How to: Create User groups

Last modified: Monday May 09, 2022.

User groups provide you with a convenient way to provide permissions and group your users. You can assign the system permissions, roles, and sites and device groups that apply to each user group.

Choose the Access mechanism for each User group to define User groups that can access your Aware deployment from anywhere by using the vcloud Gateway and from your local network, restrict some User groups to only be able to access Aware when connected to your local network, or create User groups to only stream video (either live or historic) using RTSP.

Tip

User groups with the RTSP streaming access mechanism cannot access the Aware user interface, they can only view the video streams. Only User groups that include the RTSP streaming access mechanism can access RTSP streams.

Depending on the options you choose when creating your User groups, you can provide permissions for your users to have access to Aware locally, have access both locally and via the Ava Cloud gateway, or create User groups that only contain the permissions needed to access the RTSP streams from your Aware deployment.

Note

When using single sign-on (SSO), Aware Cloud relies on the Identity provider (IdP) providing the name of the User group for each user.

Any changes to the User group name after setting up SSO could cause all users within that user group to be unable to log in using SSO to your Aware Cloud deployment.

Prerequisites

Only users with the Administrator role can access the Users tools.

Tip

The User groups uses General permissions settings; ensure you have configured the General permissions you need for your User groups.

Task — Open the Users tool

  1. Log in to your Ava Aware deployment as an Administrator.
  2. Click New tool from the tool ribbon, or click the Add new tool button Add new tool button, then select Users tool button Users.
    Tip

    If the Users tab is already open, click the tab to view the page.

Task — Create User groups

Tip

If you cannot see buttons across the bottom of the browser window, click the Footer handle footer handle icon.

  1. Click the User groups button User groups button.
    The User groups dialog is shown.
  2. Click the Add user group button Add user group button.
  3. Type a name for the new User group and press Enter.
  4. To force users in this User group to use 2 factor authentication each time they sign into Aware, check Require 2 factor authentication when signing in.
    Tip

    2 factor authentication is not available for users that sign in using SAML single sign on (SSO).

  5. To prevent users in this User group from using the Ava Aware mobile apps, check Block mobile app access.
  6. To restrict the times that users in this User group can sign into your Aware deployment, check Restrict sign in times. When checked, the Days & time sub-section is enabled.
    1. Select the relevant Timezone for the schedule.
    2. Click + Add more to create a time schedule.
    3. Define the days and times when users in this User group can sign into your Aware deployment.
    4. Click + Add more to add another time period to the schedule, for example, weekend times where the times are different to weekdays.
  7. Select the System permissions to assign to this User group.
    If you do not have suitable System permissions set up:
    1. Click the Configure System roles button Configure System roles button.
      The System roles dialog is shown.
    2. Create a new System role, or edit the permissions for an existing role to meet your requirements.
    3. Click Done.
  8. Select the Device permissions to assign to this User group.
    Tip

    You can preview the selected permissions by clicking the Preview permissions icon Preview permissions icon.

  9. Click Done.

Task — Edit an existing User group

Tip

If you cannot see buttons across the bottom of the browser window, click the Footer handle footer handle icon.

  1. Click the User groups button User groups button.
    The User groups dialog is shown.
  2. Select the User group to be changed.
  3. Make any required changes to the System roles.
  4. Make any required changes to the Roles and Sites.
  5. When you have completed your required changes, click Done.

Task — Delete a User group

Tip

If you cannot see buttons across the bottom of the browser window, click the Footer handle footer handle icon.

  1. Click the User groups button User groups button.
    The User groups dialog is shown.
  2. Select the User group to be deleted.
  3. Click the Remove Role button Remove User group button.
  4. Click Delete to remove the selected User group.
  5. Click Done.