Nx Witness User Manual
The following types of Users can be present in the System and are identified in lists with specific icons; grayed out icons are disabled Users.
•Local Users
oReside in the System where they were added.
oConnect to the Local System using the Desktop Client or Web Admin interface.
oCannot use the Cloud Portal to access a Local System or a Cloud Connected System.
oAre Local Users with limited permissions, a preset expiration date, and an optional session length limit.
oCannot be a member of any group with Power User permissions.
oCan use the Desktop Client and Web Admin to connect to a System.
oCannot connect the the Cloud Portal.
oReceive a URL to connect to a specific System; no password is required and the link can be used by anyone.
•Cloud Users
oReside in the Cloud and can exist without having access to a System.
oUse the Desktop Client, Web Admin, and Cloud Portal to access Cloud Connected Systems.
oCan only access Systems that are connected to the Cloud.
•Organization Users
oAre managed at the Organization level by the Organization Administrator.
oCan be granted access to all Systems within the Organization, or only a subset of Systems in the Organization.
oAre displayed in User Management dialogs – but their attributes cannot be changed.
oCannot be a member of any Custom Permissions Groups.
oRetain their username, password, and LDAP Group memberships when imported into Nx Witness.
oConnect to systems using their imported credentials and the Desktop Client or Web Admin.
oCannot log into a System when the LDAP Server fails to respond.
oCan be directly granted Permissions to Resources and added to both Built-In and Custom Groups to inherit Permissions.
oCannot be permanently deleted from Nx Witness – they will be re-imported during each LDAP sync until removed from the LDAP Server.
oCan be permanently Disabled to maintain User related entries on the Audit Trail of User Actions (see "Enabling and Disabling Users").
oWill be disabled in the System when a LDAP username is the same as existing System username. Existing System Users have conflict priority to prevent login issues.
See LDAP Users and Groups for configuration settings, warning banners, and related details.
Configuring Users
The primary method to access the User Management controls is by opening the Main Menu > User Management dialog and switching to the Users tab.
There are also many User Management controls that can also be accessed from screens displaying related User and Group information.
Restrictions:
•Only Administrators and Power Users can manage others Users.
•Power Users cannot create or modify other Power Users (see "Built-In Groups and Permissions" and "Managing Groups").
There are different elements of User Management:
•Attributes – Login, Name, Email, Status (Enabled or Disabled).
•Permissions – control access to System Settings and Resources (Cameras, Devices, Bookmarks, Layouts, and Archives).
The following topics are structured around how to perform common User Management tasks:
•Managing Temporary User Access.
•Disabling and Enabling Users.
IMPORTANT: Users can inherit Permissions (from Groups and Layouts) and have special Permissions on top of that. Always confirm Users Permission are set as intended.
