Академический Документы
Профессиональный Документы
Культура Документы
Spica International
Pot k sejmiscu 33
1231 Ljubljana
Slovenia
E-mail: info@spica.com
www.spica.com
Contents I
Table of Contents
3 Main Views 26
3.1 Overview
................................................................................................................................... 26
3.2 Servers
................................................................................................................................... 27
3.2.1 Server Details.......................................................................................................................................................... 27
3.2.1.1 Server Settings
......................................................................................................................................................... 27
3.2.2 Devices .......................................................................................................................................................... 28
3.3 Devices
................................................................................................................................... 29
3.3.1 Device .......................................................................................................................................................... 29
3.3.1.1 General Details
......................................................................................................................................................... 30
Controller Settings......................................................................................................................................... 30
3.3.1.2 Connection......................................................................................................................................................... 31
TCP Settings ......................................................................................................................................... 32
3.3.1.3 Readers ......................................................................................................................................................... 33
General ......................................................................................................................................... 34
Reader Settings ................................................................................................................................... 35
Restrictions ......................................................................................................................................... 36
Restrictions Details ................................................................................................................................... 37
User Interface Events ......................................................................................................................................... 37
3.3.1.4 User Interfaces
......................................................................................................................................................... 38
General ......................................................................................................................................... 38
User lnterface Settings ................................................................................................................................... 39
Events ......................................................................................................................................... 39
3.3.1.5 Inputs ......................................................................................................................................................... 40
General ......................................................................................................................................... 40
Input Settings ................................................................................................................................... 41
3.3.1.6 Outputs ......................................................................................................................................................... 42
General ......................................................................................................................................... 43
4 External Configuration 60
4.1 Alarm...................................................................................................................................
Groups 60
4.2 Area Tree
................................................................................................................................... 60
4.3 Email...................................................................................................................................
Notifications 61
4.3.1 Em ail Notification
..........................................................................................................................................................
Service 61
4.3.2 Alarm Notifications
.......................................................................................................................................................... 62
4.3.3 Offline Controllers
..........................................................................................................................................................
Notifications 63
4.4 Update
...................................................................................................................................
Access Profiles 63
1.1 Introduction
Device Administration Portal is the basic module in the Time&Space system. Its key function is
the transfer of clock transactions from clock terminals to a shared database that is accessed
independently by all modules in the system. The second, equally important function is the
downloading of data to the terminals, i.e. the transfer of data such as access parameters
that were entered via the keyboard using any of the Time&Space modules. These parameters
control the functioning of clock terminals, for example the function of individual keys on the
clock terminal keyboard, and inform the terminals about the valid ID badges.
The module consists of 4 parts: Device Administration Portal, Event Processor, Device
Communicator and Space API.
Device Administration Portal is a web client responsible for the management of terminal's
settings. The application also monitors the communication between Event Processor service
and hardware.
Event Processor is a standalone windows service responsible for storing data into the
database and generating appropriate responses.
Device Communicator is a standalone windows service responsible for the communication
between terminals and Event Processor service.
Space API is a standalone windows service responsible for the communication between
Device Administration Portal and Event Processor service on one side and for the
communication between DAP application and other Time&Space modules .
This program and accompanying documentation (the software) are copyrighted material,
protected by national legislations and international agreements on protection of intellectual
property. Any unauthorized use or copying of this software is punishable by law. Users are
permitted to make copies of the software solely for backup purposes, and as a protection
against accidental loss or damage of the purchased copy.
By purchasing a copy of the software the user is granted the license to use the software
within the user's organization without time limitations. The user is obliged to comply to the
conditions related to the scope of the license as defined in the purchase documentation
(proposal/order/invoice) at the time of purchase. These conditions are including, but are not
limited to maximum number of users, number of clients, servers, number of administrators,
administrative workstations, computers, locations and similar. Any use beyond these
restrictions is not permitted.
Any use outside user's organization or any commercial exploitation of the software involving
third parties such as lending, renting or selling of the software is not permitted.
Special Terms
Users are obliged to actively protect the software against any unauthorized use or copying,
and prevent access to the software by the public or any third party.
Spica International does not permit any modification of programs or accompanying
documentation including any modification of the program code or accompanying files.
Warranty Disclaimer
Spica International has written the software and accompanying documentation with utmost
care and best effort to make it error free. Any eventual error, which would prevent or
significantly hamper the use of the software, should be immediately reported to Spica
International. Spica International will act upon such error report with priority and make every
effort to correct the error in the shortest possible time.
However, the software is provided by Spica International »as-is«, and without any
warranty, express or implied, direct or consequential as to the usability or inability to use
the software.
Spica International does not provide any warranty as to the fitness of this software to any
particular purpose, and is not liable for any errors, known or unknown, of this software.
Cumulative liabilities of Spica International for any damage caused by this software will be
limited to the purchase price of this software.
Loss of Data
Spica International is not in any way responsible for any data any user may maintain with this
software. Protection and maintenance of data are entirely and solely the responsibility of the
user.
Modifications of Software
Spica International continually develops and improves its software products, which are
therefore subject to change without prior notice. Spica International reserves the right to
freely modify its software products at any time without any prior or special notice and cannot
provide any warranty as to the nature and scope of any particular change. Spica
International also retains the right to stop further development of a particular product, or to
In order to meet and surpass the expectations of its users, Spica International constantly
and systematically collects information about user demands and requirements. This
information plays crucial role in decisions on software product development. Upon user
request, Spica International will provide information on the status of an individual request or
demand in the context of development planning for the standard products. This information
may include the planned time for the completion of a particular task, if any such time has
been established. Information provided in this way does not make Spica International in any
way liable for the nature and scope of the actual implementation, licensing policy or time of
delivery. All such information is strictly informal and may change without any notice.
Spica International
Pot k sejmiscu 33
1231 Ljubljana
Slovenia
Basic architecture
Important: Event Processor and Device Communicator must always be installed on the
same workstation.
Advanced architecture
Important: EP2 and DC2 services cannot be installed on the same workstation as EP1
and DC1.
2.1 Installation
To install the module, start DAP Setup.exe from the distribution media and follow the
installation procedure.
Pre-installation requirements
Supported devices
Zone Wing,
Zone Button TT,
Zone Button AC,
Morpho Sigma.
Tip: Make sure that Zone Button and Zone Wing terminal has appropriate FW version.
For more information contact our support.
See the document Installation and Upgrade Guide.pdf, chapter System Requirements.
Web browsers
Important: Javascript must be enabled in the web browser. For more information check
the following web site.
The following IIS features are required for the DAP module:
IIS feature
Important: If IIS service is installed after .NET Framework, then you will likely encounter
Runtime Error when accessing DAP. To fix this issue repair .NET Framework under Installed
programs or execute the following statement in CMD: "%windows%\Microsoft.
NET\Framework\v4.0...\aspnet_regiis -i".
ASP features
If case of x64 bit OS, set Enable 32-Bit Applications option to True for the used application
pool (e.g. DAP).
To enable Active Directory authentication and Single Sing On (SSO) in the application, enable
Windows Authentication in the virtual directory and put NTLM provider first.
Window s Authentication
Providers
Also make sure that client workstations have User Authentication set to Automatic logon
with current user name and password under Internet Security options.
Advice: Windows features list may vary according to a specific operating system.
MSMQ Server must be installed on the workstation running Event Processor and Device
Communication service.
If using Internet Explorer browser, make sure that the following parameters are set as
follows:
Allow ActiveX Filtering option must be enabled under Internet Security settings.
Compatibility mode must be disabled for the DAP web site in the browser. The button will
turn from blue to gray when Compatibility View is turned off for a site.
Welcom e screen
3. If all requirements are installed, full feature set will be available for the installation.
4. Select the desired features and update default installation paths if needed.
Installed features
Important: If some of the features are not available, then some of the pre-installation
requirements are not fulfilled.
5. If Device Administration Portal feature is selected in the previous step, an additional step is
displayed. By default, the application will be installed as a virtual directory called ECP on
Default Web Site. Change the name of the virtual directory or site if necessary. In this case,
users will access the application by entering address http://HostName/ECP into the web
browser. Host Name signifies the name or the IP address of the computer where IIS is
running.
DAP configuration
Database type
7. Confirm the installation parameters with the Next button and start the installation process.
8. After the installation is completed, see Customizable application parameters chapter for
additional settings.
Server kind - <add ke y ="Se rv e rKin d" v alu e ="M SSQ L " /> - This parameter defines the
kind of database server (MSSQL or ORACLE) used in the system.
API server address - <add ke y ="apiSe rv e rAddre ss" v alu e ="h ttp://localh ost:1 6 0 0 " /
> - This parameter defines the address (IP and Port) of Space API with which the portal
communicates. By default this parameter is set to localhost:1600.
Session timeout - <form s login U rl="~/Accou n t/L ogO n " tim e ou t="3 0 " /> - This
parameter defines the period after which the session expires in the application. By default
this parameter is set to 30 minutes.
Automatic reconfiguration delay - <add key="reconfigurationDelay" value="2"/> - This
parameter defines the period after which automatic reconfiguration of a device is triggered
if the configuration has changed. By default this parameter is set 2 minutes. If the value is
set to 0, the reconfiguration is executed immediately.
Language - <globalization u iC u ltu re ="e n - G B " cu ltu re ="e n - G B "/> - This parameter
defines the language of the web application. Currently the following languages are
supported: Arabic (ar), Bosnian (sr-Cyrl-BA), Bulgarian (bg), Croatian (hr), English (en-GB),
Finnish (fi), French (fr), German (de), Greek (el), Italian (it), Lithuanian (lt), Macedonian (mk),
Polish (pl), Portuguese (pt), Romanian (ro), Russian (ru), Slovenian (sl), Turkish (tr) and
Ukrainian (uk).
Live log - <targe t n am e ="e v e n tsF ile " xsi:ty pe ="F ile " file N am e ="$ { appD ataF olde r} /
L ogs/e v e n ts- $ { sh ortdate } .log" lay ou t="$ { lon gdate } $ { m e ssage } " /> - This
parameter defines the path of log file which tracks data from Live log.
Note: Live log only tracks communication when the view is opened in the application.
Server kind - <add ke y ="Se rv e rKin d" v alu e ="M SSQ L " /> - This parameter defines the
kind of database server (MSSQL or ORACLE) used in the system.
Server address - <add ke y ="se rv e rAddre ss" v alu e ="h ttp://+:1 6 0 1 " /> - This
parameter defines the address (IP and Port) on which the service operates. By default this
parameter is set to +:1601.
New events table - <add key="enableDefaultEventStorage" value="false"/> - This
parameter defines (True/False) if the Event Processor also stores registrations to the table,
called CLOCKING_EVENTS. By default this parameter is set to False.
Interface language - <add key="DefaultCulture" value="en"/> - This parameter defines
the language on the interface (e.g. Zone Button). Currently the following languages are
supported: English (en) and Slovenian (sl).
Pull events time out - <add key="PullEventsTimeout" value="900"/> - This parameter
defines execution time out for downloading off-line events from the terminal. By default this
parameter is set to 900 seconds.
Delete device transaction log - <add key="DeleteTransactionsFromController"
value="False"/> - This parameter defines if event transaction log is deleted till last pull
event action. By default this parameter is set to false.
Device background image <add key="DeviceBackground" value="\
\MASigmaBackground.png"/> - This parameter defines the location of an image displayed
on the device as background. Image must be in PNG format. By default this parameter is
set to "\MASigmaBackground.png".
User ID definition <add key="VerifyUserId" value="-1"/> - This is a system parameter
used for defining user id on MA Sigma. Set the parameter value to 5, when printed badge
number for HID cards should be used in the system. Otherwise leave it to -1. This
parameter is supported only on MA Sigma terminals with iClass reader.
Custom HID card number format on MA Sigma - <add
key="HIDCardNumberFormatSlot" value="0"/> - This is a system parameter used for
HID card number presentation on MA Sigma. For more information contact our support.
Device time synch time out - <add key="DeviceTimeSynchronizationInterval"
value="6"/> - This parameter defines execution time out for synchronizing internal clock
on the device with the system time. By default this parameter is set to 6 hours.
Disable correction of time events - <add key="DisableCorrections" value="false"/> -
This parameter defines that the system will correct the existing time events till time events
correction timeout is reached. If set to true, all registrations are stored in the database.
Time events correction timeout - <add key="AutoCorrectionThreshold" value="1"/> -
This parameter defines the timeout for correction of time events. By default this parameter
is set to 1 minute.
Show balance on Info event - <add key="ShowBalanceOnInfo" value="1"/> - If
enabled (value="1"), a response message from the Info event will contain user's running
balance.
Show vacation on Info event - <add key="ShowVacationOnInfo" value="1"/> - If
enabled (value="1"), a response message from the Info event will contain user's vacation
balance.
Show custom counter no. 1 on Info event - <add
key="ShowFirstCustomCounterOnInfo" value="0"/> - If enabled (value="1"), a
response message from the Info event will contain value of custom counter no.1.
Show custom counter no. 2 on Info event - <add
key="ShowSecondCustomCounterOnInfo" value="0"/> - If enabled (value="1"), a
response message from the Info event will contain value of custom counter no.2.
Show last clocked event on Info event - <add key="ShowLastClockedEventOnInfo"
value="0"/> - If enabled (value="1"), a response message from the Info event will
contain information about last clocked event.
Show balance on clocking - <add key="ShowBalanceOnClocking" value="1"/> - If
enabled (value="1"), a response message from a clocking event will contain user's running
balance.
Show custom counter no. 1 on clocking - <add
key="ShowFirstCustomCounterOnClocking" value="0"/> - If enabled (value="1"), a
response message from a clocking event will contain value of custom counter no.1.
Show custom counter no. 2 on clocking - <add
key="ShowSecondCustomCounterOnClocking" value="0"/> - If enabled (value="1"), a
response message from a clocking event will contain value of custom counter no.2.
Definition of custom counter no.1 - <add key="FirstCustomCounterId" value="101"/>
- This parameter defines custom counter no.1 used in response messages. ID of counter
counters are stored in the COUNTER table.
Definition of custom counter no.2 - <add key="SecondCustomCounterId"
value="102"/> - This parameter defines custom counter no.2 used in response
messages. ID of counter counters are stored in the COUNTER table.
Error log - <targe t n am e ="e rrorF ile " xsi:ty pe ="F ile " file N am e ="$ { appD ataF olde r} /
L ogs/e rror- $ { sh ortdate } .log" lay ou t="$ { lon gdate } $ { u ppe rcase :$ { le v e l} }
$ { m e ssage } : $ { e xce ption :form at=tostrin g} " /> - This parameter defines the path of a
log file which tracks errors from the service.
Debug log - <targe t n am e ="de bu gF ile " xsi:ty pe ="F ile "
file N am e ="$ { appD ataF olde r} /L ogs/de bu g- $ { sh ortdate } .log" lay ou t="$ { lon gdate }
$ { u ppe rcase :$ { le v e l} } $ { m e ssage } " /> - This parameter defines the path of a log file
which tracks advanced level messaged from the service.
Messages log - <targe t n am e ="m e ssage F ile " xsi:ty pe ="F ile "
file N am e ="$ { appD ataF olde r} /L ogs/m e ssage - $ { sh ortdate } .log"
lay ou t="$ { lon gdate } $ { m e ssage } " /> - This parameter defines the path of a log file
which tracks messages from the service.
Server kind - <add ke y ="Se rv e rKin d" v alu e ="M SSQ L " /> - This parameter defines the
kind of database server (MSSQL or ORACLE) used in the system.
Online notification server address - <add key="OnlineResponseServerAddress"
value=""/> - This parameter defines the address (IP) of server which receives online
messages from devices (e.g.: MA Sigma). By default this parameter is set to an empty string
"", which means that online messages from devices are disabled. To enable online
messages this property should be set to the local IP address.
Online notification server port - <add key="OnlineResponseServerPort"
value="12345"/> - This parameter defines the port of online notification server address.
By default this parameter is set to 12345.
Error log - <targe t n am e ="e rrorF ile " xsi:ty pe ="F ile " file N am e ="$ { base dir} /L ogs/
e rror- $ { sh ortdate } .log" lay ou t="$ { lon gdate } $ { u ppe rcase :$ { le v e l} } $ { m e ssage } :
$ { e xce ption :form at=tostrin g} " /> - This parameter defines the path of a log file which
tracks errors from the service.
Debug log - <targe t n am e ="de bu gF ile " xsi:ty pe ="F ile " file N am e ="$ { base dir} /L ogs/
de bu g- $ { sh ortdate } .log" lay ou t="$ { lon gdate } $ { u ppe rcase :$ { le v e l} }
$ { m e ssage } " /> - This parameter defines the path of a log file which tracks advanced
level messaged from the service.
Protocol log - <targe t n am e ="protocolF ile " xsi:ty pe ="F ile " file N am e ="$ { base dir} /
L ogs/protocol- $ { sh ortdate } .log" lay ou t="$ { lon gdate } $ { m e ssage } " /> - This
parameter defines the path of a log file which tracks protocol messages between the
service and devices.
Advice: If MA Sigma response server address is not set or not accessible, all registrations
on the terminal will be treated as off-line and will be downloaded according to Pull events
time out rule.
Server kind - <add ke y ="Se rv e rKin d" v alu e ="M SSQ L " /> - This parameter defines the
kind of database server (MSSQL or ORACLE) used in the system.
Server address - <add ke y ="se rv e rAddre ss" v alu e ="h ttp://+:1 6 0 0 " /> - This
parameter defines the address (IP and Port) on which the service operates. By default this
parameter is set to +:1600.
Error log - <targe t n am e ="e rrorF ile " xsi:ty pe ="F ile " file N am e ="$ { base dir} /L ogs/
e rror- $ { sh ortdate } .log" lay ou t="$ { lon gdate } $ { u ppe rcase :$ { le v e l} } $ { m e ssage } :
$ { e xce ption :form at=tostrin g} " /> - This parameter defines the path of a log file which
tracks errors from the service.
Debug log - <targe t n am e ="de bu gF ile " xsi:ty pe ="F ile " file N am e ="$ { base dir} /L ogs/
de bu g- $ { sh ortdate } .log" lay ou t="$ { lon gdate } $ { u ppe rcase :$ { le v e l} }
$ { m e ssage } " /> - This parameter defines the path of a log file which tracks advanced
level messaged from the service.
Advice: In case that DAP services and database server are running on the same
workstation it is possible, that DAP services will fail to start after the restart of operating
system. To solve this issue set dependency on DAP services to wait for database server to
start.
Important: Set read/write permissions on a destination folder for a user under which the
service operates in order for the log file to be created. E.g set permission (Modify, Read &
Execute, List Folder Contents, Read, Write) to IUSR and IIS_IUSRS user on the DAP
installation directory.
Important: Make sure that IIS_IUSRS user group has read/write permissions on
Windows temporary directory (e.g. c:\windows\temp). Originally, the default was c:\Temp,
then %WinDir%\Temp. In the Windows XP era, the temporary directory was set per-user as
Local Settings\Temp, although still user-relocatable. For Windows Vista, 7&8 the temp
location has moved again to AppData section of the User Profile, typically C:\Users\User
Name\AppData\Local\Temp (%USERPROFILE%\AppData\Local\Temp).
To remove the existing module, go to Control Panel\Programs and Features and select
Time&Space Device Administration Portal software and choose Uninstall.
Important: The uninstall process does not support individual component selection. All
components will always be removed from the system.
Re-installation
To install a new version of the module, simply start and follow the installation procedure.
2.2 Login
To access Device Administration Portal, enter this address http://HostName into the web
browser (Host Name signifies the name or the IP address of the computer where the module
is installed). User account needs Event Collector/DAP Login permission to enter the
application.
Login dialogue
3 Main Views
The application has four main views:
3.1 Overview
Overview view shows the list of all devices in the system according to user's permissions
grouped by Server/Connection/Device. To find a particular connection or Device, use the
search field.
Short cuts section offers the following actions which are executed on all devices:
Enable All - Use this action to enable the connection for all devices.
Disabled All - Use this action to disable the connection for all devices.
Overview view
Note: Devices without connection parameters or those which are not assigned to a
server are not displayed in this view.
3.2 Servers
Servers view shows the list of all Event Processor services defined in the system with some
basic parameters. The server is responsible for storing data into the database and
generating appropriate responses on device's interfaces.
Use menu actions ( Add and Remove) to manage the list or click on server's name to
access detailed information about a specific server.
Servers view
Port - TCP/IP port through which a server sends/receives requests for communication.
Server settings
Advice: Check in the configuration file for detailed information about the server.
Important: Avoid using DNS alias in the address field, use either primary DNS suffix or IP
address.
3.2.2 Devices
Devices view shows the list of currently assigned devices to a selected server with some
basic information (Name, Address/Port an Type). Use menu actions ( Add and Remove) to
manage the list or click on the device's name to access detailed information about a specific
device.
Advice: Only device with a TCP connection can be assigned to the server.
3.3 Devices
Devices view shows the list of all devices in the system with some basic parameters. The
status signalizes the current state of the server (Disabled, Offline, Online). Use menu actions
( Copy, Add and Remove) to manage the list or click on device's name to access
detailed information about a specific device.
Short cuts section offers the following actions which are executed on the selected devices:
Enable Selected - Use this action to enable connection for the selected devices.
Disabled Selected - Use this action to disable connection for the selected devices.
Reconfigure Selected - Use this action to re-send configuration parameters for the
selected devices.
Reload Profiles - Use this action to reload access profiles for the selected devices.
Update Profiles - Use this action to update access profiles for the selected devices.
Update Alarms - Use this action to update alarm parameters for the selected devices.
Devices view
Note: Restrictions by Unit 1/Unit 2/Unit 3 or Organizational units are applied on this view.
This means that a user will see only those devices, he/she is entitled to see.
3.3.1 Device
Currently the following device types are supported:
Zone Wing,
Zone Button TT,
Zone Button AC,
Morpho Sigma.
Device details
Editable parameters:
Warning: When changing time zone parameter, make sure there are not off-line
registrations on the device and that all alarms are deactivated.
Advice: Server information is displayed only, if there is more than one Event Processor
service configured in the system.
3.3.1.2 Connection
Connection view displays information about device's connection. Connection parameters must
be set up for each device otherwise the communication between Event Processor service and
device will not be possible.
Device with TCP connection communicates with the Event Processor service directly using
Ethernet LAN. With this connection type, the following information is available: Connection
Type, Address, Port, Keep Alive, Keep Alive Timeout, Auto Reconnect, Max Reconnect Count,
Auto Reconnect Timeout, Short Delay and Long Delay. Select Edit action to update these
parameters.
Connection settings
Editable parameters:
Warning: For TLS/SSL communication encryption option make sure that device has
appropriate FW version. For more information contact our support.
Advice: Use Spica Device Manager tool to set IP address and Port parameters on devices.
3.3.1.3 Readers
Readers view displays the list of device's readers with some basic information. Reader is a
data input device that reads data from identification cards and is connected to a device via
Wiegand or Data/Clock interface. Use menu actions ( Add and Delete) to manage the list
or click on reader's name to access detailed information about a specific reader.
Readers
3.3.1.3.1 General
General view displays information about specific reader (ID, Position, Type, User Interface,
Area, Access Events, Time Events and Advanced settings). Select Edit action to update these
parameters.
Readers details
Editable parameters:
Common
Verification Settings
Use Verification settings field to set the security level for time and access events on the
specific reader. You can specify which parameters will be requested and checked for each
event clocking. Security demands for time and attendance calculation are listed in the Time
events group and for access control in the Access events group.
Verify Access Profile - Select this option, if you want access profile to be checked during
registration on the reader.
Verify Schedule - Select this option, if you want access schedules to be checked during
registration on the reader.
Verify PIN - Select this option, if you want PIN to be checked during registration on the
reader.
Verify Fingerprint - Select this option, if you want fingerprint to be checked during
registration on the reader.
Advanced
Reader settings
3.3.1.3.2 Restrictions
Reader restrictions
Editable parameters:
Prerequisite inputs - Set additional requirements (inputs) that must be fulfilled before a
user can make registration on the reader. The number of available inputs varies between
different device types.
Restriction settings
User Interface events view displays information about defined events on a related user
interface (Event, Display name, Job and Verify Access information). Select Add, Edit and
Delete actions to manage the list.
Advice: Number of available event definitions varies between different user interface
types.
User Interfaces
3.3.1.4.1 General
General view displays information about a specific user interface (related Reader and Type).
Select Edit action to update these parameters.
Editable parameters:
3.3.1.4.2 Events
Events view displays information about defined events on a related User Interface (Event,
Display name, Job and Verify Access information). Select Add, Edit and Delete actions to
manage the list.
Advice: The number of available event definitions varies between different user interface
types.
3.3.1.5 Inputs
Inputs view displays the list of device's inputs along with some basic information. The number
of available inputs varies between different device types. Use menu actions ( Add and
Delete) to manage the list or click on input's name to access detailed information about a
specific input.
Inputs
3.3.1.5.1 General
Inputs details view displays information about a specific input (ID, Position, Default State and
Zone Door). Select Edit action to update these parameters.
Input details
Editable parameters:
Inputs settings
3.3.1.6 Outputs
Outputs view displays the list of device's outputs along with some basic information. Usually
outputs represent devices, such as doors, visual or sound signals, etc. The number of
available outputs varies between different device types. An active output supplies power
(from internal power supply) to the connected activator, while the passive output provides
“dry contact” output to the electrical circuit of the connected activator. Use menu actions (
Add and Delete) to manage the list or click on output's name to access detailed information
about a specific output.
Outputs
3.3.1.6.1 General
Output details view displays information about a specific output (ID, Position, Relay Type,
Mode, Pulse Time, Area and Zone Door). Select Edit action to update these parameters.
Output details
Editable parameters:
Default - Access is granted upon request on the basis of parameters on reader's security
settings.
Always active - Output is always active, identification is not required.
Always closed - Output is always inactive, access is not possible.
Pulse time - Defines how long the output will be active after an access request has been
granted. Possible values are 0 to 100 seconds.
Area - Time&Space system offers a possibility for hierarchical classification of outputs
according to natural criteria (e.g. geographical location). Areas located higher on the
organizational structure include subordinated zones, which help the system to preserve
space topology.
Zone Door - Select a door to which the output belongs.
Zone Door Pin - Select a pin for which the configuration is set.
Output settings
3.3.1.6.2 Activated by
Activated by view displays information about output activators (Name, Position and Type).
The following output activators can be set:
Activate output with an input. Output is triggered if input is active. Output is active as
long as input is present.
Activate output with an input. Output is triggered if input is active. Output is active for the
length of pulse time.
Activate output with a granted access action. Output is triggered upon successful
registration on a specific reader. Output is active for the length of pulse time.
Activate output with a denied access action. Output is triggered upon unsuccessful
registration on a specific reader. Output is active for the length of pulse time.
Activate output with an alarm. Output is triggered when specific alarm is activated.
Output is active for the length of pulse time.
Activators
3.3.1.6.3 Deactivated by
Deactivators view displays information about output deactivators (Position, Position and
Type). The following output deactivators can be set:
Deactivate output with an input. Output is inactive if input is active. Output is inactive as
long as input is present.
Deactivate output with an alarm. Output is inactive when specific alarm is activated.
Output is inactive for the length of pulse time.
Deactivators
3.3.1.6.4 Schedules
Schedules view displays information about output's open/closed schedules. Select Edit action
to update these parameters.
Open Schedules
Output is active in the interval set by the schedule, if access schedule parameters checking
yields positive result.
Closed Schedules
Output is inactive in the interval set by the schedule, if access schedule parameters checking
yields positive result.
Schedules
Note: Please note that output deactivators have higher priority than output activators,
meaning that during the specified time the entry through that reader is not allowed,
regardless of other settings. Outside these intervals the door will be opened upon valid
requests or it will be permanently open, if so set.
Open schedules can have an additional parameter, named Anti-passback Zone. By selecting a
predefined anti-passback zone option, an additional rule is added which will check for present
employees and prevent output activation triggered by schedule if nobody is present.
3.3.1.7 Alarms
Alarms view displays the list of device's alarms with some basic information. The devices
continually monitor the state of their alarm inputs and immediately inform the supervising
software about all changes. Alarm triggers are usually door open sensors, emergency entry/
exit buttons, IR detectors, temper switch, etc. The following alarm types can be set:
Use menu actions ( Add and Delete) to manage the list or click on output's name to
access detailed information about a specific output.
Alarm s view
3.3.1.7.1 General
Alarm details view displays information about a specific alarm (Type, Group, Position and
Area). Select Edit action to update these parameters.
Alarm details
Editable parameters:
Type
output deactivation.
On activated input (Forced Door) - Alarm is activated if input is active and output is
inactive.
Unauthorized access attempt - Alarm is activated if a user without access rights makes
registration.
Unsuccessful user authentication - Alarm is activated if a user authentication is not
successful (e.g. invalid PIN, unmatched biometric verification).
Group - Alarm group defined some additional settings, which are used upon alarm
activation.
Area - If area is assigned, the operator must have appropriate permissions to view the
alarm. Note that if area is not selected, the alarm will be viewable to all operators without
restrictions.
Alarm settings
3.3.1.7.2 Triggers
Triggers view displays information about triggers for selected alarm. Trigger(s) must be
defined, because they are responsible for the activation of the alarm. The type of available
triggers depends on the alarm type:
Alarm triggers
3.3.1.7.3 Advanced
Advanced view displays addition information about a specific alarm (Delay, Reactivation Time
and Automatically Deactivate). Select Edit action to update these parameters.
Advanced view
Editable parameters:
Delay - If delay value is set, an alarm will always be activated with a specified time delay.
Maximum delay time is limited to 120 seconds.
Reactivation time - If reactivation value is set, defined time will pass between two
messages received by the operator if alarm triggers are still active (e.g. if the operator
deactivates the alarm manually after being warned about an alarm event, but the alarm
state continues after the end of the reactivation time, the alarm will go off again). Default
value is set to 0, meaning that the alarm message will not be repeated. Maximum
reactivation time is limited to 9990 seconds.
Automatically Deactivate - If this field is checked, the alarm will be deactivated
automatically once the alarm's trigger becomes inactive. Regardless of this setting, the
operator can manually deactivate an active alarm by clicking the Deactivate button. If this
field is not checked, the alarm can be deactivated only from the computer.
Advanced settings
Note: Up to 32 Zone Doors units can be connected to a single Zone Wing device.
Unit details view displays information about a specific Zone Door (Position and Type).
Currently two predefined door types are available:
Important: The Zone Door type must match Zone Door's FW edition to be fully
operational.
Editable parameters:
3.3.1.8.2 Schema
Schema view displays information about zone Zone Door's pin configuration on which external
devices are connected (Readers/Inputs/Outputs). Select Edit action to update these
parameters.
Schem a settings
3.3.1.9 Anti-passback
Anti-passback (APB) view displays the list of APB zones valid for a selected device. The zone
can consist of one or more APB rules. APB rule is a security mechanism preventing an access
card or similar device from being used to enter an area a second time without first leaving it
(so that the card cannot be passed back to a second person who wants to enter). If more
than one APB rule is defined on one zone, all of them must be fully filled before a user can
pass.
Use menu actions ( Add and Delete) to manage the list or click on zone's name to access
detailed information about a specific zone.
Anti-passback view
3.3.1.9.1 General
Anti-passback details view displays information about a specific zone (Verification, Duration
and Maximum Occupancy). Select Edit action to update these parameters.
Editable parameters:
Verification
Entry only – APB rule is active on entrance (device will not accept two subsequent entry
attempts).
Exit only – APB rule is active on exit (device will not accept two subsequent exit attempts).
Entry and Exit – APB rule is active on entrance and exit (device will not accept two
subsequent entry or exit attempts).
Anti-passback settings
3.3.1.9.2 Readers
Readers view displays a list of readers with verification type. Use menu actions ( Add and
Delete) to manage the list.
3.3.1.10 Advanced
Advanced view displays the list of device's advanced parameters. These additional
parameters represent options, which are useful in some specific situation. Select Edit action
to update these parameters.
Advanced view
Available parameters:
Max Response Time - This option defines how long the device should wait for Event
Processor service to respond when sending data that need to be confirmed. If the server
does not respond within the specified time, the terminal will switch to off-line mode. The
default value is 30 seconds. Increase this value if your computer or network communication
is slow (the default value may be too short in such situations).
Profile Update Priority - This option is used to defined custom update priority of access
profiles for a specific device. Value 0 represents the highest priority.
Off-line Registrations - If this option is set to Standard, device will stop collecting
registrations when buffer is filled up. If set to Cyclic, it will overwrite the old registrations
using FIFO (first in, first out) mode.
Enable Profiles - If this option is not selected, this reader will ignore users access profiles.
Enable Notifications - If this option is not selected, email notification will be generated
when device's status goes to Offline.
Advanced settings
Tip: Messages are updated only when the view is opened in the browser.
4 External Configuration
The chapter covers settings which are used in the module, but are configured elsewhere. At
the moment the following external settings exist:
Alarm groups,
Area tree,
Email notifications,
Update access profiles.
Installation files can be found in the Tools folder (Oracle) or in the Server\EmailNotification
folder (MSSQL) on installation CD.
Additional text can be appended to the body of email messages, if you create a text file
named EmailNotificationFooter.txt in the folder where Email notification service is installed
and running.
Service also logs actions and errors in log files named enyyyymm.log (yyyy ... year, mm ...
month) in a directory where service is installed.
[CONFIG]
;Interval between sending email requests in seconds
Interval=10
;SMTP mail server used for sending emails
SMTPMailHost=mail.domain.com
;Port on which SMTP server listens, default=25
SMTPPort=25
;User name and password for SMTP mail server which use authentication.
;Leave blank if no authentication.
SMTPUserName=
SMTPPassword=
;Enable (1) or disable (0) option for skipping messages with invalid email address.
ContinueOnInvalidEmailAddress=1
Enable alarm e-mail notifications - If this option is selected, the notifications are enabled
and Sender and Recipients fields become editable.
Sender - Enter sender's email address.
Recipients - Enter email addresses for recipients who will receive notifications.
Subject and body of the message can be customized by changing parameters in Event
Processor's configuration file, section <notifications>.
<notifications>
<controller sender="example@spica.com" recipients="example@spica.com;
example@spica.com" subject="Controller {NAME} (ID: {CUSTOMID}) is offline."
body="Controller {NAME} (ID: {CUSTOMID}) at {CONNECTION.ADDRESS}:{CONNECTION.
PORT} is offline."/>
<alarm subject="Alarm {NAME} has been triggered!" body="Alarm {NAME} (ID:
{CUSTOMID}) has been triggered on controller {CONTROLLER.NAME}."/>
</notifications>
Tip: The groups are managed in the Visual Space Manager. See Visual Space Manager
User's Manual for more details.
Email address of the sender and recipients are set in Event Processor's configuration file,
section <notifications>. Subject and body of the message can be customized if needed.
<notifications>
<controller sender="example@spica.com" recipients="example@spica.com;
example@spica.com" subject="Controller {NAME} (ID: {CUSTOMID}) is offline."
body="Controller {NAME} (ID: {CUSTOMID}) at {CONNECTION.ADDRESS}:
{CONNECTION.PORT} is offline."/>
<alarm subject="Alarm {NAME} has been triggered!" body="Alarm {NAME} (ID:
{CUSTOMID}) has been triggered on controller {CONTROLLER.NAME}."/>
</notifications>
Advice: Since the information is stored in the database, it must be set only once.
Designed for physical access control applications, MorphoAccess® SIGMA Series terminals
feature a compact, attractive design, coupled with high reliability and security. These
5thgeneration terminals are both robust and easy to use for a variety of applications,
including office, headquarters and administrative building security, as well as protection of
external access points.
Follow the HW Configuration and SW Configuration section to set up the terminal properly in
DAP.
Morpho Sigm a
Warning: Integration of Morpho Sigma terminal has some limitations in the Time&Space
system:
By default, the maximum size of a SIGMA series terminal database is limited to 3,000 user
records (with two fingers per user record). In combination with Time&Space system, user
records are translated to assigned user badges with a valid access profile (e.g. User with a
two badges and a valid access profile will spend 2 user records on Sigma device.). User
licenses can be installed for extending this maximum database limit.
For all events (Time Attendance and Access control) user must have valid access profile to
make registration on the terminal.
Only one access schedule can be defined per reader on the user's access profile.
Only access schedules with ID from 1 to 58 can be used on Sigma devices.
Access schedules on Morpho Sigma are determined on 15 minute intervals. From value is
rounded upwards (e.g. 8:17 -> 8:30) while To value is rounded downwards (e.g. 8:17 ->
8:15).
Open Door and Forced Door alarms cannot be disabled in Visual Space Manager, since they
require that the trigger must be disabled on the hardware.
Option for disabling fingerprint verification for a specific user in Time&Space Manager is not
supported for Sigma devices. Fingerprint verification has to be managed through Biometric
Administration Portal.
5.1.1 HW Configuration
To perform the configuration you need to connect and power up a device. See Sigma
Administration user's manual for more details.
POE and external power supply are not used at the same time: if both power supplies are
used, priority is given to the external power supply. If the external power supply is shut
down, switch to POE without reboot is not guaranteed.
Must comply with CEE/EEC EN60950 standard. It is strongly recommended to use class II
power supply at 12V-24V and 1A min (at 12V). Could be provided by a 12 Volts Wiegand
power supply, which complies with the Security Industry Association's Wiegand standard
March 1995.
MorphoAccess® SIGMA Series terminal's power supply can also be provided by the Ethernet
using RJ45 connection (Power Over Ethernet mode). When the terminal is connected to the
network by the RJ45 connector (ref RJ45/POE on Figure 5: MorphoAccess® SIGMA Series
Terminal Rear View Diagram), it allows either the power supply over the Data pins or over the
spare pins, But when the terminal is connected to the network by the Ethernet connector
block (Figure 5), only power supply over the data pins is possible.
1. Enter Terminal Administration Menu and navigate to System Menu > First Boot Assistant >
Network Configuration > Ethernet. Under Ethernet, an administrator can select IPV4 or IPV6.
Ethernet Configuration
2. On next screen, Default IP Mode is selected as DHCP. Press on Static option. Use Check
IP m ode
3. Under Static IP Mode, an administrator can manually configure IP Address of the terminal,
Subnet Mask, Network Mask, Gateway Address and DNS Servers.
5.1.2 SW Configuration
1. Go to Devices view, select New Device action and select MA SIGMA device type. Continue
by selecting Next button.
2. Edit the Name, ID, Description and Area parameter if needed and continue by selecting
Save and Create Connection button.
Warning: When changing time zone parameter, make sure there are not off-line
registrations on the device and that all alarms are deactivated.
3. Enter terminal's static IP address and continue by selecting Create Connection button.
4. When the connection parameters are saved, you are placed on Connection view. Continue
by selecting General view from the tree.
Connection view
5. Select Enable connection button to start up the communication with the terminal.
Enable connection
6. When the communication is enabled, the status is updated to Online and predefined
configuration is sent to the terminal.
Online device
Warning: Make sure you also check and configure Customizable Application Parameters
related to MA Sigma terminal.
Verification Settings
Use Verification settings field to set the security level for time and access events on the
specific reader. You can specify which parameters will be requested and checked for each
event clocking.
Verify Badge Number - This option is always selected and disabled due to device specifics.
Verify PIN - Select this option, if you want PIN to be checked during registration on the
reader.
Verify Schedule - This option is always selected and disabled due to device specifics.
Idea: For the verification of PIN, a wild card can be set on the user level in Time&Space
Manager.
Advanced
Reader settings
If user interface type is Sigma 4 or 16 Buttons, two additional settings are available on the
user interface:
An administrator can login to terminal and access several functionalities under administration
menu. It allows administrator to perform configuration, add users, upload multimedia,
download logs, etc.
In this mode, badge number of the user is entered using the MorphoAccess® SIGMA Series
terminal keyboard.
Keyboard icon
Max Response Time - This option defines how long the device should wait for Event
Processor service to respond when sending data that need to be confirmed. If the server
does not respond within the specified time, the terminal will switch to off-line mode. The
default value is 30 seconds. Increase this value if your computer or network communication
is slow (the default value may be too short in such situations).
Profile Update Priority - This option is used to defined custom update priority of access
profiles for a specific device. Value 0 represents the highest priority.
Enable Profiles - If this option is not selected, this reader will ignore users access profiles.
Enable Notifications - If this option is selected, email notification will be generated when
device's status goes to Offline.
Picture Capture - By default this option is disabled. If enabled, it can work in the following
operation modes: Photo Taking - One picture is captured during the registration on the
terminal; Face detection (optional) - Multiple pictures are taken and face detection is
performed. If a face is detected in one or multiple photo, save the photo with the best face
detection quality measure.; Face detection (mandatory) - Take multiple pictures and
perform face detection. If no photo contains a face, the user is rejected.
Advanced Settings
Warning: It is a pre-requisite that the terminal should have an SD card plugged in for
Picture Capture On Registration option.