently than your standard user base to support the integration.
To allow the login from this group, you must have the Web Login Enabled box checked.

User Sync Start Time

The start time of the synchronization on users, organizational units, and groups from LDAP connections. Multiple synchronization can be scheduled to run at different time of the day.

User Sync Read Timeout

The timeout in seconds before the query issued by user sync is aborted.

Force Update Enabled

This will force user updates from the active directory structure.

Live Update Enabled

This feature enables an OU, Group, and Access Group attribute check against active directory on every card scan. If disabled it will rely on the data from the scheduled synchronization.

Live Update Read Timeout

The timeout in seconds before the query issued by live update is aborted.

Live Update On Imported LDAP Connection

This setting is only applicable when multiple LDAP connections are configured. When enabled, if the PIN/carddata is already imported to Primis, Live Update will be first performed on the LDAP connection where the PIN/carddata is imported from in order to speed up the Live Update process.

...

  1. On the Active Directory Configuration page, click the Add LDAP Connection button.

    Image RemovedImage Added

  2. On the LDAP Connection page, enter the connection information of the LDAP Server. 

    Image RemovedImage Added

Options

Description

Name

The name of the LDAP connection.

Server URL

The URL of the LDAP server.

Search Base

Using the query structure, this is the search base for all queries.

Domain

The DNS name of the domain that you would like to connect to.

Username (User ID)

This is a user that has permissions to query the active directory domain defined.

Password

Password of the active directory user.

...

 To remove a Certificate Policy OID:

Click theX button next to the OID.

...

Extended Key Usage Extensions

...

To remove an extended key usage extension constraint:

Click the button next to the OID.

...

PKI Fault Options

...