User Properties Tab – Metasys Local User - Metasys - LIT-1201528 - General System Information - Metasys System - 10.1

Security Administrator System Technical Bulletin

Product
Building Automation Systems > Building Automation Systems > Metasys System
Document type
Technical Bulletin
Document number
LIT-1201528
Version
10.1
Revision date
2020-01-21

The User Properties tab defines the general information about the user: username, type of account, and password information (Figure 1). You can set these user properties for any new user you define. However, you cannot modify some or all of the user properties for the two predefined system users: BasicSysAgent and MetasysSysAgent. This restriction is according to design. For an Active Directory service user, see User Properties Tab – Active Directory Service User. For a RADIUS user, see User Properties Tab – RADIUS User.

Figure 1. User Properties Tab – Metasys Local User

Table 1. User Properties Tab Parameters – Metasys Local User

Field

Description

Default Value

Required

User Name

Displays the login name of the user. The default name in the User Name field when creating a new user is New User. The default name when creating a copy of a user is Copy of <username>, where <username> is the name of the user being copied.
Note:
  • This login name is a Metasys system username; it is not the Microsoft Windows operating system username. However, for the MetasysSysAgent account, the username is both a Metasys system name and a Windows operating system username on the NAE/SNC/SNE platforms, excluding the server-based NAE/SNC/SNE.
  • Do not use extended ASCII characters to create usernames.
  • Do not use the @ and \ characters. These characters are reserved characters for Active Directory service usernames and cannot be used within a Metasys local username.

User Name

Yes

Description

Displays a description of the user.

---

No

Password

Displays the password entered for the user. Metasys server and engine platforms require complex passwords. For more information, see Password Rules and Password Complexity.

Note: For the MetasysSysAgent user only, the Password field cannot be edited. To change the password for the MetasysSysAgent user, select the Tools > Change Password menu option.

---

Yes

Verify Password

Confirms the letters, numbers, and symbols typed into the Password box.

Note: For the MetasysSysAgent user only, the Verify Password field cannot be edited. To change the password for the MetasysSysAgent user, select the Tools > Change Password menu option.

---

Yes

View Blocked Words List

Displays the Blocked Words List.

   

View Password Policy

Displays the rules for password complexity which varies for English and non-English users. For further information see Password Rules.

Figure 2. View Password Policy Window

   

Minimum Password Length

Allows the user to set the minimum character length for the password. The default minimum character length is 8.

You cannot set the minimum character length below 8 characters.

   

Maximum Password Length

Allows the user to set the maximum character length for the password. The default maximum character length is 50.

You cannot set the maximum character length above 50 characters.

   

Single Access User

Allows the user to log in to the account once. After logging on once, the account becomes disabled.

Cleared

No

Temporary User

Allows the user to access the system as a temporary user. The user can access the account as long as it has not expired. When expired, the user is logged out of the system.

---

No

Expires On

Allows the administrator to specify the date on which a temporary user's account expires. The account expires at the end of the specified date (midnight), after which the user can no longer access the system.

Note: If a user account is created when the Site Director is set to an incorrect future date and time and the user account password is later set to expire after some number of days, the password may not expire until the incorrect future date and time. The user account stores a timestamp for when the user’s password was last changed, and the system does not expire the password until the number of days after the stored value.

For example, suppose that you create a user account on Monday, November 4, 2013. However, the Site Director date is set to Monday, May 4, 2015. If you then set the user account's password to expire in 30 days, the password does not expire 30 days from Monday, November 4, 2013.

To resolve this issue, ensure you select the User Must Change Password at Next Login option when you set a user account password to expire after a period of time. Doing so forces the user to create a new password at the next login and again after the time period has elapsed. To prevent this issue, ensure that your Site Director is always set to the current date and time.

The default value is the current date.

Yes, if temporary user selected.

User Must Change Password at Next Logon

Requires that the users change their passwords the next time they log in to the system.

Selected

No

User Cannot Change Password

Disables the ability to change the password.

Cleared

No

Account Disabled

Disables the user account. The BasicSysAgent account is disabled by default. A Standard Access administrator must enable the BasicSysAgent account to grant a Basic Access administrator access to the Basic Access version of the Security Administrator system.

Cleared

No

Account Locked Out

Allows the administrator to reset a locked out user account.

Cleared

No

User Can Modify Own Profile

Allows the users to update their own profile information. The administrator can also change or update the profile information by using the User Profile tab.

Selected

No

User Can View the Item Navigation Tree (Default Tree)

Designates that a user can view the All Items navigation tree.

Selected

No

User Can Disable Alarm Pop-ups

Allows the user to disable or enable alarm windows.

Selected

No

Access Type

Specifies the type of access the user has to the system. Selections are Standard Access, Basic Access, and Tenant Access. For accounts created by a Basic Access administrator, the default is Basic Access.

Metasys for Validated Environment (MVE) sites do not support Basic Access user accounts and Tenant Access user accounts. MVE sites support System Access only.

Standard

Yes