VMS User Management Guide

By: Sarit Williams, Published on Dec 03, 2013

Properly managing user access to video management systems is a key factor, especially in larger systems that consist of dozens, hundreds or even thousands of recorders. In this guide, we explain tradeoffs of different approaches to user management and the common options available to do so. 

User Management Options

Type: 4 main approaches exist: local recorder user management, proprietary enterprise user management, Active Directory / LDAP integration and multi-system user management

Default: All VMSes will have a default account created, usually named Administrator that is used as the first account to log into the VMS.

Groups: User grouping can be used to manage a set of users based on roles.

Privileges: When creating users each VMS will require selecting either specific pre-existing privileges assigned for a role/group the user is added to or selecting a custom set of privileges for the user. Furthermore, privileges for a specified user may differ across cameras or servers for the organization.

Auto Login: In some cases the VMS client will have the option to save the user's credentials and automatically login each time the client is used.

Multi-Server: The most common user management problem is when dealing with multiple servers / recorders so that users can be managed across those servers.

User Creation

Most VMSes have several ways to create users in a VMS, some taking longer than others to setup.

Get Notified of Video Surveillance Breaking News
Get Notified of Video Surveillance Breaking News

  • VMS User Manager: Using this method usually requires the user's full name, username, role and password
  • Active Directory: This method leverages Windows domain management to import already created users and give them access to the VMS. This saves the administrators time by reducing the redundancy of creating the same user in multiple applications. Furthermore, it allows the end user to use a single password for domain and VMS for example.

Windows user import:

Privileges

Privileges granularity and feature options will vary among VMSes and which features are available for specific security setting. Some VMSes may bundle feature privileges together;for example, if a user has access to PTZ, they will have access to view a camera live by default.

Default Account

All VMSes will likely already have an 'Administrator' or 'Admin' account created that is used to create all other users.  The account may or may not have a password assigned, check the VMS's manual for details.

Like all default passwords, be careful about changing the password. Otherwise, others can look up the default password online and get access to the entire system.

Groups

Some VMSes may already offer pre-created user groups with applicable privileges to allow admins to add users quickly by adding minimal user information. Other VMses don't offer pre defined groups and require the administrator to create them.  Moreover, imported Domain groups will still need to have VMS privileges configured.

Additionally, some VMSes allow creating custom groups and associating specific privileges / features / cameras to that group.

Auto Login

Once a user has been created, most VMS clients will allow a configurable setting for end users to save the credentials in settings to bypass the login prompt and allow for faster login. The credentials may be Windows Domain or newly created VMS credentials.

Logging / Auditing Use

Creating and enforcing unique users is critical if one ever wants to audit activities in the VMS. For instance, if you want to know who exported a certain video clip or who changed a camera setting, letting everyone use a generic 'admin' account, will make that very difficult.

Multi Server User Management

In larger systems, users will frequently need access to dozens, hundreds or even thousands of recorders. They clearly will not want to remember / recall a unique password for each.

  • Duplicate user: Create the same user with same credentials in each recorder. When this is done, usually the same password is shared by all and rarely, if ever, changed (since it is so time consuming to do so). This is almost as insecure as simply using the default admin password.
  • VMS User Management proprietary software: provided by the manufacturer to manage security and access for all servers. This will usually be available for Enterprise level editions and may require an additional charge. An additional software or appliance is added that acts as a traffic cop between users and recorders, maintaining centralized user management. One downside is the risk of this piece being offline / unavailable.
  • Use Active Directory and or LDAP: Create a domain user once and import to the proper server while setting server specific privileges. This can be done for users or group of domain users and will sometimes need to be synchronized.
  • Multiple Systems proprietary integration: Called 'federation' by a number of VMSes, this allows sharing access to resources across different systems (e.g., airport and the police department) typically only from the same manufacturer. This is not commonly available and typically requires additional licenses / fees.

 

Comments (0) : Members only. Login. or Join.

Related Reports

VMS 101 on Mar 03, 2020
This guide teaches the fundamentals about video management...
Risks Of Managing End User Passwords (Statistics) 2020 on Sep 11, 2020
Alarmingly, most integrators used spreadsheets to manage passwords, IPVM...
Remote Network Access for Video Surveillance Guide on Jul 27, 2020
Remotely accessing surveillance systems is key in 2020, with more and more...
Every VMS Will Become a VSaaS on Feb 21, 2020
VMS is ending. Soon every VMS will be a VSaaS. Competitive dynamics will be...
Use Access Control Logs To Constrain Coronavirus on Apr 09, 2020
Access control users have included capabilities that are not commonly used...
VSaaS 101 on Mar 25, 2020
Video Surveillance as a Service (VSaaS) is the common industry term for cloud...
Help Security End Users Facing Coronavirus Improve Remote Access on Mar 24, 2020
Many end-users and integrators are struggling with the impact of coronavirus...
US GSA Explains NDAA 889 Part B Blacklisting on Jul 31, 2020
With the 'Blacklist Clause' going into effect August 13 that bans the US...
IPVM Camera Calculator User Manual / Guide on Sep 23, 2020
Learn how to use the IPVM Camera Calculator (updated for Version 3.1). The...
Access Visitor Management Systems Guide on Jul 22, 2020
"Who are you, and why are you here?" Facilities that implement Visitor...
ISS Presents Face As A Credential and UVSS on Apr 30, 2020
ISS presented its security platform, including access control integration,...
U.S. Government Accountability Office Urges Facial Recognition Regulation on Aug 27, 2020
The US Government Accountability Office (GAO) is urging facial recognition...
Convergint Coronavirus Cuts on Mar 25, 2020
One of the world's largest security integrators, Convergint, has made a major...
Video Surveillance Business 101 on Mar 30, 2020
This report explains the fundamental elements of the video surveillance...
Genetec Presents Security Center for Airports on Apr 28, 2020
Genetec presented its Security Center for Airports at the April 2020 IPVM New...

Recent Reports

Hanwha AI Object Detection Tested on Sep 28, 2020
Hanwha has added detection and classification of people, cars, clothing...
Favorite Access Control Manufacturers 2020 on Sep 28, 2020
200+ Integrators told IPVM "What is your favorite access control management...
New Products Show Fall 2020 Starts Tomorrow! on Sep 27, 2020
Tomorrow, IPVM's sixth online show will feature New Products from over 25...
OnTech Smart Services Partners With Google and Amazon To Compete With Integrators on Sep 25, 2020
A pain point for many homeowners to use consumer security and surveillance is...
The Future of Metalens For Video Surveillance Cameras - MIT / UMass / Immervision on Sep 25, 2020
Panoramic cameras using 'fisheye' lens have become commonplace in video...
Hikvision Sues Over Brazilian Airport Loss on Sep 24, 2020
Hikvision was excluded from a Brazilian airport project because it is owned...
China General Chamber of Commerce Calls Out US Politics on Sep 24, 2020
While US-China relations are at an all-time low, optimism about relations...
Verkada Disruptive Embedded Live Help on Sep 24, 2020
Call up your integrator? Have someone come by the next day? Verkada is...
IP Networking Course Fall 2020 - Last Chance - Register Now on Sep 23, 2020
Today is the last chance to register for the only IP networking course...
Drain Wire For Access Control Reader Tutorial on Sep 23, 2020
An easy-to-miss cabling specification plays a key role in access control, yet...
Norway Council of Ethics Finds Hikvision Human Rights Abuses "Ongoing" on Sep 23, 2020
Hikvision's involvement in "serious human rights abuse" in Xinjiang is...
IPVM Camera Calculator User Manual / Guide on Sep 23, 2020
Learn how to use the IPVM Camera Calculator (updated for Version 3.1). The...
Installation Course Fall 2020 - Save $50 - Last Chance on Sep 22, 2020
This is a unique installation course in a market where little practical...
SimpliSafe Business Security Launched Examined on Sep 22, 2020
SimpliSafe has launched "SimpliSafe Business Security" that the company...
FLIR CEO: Many New Fever Entrants "Making Claims That The Science Just Won't Support" on Sep 22, 2020
FLIR's CEO joins a growing number calling out risks with fever / screening...