This guide is intended to be used as a standard guide for the Primis Access Control System. General Linux knowledge and Primis Certification Training Knowledge are expected.

To find documentation available for all products, go to https://www.identiv.com/Primis.

To find related vendor documentation on Cisco Switches, go to www.cisco.com.

To find related vendor documentation on Veridt Readers, go to www.veridt.com.

Launch a web browser (Internet Explorer, Firefox, or other browser that allows pop-ups).

Open

In the Address field, type http://<Primis ip address>/ and press Enter.  For convenience, this page should be bookmarked.

To login to Primis:

Open

1. Enter the Default Username and the Password.

2. Click on the LOGIN button.

To log off, click on the Log Out button.

Open

As a security feature, after a certain period of inactivity, Primis will automatically log you off. At that point, the login page will appear, and the user will have to log back in.

Below is a screenshot of the Primis Administration software. It shows the optional Alert Level bar. Below the Alert Level bar, is the Navigation Tabs. It allows you to access the main areas of the Primis software – the current tab is underlined (i.e. the System tab below). To the right of the Navigation Tabs is the Site dropdown box where you can select the site to view or configure. The Log Out button is located beside the Site drop-down menu. The Actions Bar near the bottom of the screen contains buttons to add, delete, edit, and save. The Quick Links at the bottom of the page reveal company, service, contact, and version information. The manual can also be downloaded from the quick links bar.

Open

Each Navigation Tab contains Navigation Links on the left-hand side. If a navigation link contains a blue arrow at the end of the line, it can be opened to reveal its own sub-links. The current link is highlighted, and its selected sub-link is indicated by a black arrow.

Open

You can close an open link by clicking its orange down arrow.

The first Administrator account created should be given full permission to manage all aspects of a Primis installation.  Additional accounts can be given less control over the installation depending on the role that each user plays in managing or supporting the installation. Users with an Administrator Account for the installation cannot create, modify or delete other accounts that have more privileges than their own. The extent to which one can create, modify, or delete accounts is limited to users with fewer privileges than the account under which one is currently logged in.

To create an Administrator Account with full access and delete the default user:

1. Log in to Primis using the instructions in Login and Log Out above.

2. Click on the System navigation tab at the top of the screen.

3. On the left, click the Administration link.

4. Click the Admin Users sub-link.

5. In the Actions bar, click on Add Admin User. The following screen is displayed:

   Open

   

6. Enter the User ID, Last Name, and First Name.

7. Enter a Password that is different than the one provided.

8. Verify the Password.

9. Beside Business, select All.

10. Beside Sites, select ALL.

11. Select Full Access for all of the parameters from Suites to Active Directory.

12. For Mustering, select the required level.

13. Select the Language that this full administrator would like to use.

14. Select the View Suite/User Page Size 10, 25, or 50 to set the default number of suites/users per page this admin user sees when viewing the listing.

15. Click Save to save the full access admin user.

16. Click the [Log Out] button to log off and test the new user ID.

17. Log in with the user ID and password that was created in the previous steps.

18. Verify that you can log in successfully and that your new user has full privileges.

19. Log out once more and log in using the default user account name.

20. Click on the System tab, Administration, Admin Users and select the default “Primis” user account.

21. Change one of its privileges and click Save.

22. Log out and log in again as your newly created user.

23. Go to Admin Users again and select the default “Primis” user account.

24. Click on Delete and OK.

Once the admin user is saved, the user ID field cannot be edited.  This field specifies a unique admin user profile. You can change the other fields after an admin user profile has been saved.

In addition to the full access administrator, there can be limited administrative users that can add/modify/delete cardholder access. The privileges of these admin users can be fine-tuned to restrict or grant access to certain functions of the software. These restrictions include the modification of Controlled Areas, Access Groups, Devices, and Users. Admin users can also be assigned to certain sites within Primis, further restricting and partitioning data, thereby limiting their Admin access.

To add an Admin User:

Follow Steps 1 to 15 above to add new Admin Users. Each of the software’s tabs or links is listed with the following options:

• No Access: the tab or action will not appear in the toolbar or action menu for this admin user

• Read Only: only read permissions are given to selected tabs or actions

• Full Access: the user can modify every aspect of the section

Open

Open

You will be able to assign Admin Users to the sites that they are allowed to administer (i.e. The user hoffjenn01 is limited to the control of the sites Distribution Centre, Huston Office, and Sales Office - Vancouver). Once the admin user logs in to the system, the sites that they have access to will appear in a dropdown list on the top-right corner of the screen. By selecting a Site from the dropdown list, the Admin User will only see data corresponding to that Site. Also, any data added (i.e. adding a controlled area) will be added to the Site that is currently selected.

Date and time settings for Primis servers can be set either manually or by using a network time protocol (NTP) server. An NTP server is the recommended method for keeping the date and time in sync with other systems.

An NTP server is the recommended method for keeping the date and time in sync with other systems. However, it does require either a local NTP server or an internet connection. NTP Server could be an internal company-facing NTP server or an external public facing.

To set the system time and date using NTP Settings:

1. Click on the System navigation tab.

2. On the left, click the Utilities link.

3. Click the System Date/Time sub link. The following screen is displayed.

   Open

   

    

4. Select a Time Zone from the dropdown box.

5. Check the Enable NTP box.

6. Enter an IP address or a hostname for the NTP Server pool.ntp.org is a commonly used public NTP server. If no local NTP server is available this hostname can be used.

7. Click Save.

When changing the time or the date of a Primis/Enterphone System, the synchronizing of schedules and events are not done until the following day at midnight. For proper scheduling, please restart the Primis server using the reboot link from the Utilities section.

If you are not using an NTP server, you can set the date and time manually.

1. Click on the System navigation tab.

2. On the left, click the Utilities link.

3. Click the System Date/Time sub link.

4. Select a Time Zone from the dropdown box

5. Select the date from Set Date.

6. Select the time from Set Time.

7. Click Save to save the date and time.

8. Once the date is set, click the Reboot link at the bottom of the Utilities list.

9. Click the Reboot button.

The Primis Server has a built-in set of Card Format Definitions that determine how Wiegand data is being translated (e.g. Wiegand 75 bit, FIP-201 200 bit).  Upon card swipe, Primis performs a sequential look-up of this list to find the best fitting definition.

To adjust this lookup behavior:

1. Click on the System navigation tab.

2. On the left, click the Manage Card Format link.

3. To speed up the card format search, put the most relevant definition at the top of the list. If the installation is using Indala 36-bit cards for example – put the Indala 36-bit definition above all other 36-bit formats to ensure correct Wiegand data translation. Use the up/down arrows beside each definition to adjust the order of format preferences.

Open

In case no suitable definition is available, use the Default Card Format drop-down list to select a default format. To narrow down the search, type the card format, and it will list the results. You can click on the required card format directly. Please note that the card format definition in Primis is highly customizable. Please feel free to contact Identiv Technical Support (support@identiv.com ) should you require a custom format.

The links for Dealer and Installer from the Primis Administration software can be configured to match the company that sold and installed the MESH system.

1. Click on the System navigation tab.

2. On the left, click the Administration link.

3. Click the System Parameters sub-link.

4. Edit the dealer.ini and installer.ini files using the in-browser editor or save and edit them locally and restore them. 

For more information, please refer to the instructions in the MESH Parameter Files section.

Identiv’s Primis Encryption Bridges allow door hardware to be connected to Primis servers. Bridges for card readers communicate with Primis software. Data is received from card readers, encrypted, and sent via IP to a Primis server for processing. Relays on the Primis Bridge are activated by commands from a Primis server to lock or unlock doors.

Primis Bridges can be discovered using one of two methods. Either using the Bridge Discovery Tool located in the Primis Administration Software or using the standalone Windows tool called Bridge Configuration Utility (BridgeUtil). For most systems, the built-in web-based discovery tool will be sufficient. If a Primis bridge is not located on the same LAN as the Primis server or is behind a switch/router where UDP MultiCast traffic is being blocked, the bridge utility application should be used on a PC located on the network where UDP traffic is not being blocked.

Once a Primis Bridge is connected to the network, you can scan the network for the added device and add it to the Primis Administration Software using the Primis Bridge Utility.

Open

You can also find the Primis Bridge Utility at the bottom of the Devices - Main page, and click on the Primis Bridge Discovery Tool check box.

Open

1. Click on the System navigation tab.

2. On the left, click the Utilities link.

3. Click the Bridge Utility sub link.

4. Click the [Scan Devices] button. This process might take a minute or two.

5. Click on the MAC address of the device you wish to provision.

   Open

   

    

6. Assign the appropriate IP information to the device or choose DHCP. You may need to contact your system admin for this information. If the DHCP checkbox is checked, the IP, Netmask and Gateway fields are automatically populated once the bridge receives the DHCP information.

7. To update Bridge Configuration only, click on Save. Note that it might take up to two minutes to save.

8. To update and add the Bridge to Primis, check Save & Add Device To Primis checkbox and click Save.

   Open

   

    

9. Enter the name by which you’d like to refer to the device and click the Save button.

This is an option in Primis bridge configuration to lock the system configuration of the bridge. Once you choose to lock the configuration, no changes to the configuration can be made remotely. 

To remove the lock, it requires a manual reset of the bridge that will reset the IP address and require the IP’s be reset.

The Primis Bridge settings can be changed by using Identiv’s Bridge Utility. This program (BridgeUtil.exe) is self-contained, does not require a special install program, and should run on Windows XP, 7, 8.1 and 10.

1. Click on the System navigation tab.

2. On the left, click on the Utilities link.

3. Click the Download sub link.

4. Click on the BridgeUtil link and save the executable on the PC.

5. Locate the BridgeUtil.exe from where it was downloaded. Right click on the executable and select “Run as administrator”

Open

Open

Open

Once the utility starts, click on the [Scan Devices] button and all the bridges on the local network will be displayed by MAC and IP addresses.

Open

6. Double-click on the MAC address of the bridge that needs to be configured.

Open

The settings may be changed and updated as needed. When done hit the Save button

Each Primis Bridge model displays a different properties section. For example, a single port Primis Bridge will only have one reader, input and output properties section; two ports will have two, and so on.

Open

The following tables describe the properties of Primis bridges.

Description: Identifies the LED when adding to Port Trigger Actions or viewing in Activity Logs.

Description: Identifies the Buzzer output when adding to Port Trigger Actions or viewing in Activity Logs.

A Schedule is a given period of time that is applied to different aspects of the software. If a Schedule is added to a Controlled Area, then that schedule activates the devices and outputs in that Controlled Area. If a schedule is linked to a Controlled Area, under User or Guest Access Groups, then the schedule enables or disables access to that controlled area only to the users that are contained in that User Access Group.

A single schedule can contain more than one Period. For example, a schedule named Business Hours can contain a period Monday through Friday, 9 AM ON TIME and 6 PM OFF TIME. If needed, multiple periods can be added to a single schedule.

In addition, Special Days can be added to enable or disable access for certain days only. For example, if a special day is set to January first then that schedule can be turned off on every January first or it can be set to be active only on January first.

The current state (on or off) of all the schedules can be seen on the Schedule tab.

Open

1. Click on the Schedules navigation tab.

2. In the Actions bar, click on Add Schedule. The following screen is displayed:

3. Enter a Name and Description.

4. Select Weekdays OR Special Days.

   1. If you select Weekdays, check the box for each Week Day this schedule applies to and check the box for each Type of Special Day you would like to exclude from this schedule. To add a Special Day, see the instructions in the previous section.

   2. If you select Special Days then you wish to apply this schedule ONLY to the Type of special day that you select in the dropdown box.

5. Enter an ON Time for this schedule.

6. Enter an OFF Time for this schedule.

7. Under Effective Dates, check the Always On box if this schedule is to remain in effect at all times or, if not, enter a Start Date and an Expire Date for this schedule.

8. Click Save.

Special days are an optional addition to a schedule. They can be used for holidays or any other day where a schedule needs an explicit or relative period. Special days are added to schedules as a period so they may need to be configured before adding a schedule.

1. Click on the Schedules navigation tab.

2. On the left, click the Days link.

3. In the Actions bar, click Add Special Day. The following screen is displayed.

   Open

   

    

    

4. Enter the Name of the Special Day.

5. Choose a number for this Type of special day, the number between 1 and 12. Special day types allow the grouping of different special days. For example, a Type 1 special day labeled First of Every Month could contain the first day of every month. In this case, there will need to be 12 special days added, all of them belonging to the Type 1 group.

6. Select Explicit or Relative. An explicit day is a particular day of the year while a Relative day is a day that will occur every month i.e. the first Monday of every month.

7. Enter the Month and Day of the special day if Explicit was selected; select the Day of the Week if Relative was selected.

8. Click Save.

Labels are an optional addition to Special Days. They can be used for holidays or any other day where a schedule needs an explicit or relative period. Labels are added to Days while adding Special Days.

1. Click on the Schedules navigation tab.

2. On the left, click the Labels link. The following screen is displayed.
   
   

   Open

   

3. Enter the Name of the Label. A maximum of 12 different Labels can be added.

4. Click Save.

5. Now while adding Special Days, choose a number for this Type of special day, the number between 1 and 12.
   
   

   Open

   

Once a special day is added, it can be programmed to be a part of a schedule.

Overview

Open

This is the main workspace for calendar schedules. Here are the main components:

• Main screen - This is the calendar scheduler workspace. The main screen has a set of navigation buttons on the left top corner. Various view buttons, such as Day, Week, and Month views are available at the right top corner. The top row labeled as “All Day” can show All-Day events and Special days defined in the “Schedules” section. Special Days are highlighted with stripes and have different color tones.

• Left side pane - This area shows the controlled areas in the site. The checkboxes allow users to show and filter events on the main screen.

• Sync Button - This button allows users to refresh schedules and push updates to Primis devices. Usually, the schedules will be updated by the Primis server at 3AM every day. By clicking the Sync button, the updates will be sent to the Primis server, and the schedules will be activated immediately for today. Resize the web browser to see the Sync button.

• Calendar Events - Events can be recurring or one time. Recurring events are called “series” in the system. Users can create exceptions within a series to either skip certain days or adjust start/end hours.

• Show Full Day - This will display the full day hours, 12AM-12PM.

• Show Business Hours: By clicking this by button, it will display only business hours 8AM-5PM.

Open

Open

Open

Open

Open

For the year view, every date that has a square border presents a special day (e.g. holiday). The one highlighted in blue marks today’s date. Any date that has a small “.” indicates that events are present on the day: