'Extras' > 'System Protection' > 'Protection of <my system>', click on 'SYSTEM' > 'Advanced'.

When the login the message 'Members mismatch, 6 instead of 5' (example) appears, you can change the number of members by double clicking on '5 members' and changing the number of members.

Configure Protection

You can assign commonly used permissions to the 'Administrator' and 'Everyone' user accounts.

  • Double-click on the 'Permission Level' column.
  • A ComboBox appears, where you can assign the following predefined permissions:

The following permissions are basic templates that you can refine by pressing the 'Advanced' button:

No Access

The account has no access to this system

Read

Permissions to read basic settings and all configuration pages

Modify

Read and write configuration, apply factory and user settings

System Integrator

Administrate 'SYSTEM' and other accounts

The 'SYSTEM' account has the highest level of control within the system. You can use the 'SYSTEM' account to set up basic rules that apply to all accounts.

To change the default behavior, select 'SYSTEM' and click 'Advanced'.

'SYSTEM' security entry

'Minimum Password Complexity Level' area

Standard

The minimum password length is eight characters.

Note: this setting should not be used any more due to security reasons.

Strong

The minimum password length is twelve characters. The password must contain at least three out of four of the following character types:

  • alphabetic characters (lower case)
  • alphabetic characters (upper case)
  • alpha numerical characters (0...9)
  • Special characters, e.g.: _,#,/€,@,^,°,~,>,*)

Existing systems

Existing systems can still work with less stringent passwords.

When adding a new station an existing system requires a change to a Strong password.

Note: For security reasons it is highly recommended to change all passwords of a system to strong passwords.

Permissions:

  • 'Filter this System completely'
    • If no password is provided at startup, then the system is not visible to the user.
  • 'Hide in list of protected Systems'
    • System is not listed initially and has to be unlocked manually in the menu as follows:

'Extras' > 'System Protection' > 'Protection of <my system>' > 'Login to System <my system name>'.

  • Enable Auto-Logon with weak PW
    • Do NOT enable this checkbox.
  • Disable checking number of members
    • This option can be useful for systems where the number of members is dynamic. For example, in systems with mobile components.
    • If the option is checked, then different system members do not cause an error in the IDE.
  • Disable Account Administrator 'Everyone' / 'Specific'
    • This can be used to lock out any user account immediately.
    • Immediately after one or more permissions were changed, all 'PACE-Net' users who are logged in under that account were logged off from the system automatically.
    • All users are logged off if the 'Minimum Password Complexity Level' has been raised to a higher level.

Changing a password

Clicking on the 'Change PW' button opens a dialog that prompts the user for a new password.

The required complexity of the provided password is configurable in the SYSTEM security entry.

Changing a system password
  • After a password was changed for a system, all 'PACE-Net' users who are logged in under that account were logged off from the system automatically.
  • If the 'Filter this System completely' option is checked, the system will disappear from view immediately until the user logs in again.

To set the 'Administrator' or 'Everyone' user permissions, select the account 'Administrator' or 'Everyone' and click 'Advanced'.

Immediately after one or more permissions were changed, all 'PACE-Net' users who are logged in under that account were logged off from the system automatically.

Setting user permissions

Permission

Description

'Read Basic Station Configuration'

'Allow': Is available to the user

'Read Configuration Pages, create UserSettings'

Read all configuration pages and create user settings

'Read Configuration Pages over  API'

Enable read Configuration Pages to TCP/IP API Clients

'Read Permissions'

Read the Security ACL

'Write Basic Station Configuration'

User is able to make changes to the 'Basic Station Configuration' page

'Write/Update config pages, apply factory/Usersettings'

User is able to make changes to all configuration pages, containing User Settings

'Write Configuration Pages over API'

Enable changes of Configuration Pages to TCP/IP API Clients

'Change Permissions'

The user is able to change permissions of all users below him

'Set / Change Password'

The user is able to change his password and all users below him

'Manage System: Change SystemName, Add/Remove members, etc.'

Use this to enable users to remove stations from a protected system or add new members.

'Firmware/Controller Updates, Audio System Settings'

Apply Firmware Updates to stations and change the Audio System Settings (Cycletime of System Clock and the Audio Quality)

'Write the SD-Card/Flash Sound files'

Write permissions on the SD card

'Record Audio'

Enable software feature to record network channels.

'Print / Plot / Copy to Clipboard'

Print paper strips, print Configuration and plot System Overview.