Security - Accounts

The Web-Browser and Programmatic interfaces to the NetRS provide methods for modifying the controls and accessing the information in the NetRS, using the network based HTTP and HTTPS protocols. Without restrictions, these methods could be used by anyone with access to the NetRS's network. That may be undesireable, especially if the NetRS is plugged directly into the Internet. To solve this problem, the NetRS allows you to restrict access to the HTTP/HTTPS interfaces using a system of accounts and passwords. You can use this mechanism to set up accounts that restrict or allow access to several classes of controls and information.

The NetRS is shipped without HTTP/HTTPS security being enabled. This is not the recommended mode of operation. A security strategy that uses one or more accounts is recommended. This can protect not only against malicious attacks, but also against the accidental change of critical receiver settings that can affect day-to-day operation.

The HTTP/HTTPS security mechanism allows the creation of Accounts, each of which is associated with a name and a password. Each account also has a set of Access rights which provide permissions to use various parts of the HTTP/HTTPS interface. For example, an account might created that allows the user to access logged data files, but prevents that user from changing any of the control settings of the NetRS. A different account could be set up that would provide full access to all data and controls. See the help page for Security - Access Controls for a complete discussion of which features are enabled by the various access levels.

Managing Security Accounts

The Security - Accounts page is available through the Security menu on the browser interface's main menu. It shows a list of all currently defined accounts. In addition to the account names, the Access rights given to each account are shown. Links on this page can be used to edit existing accounts or create new ones.

Note that if the System Controls access mode is set to Restricted, then displaying the list of accounts will require a System Controls account name and password.

Creating New Accounts

A new account can be created by clicking on the Create NEW Account link. This will bring up a page that allows you to enter the account name, password and access rights. Click on Create Account to finish the process.

Account names and passwords are case sensitive. Account names cannot use space characters or non-printable ASCII characters. The password entry fields will not show the actual characters that you type. The password must be entered twice to verify that it is entered correctly.

Editing Existing Accounts

Existing accounts can be modified from the Security - Accounts page by clicking on the name of the account. The Edit Accounts link can also be used to start the process. Either of these will lead to a page similar to that used for creating a new account. The Select Account popup menu allows you to select which account you wish to modify. You can then adjust the Access Rights and optionally enter a new password. Clicking on Accept Changes will finish the process.

The password on an account can be modified using an alternate method that does not require System Control access rights. The main menu item Security - Change Password lets someone who has the old password change it to a new setting. This is designed to allow a system administrator to create an account with a temporary password for a user. Then the user can modify the password to a private setting.

Deleting Accounts

Any existing account (except the sysadmin account) can be removed from the system. Follow the process to edit an account and click on the Delete Account button.

Top