A user is a person programmed into the system with access control and alarm function credentials. The user can be assigned access to programmed doors and functions of the system.
The Users page contains the various functions for working with and configuring users, and defining the access they have.
- Users are displayed alphabetically by their Display Name and can be sorted in ascending or descending order by clicking the Display Name column header or the arrow (h or i) icon.
- Search for users by entering part or all of the Display Name in the Filter by name search field.
- When you click on a user record the details for that user will open in the programming window. To edit user settings click Edit.
Name
- First Name: The first name of the user.
- Last Name: The last name of the user.
-
Display Name: The display name of the user as it appears on LCD and touchscreen keypads and within the user interface.
This field is automatically populated based on the first/last names entered, but can be customized.
The keypad can only display the first 16 characters of the display name.
-
Display Name (Second Language): The display name of the user as it appears within the Protege X user interface when the operator's Portal Settings display language is set to a language other than English.
When the Protege X display language is set to any language other than English, all 'Second Language' values become the primary value, and the English versions are displayed as the 'Second Language' value.
- First Name (Second Language): The first name of the user when the user interface is set to a language other than English.
- Last Name (Second Language): The last name of the user when the user interface is set to a language other than English.
General
Location Group
Only available when LBAC Mode is enabled (see Using Location-Based Access Control (LBAC)).
-
Location Group: Select the location group that this user belongs to. Operators can only view and edit this user if they have access to one of the same locations. In addition, the user can only be assigned access levels that belong to the same location group or a subset of their locations (e.g. users with the California location group could be assigned access levels from the California, LA or San Francisco location groups).
Access Levels
This section controls the access levels assigned to each user. Whenever the user performs an action (such as requesting access to a door or logging in to a keypad), the system checks their assigned access level(s) to determine whether they have the necessary permissions.
- Name: The name of the access level assigned to the user.
-
Schedule: Determines when the permissions provided by the access level are valid for the user. This is combined with any schedules set in the access level itself, as well as associated records such as door or floor groups.
The user only has access if all relevant schedules are valid.
-
Expiry Enabled: Optional setting to define a start and expiry date for the access level. When this option is enabled the access level will expire based on the defined dates. The permissions of this access level will only apply to the user between the expiry start and end dates.
Multiple copies of the same access level can be assigned to a single user with different expiry times, allowing for periodic access. For example, a technician may only be able to access the building for a few days per month.
- Expiry Start: The access level will become valid for the user from this date.
- Expiry Start Time: The access level will become valid for the user from this time on the expiry start date (default is 00:00).
- Expiry End: The access level will become invalid for the user after this date.
- Expiry End Time: The access level will become invalid for the user after this time on the expiry end date (default is 23:59).
Assigning Access Levels
- Click Add to assign access levels to the user.
- Select (highlight) one or more access levels to assign to the user, then click Select.
- Configure additional settings for each access level as required.
The controller checks all access levels applied to a user. Generally if access is granted by one access level and denied by another, access will be granted.
Cards
- Facility Number: The access card's facility/site code.
- Card Number: The card number for the user.
Protege WX controllers support a maximum of eight access cards, so only the first eight card records in Protege X are downloaded to the controller. Any card records after the first eight will be ignored.
Credentials
This section allows you to manage the custom credentials available to users.
- Name: The custom credential type that the credential is associated with (e.g. license plate, custom card format, compliance type, etc.)
- Disabled: Toggle this setting to enable/disable the credential type for the user.
- Credentials: The specific credential data for the user (e.g. their license plate).
Assigning Credentials
- Click Add to assign credentials to the user.
- Select (highlight) one or more credential types to assign to the user, then click Select.
- Enter the specific user Credentials data for each credential type.
PIN
- PIN Code: A user's PIN is used to log in to keypads and access doors (via card readers with PIN pads). The maximum PIN length is 8 digits.
-
PIN Expiry Time: Sets the length of time before the current PIN expires.
The first time the user logs in to a keypad after their PIN expires they will be prompted to change their PIN. The user will not be able to use an expired PIN for door access.
-
Generate PIN of Length: Click one of the [4] [5] [6] [7] [8] buttons to automatically generate a random PIN of the selected length.
The new PIN will be visible to the operator until the user record is saved. After that, authorized operators will be able to see that the user has a PIN assigned but will not be able to read the user's PIN.
Notes
- Notes: A free-text field for miscellaneous notes relating to the user.
Options
Start Date
-
Enabled: Optional setting to define a start date for the user. For example, this could be used to automatically activate access for an employee who is due to start work on a specific date.
When this option is enabled the user will not be able to gain access before the date and time specified.
- Start Date: The date the user record will be activated.
- Start Time: The time the user record will be activated.
Expiry Date
-
Enabled: Optional setting to define an expiry date for the user. For example, this could be used to automatically remove access from a contractor who is due to finish the job at a fixed date.
The user record will expire after the time and date specified and the user will no longer be able to gain access.
- Expiry Date: The date the user record will be deactivated.
- Expiry Time: The time the user record will be deactivated.
General Options
-
Disable User: When selected the user record is disabled, preventing them from using any access permissions.
-
The record is not deleted and can be re-enabled at any time.
-
-
Show A Greeting Message To User: When this option is enabled the user will be shown a greeting (e.g. 'Good Morning John Smith') on the keypad when they log in.
-
Disabling this option instructs the keypad to proceed directly to the menu when the user logs in.
-
-
Go Directly to the Menu on Login: By default, when a user logs in to a keypad they will be presented with the area control menu, allowing them to arm and disarm available areas. When this option is enabled the user will be taken directly to the keypad's main menu instead. Users can still access area control from the main menu.
-
User Can Acknowledge Alarm Memory: When this option is enabled the user is able to acknowledge the alarm memory for available areas at the keypad.
-
The alarm memory can be viewed by pressing [Menu] [5] [1] and records the last four alarm activations in each area.
-
-
Show Alarm Memory On Login: With this option enabled, if there have been any alarms in the keypad's primary area the keypad will display the alarm memory to the user as soon as they log in.
- With this option disabled the user must navigate to the View menu to acknowledge any alarms.
- The keypad's primary area is defined in the Area this LCD belongs to in the keypad configuration.
This option is equivalent to the Show User Alarm Memory Logon option in Groups | Menu Groups | Options. Alarms can be acknowledged if either option is enabled.
-
Turn Off The Primary Area On Login If User Has Access: With this option enabled, whenever the user logs in to the keypad the keypad's primary area will be disarmed.
This will only work if the user has access to disarm that area - i.e. the area is included in the Disarming Area Groups of the access level.
The keypad's primary area is defined in the Area this LCD belongs to in the keypad configuration.
- Turn Off The User Area On Login If User Has Access: With this option enabled, whenever the user logs in to the keypad the User Area will be disarmed.
-
Acknowledge System Troubles: When this option is enabled the user can acknowledge certain system trouble conditions using the keypad.
-
System troubles can be viewed by pressing [Menu] [5] [2] on the keypad, and acknowledged by pressing [Enter].
-
-
Treat User PIN+1 As Duress: When this option is enabled the user's PIN + 1 is treated as a duress code.
- When this special code is entered at a keypad or reader PIN pad access will be granted (or denied) as normal, but a User Duress (for keypads) or Door Duress (for reader PIN pads) trouble input will be opened. The trouble input will be closed when the normal user PIN is entered.
To calculate the duress code, 1 is added to the last digit of the user PIN. For example, if the normal PIN is 1234 the duress code will be 1235. If the final digit is 9 then 0 as the final digit generates a duress code. User PINs must be longer than 3 digits for this feature to function correctly.
Advanced Options
-
User Has Super Rights And Can Override Antipassback: When this option is enabled the user is considered a 'super user' by the system. This grants the following permissions:
- Override dual code requirements for doors and areas
- Ignore antipassback rules
- Unlock doors that have been locked down
-
User Operates Extended Door Access Function: With this option enabled, whenever this user is granted access to a door the lock will open for the Door Extended Access Time (set in Programming | Doors | Advanced Options) instead of the standard Lock Activation Time. This can be used to grant people with mobility issues additional time to access doors.
-
User Loiter Expiry Count Enabled: When this option is enabled the user will be included in loiter area processing. This feature can be used to prevent users from remaining too long in transitional areas, such as corridors and carparks.
-
When this option is disabled this user is not affected by loiter area programming.
Loiter area programming must be configured correctly in the relevant area(s). For more information, see the Area Enabled In Loiter Mode option in Areas | Options 1.
-
-
User Is A Duress User: With this option enabled, when this user's PIN is entered at a keypad or reader PIN pad it will be processed as a duress code.
-
Access will be granted (or denied) as normal based on the duress user's access level, but a User Duress (for keypads) or Door Duress (for doors) trouble input will be opened. The trouble input will be closed when a normal user PIN is entered.
-
This option should be used when the site requires duress codes that are common to multiple users.
This option should not be applied to regular users. Use the Treat User PIN Plus 1 As Duress option to give each user a unique duress code.
-
-
Rearm Area In Stay Mode: Enabling this option allows the user to set areas to automatically rearm in stay mode. When the user disarms an area with the User Rearm In Stay Mode option enabled (Areas | Options 2), the area will remain disarmed for a set period (the Rearm Area Time in Areas | Configuration), then automatically stay arm.
-
This option is useful for people who work outside normal hours, allowing them to disarm the inside of the building and secure the perimeter.
-
Dual Custody Options
- Dual Custody Master: When a door type has the Requires Dual Authentication option enabled (Programming | Door Types | Options), two users must enter valid credentials for the door to unlock. By default, a Dual Custody Master must enter their credentials first to initiate dual authentication, followed by a dual custody provider or another master.
-
Dual Custody Provider: When a door type has the Requires Dual Authentication option enabled (Programming | Door Types | Options), two users must enter valid credentials for the door to unlock. By default, a Dual Custody Provider cannot initiate dual authentication, but can complete the process once a dual custody master has initiated it.
When the Dual Card Provider Can Initiate Access option is enabled in the door types programming, either a dual custody master or provider can initiate dual authentication.
Advanced
-
User Area: This field allows you to set an area that the user is associated with.
- If the Turn Off The Primary Area On Login If User Has Access option is enabled (Options section), whenever the user logs in to a keypad the user area will automatically be disarmed.
- The Disarm Users Area On Valid Card option (Controller Records | Reader Expanders | Reader 1/2 | Misc Options) allows the user to automatically disarm the user area when they badge at the corresponding reader.
- The Arm Users Area option (Controller Records | Reader Expanders | Reader 1/2 | Misc Options) allows the user to automatically force arm the user area when they badge twice at the reader.
- Default Language: Defines the language that will be used when the user logs in to a keypad.
- Reporting ID: The code by which the user is reported to a monitoring station. ContactID, SIA, and ReportIP use this code.
- Company Name: The company associated with the user.
- Phone Extension: The user's phone extension for integration with an entry station directory.
Manual User Commands
Clicking the button beside a user record (only visible when hovering) opens a menu with manual commands for that user.
Control
-
Reset Antipassback: This command resets the antipassback status of a user.
This will allow the user to enter or leave any area that they have been denied access to due to antipassback rules.
Antipassback functionality must be configured using the Entry/Exit Passback Mode in Programming | Door Types | General.