Assign tasks/user roles to AXM users

User roles are permissions for specific task fields. You can use the user roles to set which user is permitted to do what to your locking system. You can thus increase security in your locking system.

Only give each user the rights that they need to perform the designated tasks. Someone who only reads access lists, for example, does not need the locking system Access List Administration role. After all, they only need to read access lists and do not decide who is allowed to read access lists.

There are the following user roles in your AXM Classic:

Only the Access List Administration and Access lists user roles can be changed in the Locking system roles in AXM Classic.

Project roles

Protocol	Allows the database log to be read and exported. Example: Tracking activities in the database (log)
Time Plan Management	Allows schedules to be edited. Examples: Creating a schedule Create time group Deleting schedules
Site/Building management	Allows the corresponding organisational structures to be edited. Examples: Creating a location Creating a building and assigning it to a location
Using SmartSync	Allows the use of SmartSync.
Hashtags	Allows hashtags to be edited. Example: Creating a hashtag
User administration	Allows persons to be assigned to users and user roles to be edited. Examples: Name person as an AXM user Assign tasks/user roles to AXM users
AX Manager settings	Allows your AXM Classic settings to be edited. Example: Your personalised AXM interface

Locking system roles

Locking systems	Allows locking system details to be edited. Examples: Create locking system Changing locking system password Enable cards or transponders
Accesses	Allows access rights to be read and changed. Examples: Changing individual authorisations (cross) Changing many authorisations (on identification media and/or locking devices)
Personnel administration	Allows personal data to be edited. Example: Persons and identification media
Reporting	Allows reports to be exported. Examples: Exporting the data protection report (GDPR) Displaying the report for identification media issue
Access List Administration	Allows the Access lists and Access List Administration user roles to be changed. Anyone who does not have these user roles cannot read access lists themselves or allow others to.
Access lists	Allows access lists and physical access lists to be read. Examples: Synchronising the locking device (including reading access list) Synchronise an identification medium (including importing physical access list)

Area roles

Read out lock

Allows locking devices to be read in general.

Example: Synchronising the locking device (including reading access list)

Program locks

Allows locking devices to be synchronised.

Example: Synchronising the locking device (including reading access list)

View/edit locks and areas

Allows locking devices and areas to be edited.

Examples:

Person group roles

Read Transponder

Allows identification media to be read in general.

Examples:

Programm Transponder

Allows identification media to be programmed.

Example: Synchronise an identification medium (including importing physical access list)

View/edit transponders and groups

Allows identification media and person groups to be viewed and edited.

Examples:

You can assign user roles in user management. In the example, AdminAL should no longer be able to decide whether other users are allowed to read access lists. As a result, we will deactivate the Access List Administration user role for them.

AXM Classic open.
At least one identification medium or at least one person is created.

Click on the orange AXM icon .
AXM bar opens.
Select the User entry in the SETTINGS group.
The AXM bar will close.
The User tab will open.
Click the user whose user roles you want to edit (example: AdminAL).
The User window will open.
Click on the tab with the role that you want to change (example: Locking system roles tab).
Window switches to the Locking system roles tab.
Activate or deactivate the desired user roles (example: deactivate the Access List Administration check box).
Use the Next > button to switch to the next tab or complete the entries with the Finish button.
User window closes.

New user roles have been assigned (example: AdminAL can change no longer the Access lists and Access List Administration check boxes).

NOTE

“Locking out” own user

Users can also restrict their own user roles. Depending on which user roles are affected, these users can no longer restore them themselves.

Example: If you lock the Access lists and Access List Administration user roles yourself, you do not have the rights to change access list user roles. You have locked yourself out of these user roles.

AXM Classic prevents all users from locking themselves out of a user role simultaneously. If this is the case, the corresponding check box is greyed out.

Check carefully which user roles you activate or deactivate.
In such a case, ask another authorised user to assign the desired user role to you again.

Also see

Synchronising the locking device (including reading access list)