VMS User Management Guide

By: Sarit Williams, Published on Dec 03, 2013

Properly managing user access to video management systems is a key factor, especially in larger systems that consist of dozens, hundreds or even thousands of recorders. In this guide, we explain tradeoffs of different approaches to user management and the common options available to do so. 

User Management Options

Type: 4 main approaches exist: local recorder user management, proprietary enterprise user management, Active Directory / LDAP integration and multi-system user management

Default: All VMSes will have a default account created, usually named Administrator that is used as the first account to log into the VMS.

Groups: User grouping can be used to manage a set of users based on roles.

Privileges: When creating users each VMS will require selecting either specific pre-existing privileges assigned for a role/group the user is added to or selecting a custom set of privileges for the user. Furthermore, privileges for a specified user may differ across cameras or servers for the organization.

Auto Login: In some cases the VMS client will have the option to save the user's credentials and automatically login each time the client is used.

Multi-Server: The most common user management problem is when dealing with multiple servers / recorders so that users can be managed across those servers.

User Creation

Most VMSes have several ways to create users in a VMS, some taking longer than others to setup.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

  • VMS User Manager: Using this method usually requires the user's full name, username, role and password
  • Active Directory: This method leverages Windows domain management to import already created users and give them access to the VMS. This saves the administrators time by reducing the redundancy of creating the same user in multiple applications. Furthermore, it allows the end user to use a single password for domain and VMS for example.

Windows user import:

Privileges

Privileges granularity and feature options will vary among VMSes and which features are available for specific security setting. Some VMSes may bundle feature privileges together;for example, if a user has access to PTZ, they will have access to view a camera live by default.

Default Account

All VMSes will likely already have an 'Administrator' or 'Admin' account created that is used to create all other users.  The account may or may not have a password assigned, check the VMS's manual for details.

Like all default passwords, be careful about changing the password. Otherwise, others can look up the default password online and get access to the entire system.

Groups

Some VMSes may already offer pre-created user groups with applicable privileges to allow admins to add users quickly by adding minimal user information. Other VMses don't offer pre defined groups and require the administrator to create them.  Moreover, imported Domain groups will still need to have VMS privileges configured.

Additionally, some VMSes allow creating custom groups and associating specific privileges / features / cameras to that group.

Auto Login

Once a user has been created, most VMS clients will allow a configurable setting for end users to save the credentials in settings to bypass the login prompt and allow for faster login. The credentials may be Windows Domain or newly created VMS credentials.

Logging / Auditing Use

Creating and enforcing unique users is critical if one ever wants to audit activities in the VMS. For instance, if you want to know who exported a certain video clip or who changed a camera setting, letting everyone use a generic 'admin' account, will make that very difficult.

Multi Server User Management

In larger systems, users will frequently need access to dozens, hundreds or even thousands of recorders. They clearly will not want to remember / recall a unique password for each.

  • Duplicate user: Create the same user with same credentials in each recorder. When this is done, usually the same password is shared by all and rarely, if ever, changed (since it is so time consuming to do so). This is almost as insecure as simply using the default admin password.
  • VMS User Management proprietary software: provided by the manufacturer to manage security and access for all servers. This will usually be available for Enterprise level editions and may require an additional charge. An additional software or appliance is added that acts as a traffic cop between users and recorders, maintaining centralized user management. One downside is the risk of this piece being offline / unavailable.
  • Use Active Directory and or LDAP: Create a domain user once and import to the proper server while setting server specific privileges. This can be done for users or group of domain users and will sometimes need to be synchronized.
  • Multiple Systems proprietary integration: Called 'federation' by a number of VMSes, this allows sharing access to resources across different systems (e.g., airport and the police department) typically only from the same manufacturer. This is not commonly available and typically requires additional licenses / fees.

 

Comments (0) : PRO Members only. Login. or Join.

Related Reports

Bosch Budget 3000i Cameras Tested on Dec 05, 2019
Bosch has long had a hole in its lineup for, as it describes, "competitively-priced cameras". Now, Bosch has released its 3000i series cameras...
AVTech ~$70 IP Cameras Tested Vs Dahua and Hikvision on Dec 04, 2019
Taiwanese manufacturer Avtech is taking direct aim at low cost leaders Dahua and Hikvision with ~$70 starlight and white light illuminator...
Hikvision Global News Reports Directory on Dec 02, 2019
Hikvision has received the most global news reporting of any video surveillance company, ever, ranging from the WSJ, the Financial Times, Reuters,...
Directory of Access Reader Manufacturers on Nov 27, 2019
Credential Readers are one of the most visible and noticeable parts of access systems, but installers often stick with only the brand they always...
Vunetrix Health Monitoring Company Profile on Nov 26, 2019
Vunetrix boasts that they make the integrators the 'HERO' by using Vunetrix's monitoring. We spoke to Vunetrix to better understand their...
Top 2020 Trend - AI Analytics on Nov 22, 2019
170+ Integrators answered: What do you think will be the top industry trend in 2020? Why? For the 4th year in a row, AI/video analytics was...
Avigilon H4 Intercom Tested on Nov 20, 2019
Avigilon is well-known for video surveillance and access, but how well does the company's intercom work? We purchased and tested Avigilon's H4...
Camera Field of View (FoV) Guide on Nov 13, 2019
Field of View (FoV) and Angle of View (AoV), are deceptively complex. At their most basic, they simply describe what the camera can "see" and seem...
Wireless / WiFi Access Lock Guide on Nov 12, 2019
For some access openings, running wires can add thousands in cost, and wireless alternatives that avoid it becomes appealing. But using wireless...
Open vs End-to-End Systems: Integrator Statistics 2019 on Nov 11, 2019
Preference for open systems is on the decline, according to new IPVM statistics. We asked integrators: For video surveillance systems, do you...

Most Recent Industry Reports

Disruptor Wyze Releases Undisruptive Smartlock on Dec 06, 2019
While Wyze has disrupted the consumer IP camera market with ~$20 cameras, its entrance into smart locks is entirely undisruptive. We have...
Bosch Budget 3000i Cameras Tested on Dec 05, 2019
Bosch has long had a hole in its lineup for, as it describes, "competitively-priced cameras". Now, Bosch has released its 3000i series cameras...
Anixter Resisting Takeover From Competitor on Dec 05, 2019
Mega distributor Anixter is going to be acquired but by whom? Initially, Anixter planned to go private, being bought by a private equity firm....
Security Sales Course 2020 - Last Chance Save $50 on Dec 05, 2019
This sales course is customized for the current needs and challenges specific to professionals selling video surveillance and access control...
Ireland National Children's Hospital Chooses Hikvision End-to-End With Facial Recognition on Dec 05, 2019
The world's most expensive hospital project ever, the New Children's Hospital in Ireland, has chosen an all-Hikvision surveillance system including...
AVTech ~$70 IP Cameras Tested Vs Dahua and Hikvision on Dec 04, 2019
Taiwanese manufacturer Avtech is taking direct aim at low cost leaders Dahua and Hikvision with ~$70 starlight and white light illuminator...
Ultinous European Analytics Startup Company Profile on Dec 04, 2019
European analytics-startup Ultinous pitches customers to "Have your own video analysis service!" We spoke to Ultinous to better understand their...
Access Startup Multi-Mount Aims To Streamline Reader Installs on Dec 03, 2019
Startup Multi-Mount claims it makes installing access readers 'Fast', 'Secure,' and fit 'any size frame.' The company states its bracket 'fits most...
Resideo CEO To Step Down on Dec 03, 2019
Resideo's CEO, Mike Nefkins, is stepping down, just 18 months after being brought in to lead the now plagued spin-out. Inside this note, we...
Arcules CEO Retracts False GDPR Claim + Dahua and Milestone Claims Examined on Dec 03, 2019
Arcules CEO has retracted a false claim about his organization being a "fully compliant GDPR company" after IPVM reporting (Arcules CEO Threatens...