Software Reference Manual

Transcription

Crystal Access System
Software Reference Manual
Updated to reflect changes in ISONAS Software V 15
January 2015
ISONAS Crystal Access System
Software Reference
Contents
Software Installation ................................................................................... 5
Software Registration ................................................................................. 7
Upgrade of Software ................................................................................ 12
Software Overview ................................................................................... 13
Crystal Access Administrator ........................................................................................ 13
Crystal Access Monitor and IP Monitor ....................................................................... 13
Badge Printing................................................................................................................. 13
Controller Supervisor ..................................................................................................... 13
Recovery Supervisor ....................................................................................................... 14
Database Repair and Maintenance ............................................................................... 14
CCheck ............................................................................................................................. 14
CMLoad ........................................................................................................................... 14
CTEST ............................................................................................................................. 14
Interfaces – INRServ (ISONAS Notification Request Server) ................................... 15
IOSupervisor ................................................................................................................... 15
ISONAS Copy.................................................................................................................. 15
ISONASRPT .................................................................................................................... 15
Virtual Reader ................................................................................................................. 15
PlugNPlay ........................................................................................................................ 15
RSUP ................................................................................................................................ 16
Virtual Input Output Box .............................................................................................. 16
Administrative Program (ISONAS.EXE) ..................................................................... 16
Logging On ...................................................................................................................... 16
1
February 10, 2014
Software Reference
Viewing the Network ...................................................................................................... 19
Defining the network ...................................................................................................... 20
Defining Doors.............................................................................................................. 22
Network Status ................................................................................................................ 41
Suppressing Alarms for Doors ....................................................................................... 42
Programming Reader Controller Behavior for Multiple Units .................................. 43
Starting and Stopping Communication Programs ...................................................... 50
Application Menu –Passwords and Options ................................................................ 55
Application Menu – Start Crystal Access Monitor ...................................................... 60
Application Menu – Support/License............................................................................ 60
Network Menu – View Network .................................................................................... 61
Network Menu – View Areas ......................................................................................... 61
Network Menu – Virtual Reader ................................................................................... 62
Calendar Menu – Holidays ............................................................................................ 62
Calendar Menu – Shifts .................................................................................................. 62
IOModules Menu ............................................................................................................ 64
I/O Supervisors Tab ...................................................................................................... 64
Defining an IO Module ................................................................................................. 65
I/O Groups Tab ............................................................................................................. 69
I/O Profiles .................................................................................................................... 70
Doors Menu - Doors ........................................................................................................ 73
Doors Menu – Floor/Site Plans ...................................................................................... 73
Doors Menu –Review Programming ............................................................................. 75
Doors Menu –Door Images ............................................................................................ 76
People Menu – People/Badges........................................................................................ 76
People Menu – REX and AUX ....................................................................................... 86
People Menu – Groups ................................................................................................... 86
2
February 10, 2014
Software Reference
People Menu – User Defined Fields ............................................................................... 88
Rights Menu – Permissions ............................................................................................ 88
Rights Menu – Permission Groups................................................................................ 94
Rights Menu – Scheduled Events .................................................................................. 95
Special Badge Properties ................................................................................................ 96
Files/Reports Menu ......................................................................................................... 98
Scripts Menu.................................................................................................................... 98
Monitor And IP Monitor Programs .......................................................... 101
Logging on to the Monitor Program ........................................................................... 104
Operational Levels within the Monitor Program ...................................................... 105
Functions Available within the Monitor Program..................................................... 107
Current History ........................................................................................................... 107
UNLOCK,LOCKDOWN,NORMAL,CLEAR ........................................................... 108
Roster .......................................................................................................................... 108
Lookup ........................................................................................................................ 110
Doors ........................................................................................................................... 110
Door Groups................................................................................................................ 111
Alarms ......................................................................................................................... 112
Activity ....................................................................................................................... 113
Monitoring Input and Output Points ........................................................................... 113
View 1 through View 5 ............................................................................................... 114
Plan View ....................................................................................................................... 115
Attendance .................................................................................................................. 117
Filtered History ........................................................................................................... 119
Options ........................................................................................................................ 119
CSUP Program ...................................................................................... 120
Communications Supervisor Startup Options ........................................................... 121
Controller Supervisor Stop Options............................................................................ 125
Advanced Networking ............................................................................ 126
Conceptual Overview.................................................................................................... 127
Maximums ..................................................................................................................... 128
3
February 10, 2014
Software Reference
Sharing the Database .................................................................................................... 128
Location of Software ..................................................................................................... 128
Where to run the Communications Supervisor programs ........................................ 129
How to start Communications Supervisor program ................................................. 129
Badging Program ................................................................................... 130
Options ........................................................................................................................ 130
People/Badges ............................................................................................................. 131
Read BadgeIds ............................................................................................................ 131
Card Layouts ............................................................................................................... 132
CardPrinter-Single ...................................................................................................... 136
CardPrinter-Multiple Badges ...................................................................................... 137
Tools/Utilities .......................................................................................... 138
CTEST ........................................................................................................................... 138
Database Repair and Maintenance (DBRM) ............................................................. 139
Check .......................................................................................................................... 140
Repair .......................................................................................................................... 141
Import .......................................................................................................................... 141
Export.......................................................................................................................... 144
Convert........................................................................................................................ 145
ISOCopy......................................................................................................................... 146
Virtual Reader ............................................................................................................... 147
PlugNPlay ...................................................................................................................... 147
PlugNPlay – AutoFind ................................................................................................ 149
PlugNPlay - Find......................................................................................................... 150
PlugNPlay – Manage IP Address Pool ....................................................................... 150
PlugNPlay – Change IP Address ................................................................................ 151
PlugNPlay – Add to ISONAS Network ...................................................................... 152
PlugNPlay - Strobe ..................................................................................................... 152
PlugNPlay - Configure ................................................................................................ 153
PlugNPlay - Security................................................................................................... 154
CMLOAD ...................................................................................................................... 155
CCheck ........................................................................................................................... 158
Appendix A - Configuring ISONAS readers and DHCP .......................... 159
4
February 10, 2014
Software Reference
Configuring DHCP service........................................................................................... 159
Configuring DNS service .............................................................................................. 159
DNS and Crystal Matrix Notification ......................................................................... 159
Enabling PowerNet DHCP Support ............................................................................ 160
Enabling DHCP with PlugNPlay ................................................................................. 160
Enabling DHCP with Embedded Web Pages ............................................................. 161
Setting up PlugNPlay .................................................................................................... 163
Running PlugNPlay ...................................................................................................... 163
Running PlugNPlay on an as needed basis ................................................................. 163
Running PlugNPlay as a TSR ..................................................................................... 163
Running PlugNPlay as a windows service.................................................................. 163
PlugNPlay processing IP changes ................................................................................ 164
Manually ..................................................................................................................... 164
Semi-Automated ......................................................................................................... 164
Fully Automated ......................................................................................................... 164
Appendix B – Installing and Configuring the IP Monitor ......................... 165
Install the IP Server on the system where the Crystal software is installed ............... 165
Configure the IP Data Server ...................................................................................... 166
Create a Shortcut to IPCrystal.exe on the Remote Computer ..................................... 169
Appendix C – ThyssenKrupp Elevator Systems Interface ...................... 170
Defining the TKSup (ThyssenKrupp IO Supervisor) ................................................. 171
Editing the defined IOModules................................................................................... 173
Defining the IOGroup ................................................................................................. 173
Associating a Reader Controller with the IOGroup .................................................... 174
Associating Reader Controllers with ThyssenKrupp Entry Devices .......................... 174
Assigning Permissions including Profiles .................................................................. 177
Initializing Landing Access using Business Rules ..................................................... 177
Appendix D – Redundant and Overlapping Permissions ....................... 178
Software Installation
The most recent versions of ISONAS software can be downloaded from
http://www.isonas.com
5
February 10, 2014
Software Reference
Follow the Support link to SoftwareDownloads
You may run the self installing executables either by double clicking on them or
by running them from the RUN command line.
The software will self license itself for 30 days.
.
The installation process is self explanatory. The default installation directory is
C:\APPS\ISONAS but you may install at any location you wish. NOTE: If you are
installing in a Windows Vista, Window 7, Server 2007 or Server 2008
system, we strongly recommend that you DO NOT install in the Program
Files or ProgramFiles(86) directory. These operating systems treat that folder
in a highly specialized manner and upgrading the ISONAS software is very
difficult if it is installed in the Program Files directory.
You will be given a choice of which components to install. We recommend that
you install the Database Maintenance and Utilities and Interfaces for possible
6
February 10, 2014
Software Reference
future use.
The final screen of a successful installation confirms the success and tells you
the default password for the Administrative module.
Software Registration
When you install the software, it automatically licenses itself for 30 days from the
time of first execution. Each time you bring up either the Administrative program
or the Monitor program or the Badge printing program you will see a message
similar to the one shown below:
7
February 10, 2014
Software Reference
You may simply ignore this message and close the window to proceed with
configuration and use of the software, but sometime before the expiration date
you must register your software. Once you have registered, you will not see this
screen again unless you request it as explained below under the Passwords and
Options screen or by using the Help/Support menu.
The Site tab provides an area to record the administrative and support contact
information for this site. All of the fields should be filled in before you register the
software. Once you have completed filling in the Site Information screen you may
register the software, either by direct submission (this is the recommended
approach) or by email.
The Register button will attempt to connect to the ISONAS server to complete the
registration process. If this connection fails (typically because system security
settings prevent the program from making the outbound connection) you can
register by email. To do this, send an email with an attached file to:
[email protected]
The file which you should attach is in the …/ISONAS/LiveDB folder after you
have pushed the Register button. That file is:
…/ISONAS/LiveDB/REGISTER_SITE.XML
It is recommended that you wait until you have successfully configured your
system and communicated with all of the reader controllers before you Register.
The reason for this is that information about your specific reader controllers will
be provided to ISONAS as part of the registration process.
8
February 10, 2014
Software Reference
To register optional products you must use the Register tab:
To license the basic Crystal Access system, you do not need to fill in any sales
order numbers. If you have purchased any of the optional features listed, you
must enter the ISONAS order number for that purchase in the field provided. If
the same order number was used to purchase multiple items, you only need to
enter it once.
To register or reregister, simply push the Register button. The program will
connect to the ISONAS site and provide the Site information and information
about your configuration to ISONAS. ISONAS will send a response that will be
displayed and will update your site ID and license information. You should review
the response screen for any error messages. If you have incorrectly specified
one of the ISONAS sales order numbers you may not be correctly licensed for all
the options that you have purchased. After you accept the response screen the
system will display the Current Licenses tab.
You should review this to confirm that you have received the correct licenses.
You should reregister when you add reader controllers to an existing system so
that your records are up to date.
9
February 10, 2014
Software Reference
If you do not have an intenet connection you can register by phone or by the
email process previously described.
10
February 10, 2014
Software Reference
As the screen instructions indicate, you will provide the Software Identification
Number and receive an Authorization String which you will need to enter into the
fields on the screen.
The screen also has a tab for requesting technical support from ISONAS.
Pressing submit here will directly enter your request into the ISONAS call
tracking system. You will receive an email confirming that the call has been
logged and should then be contacted by ISONAS, either by email or by phone.
The last tab on this screen simply identifies the site to which registration and
support requests are sent.
11
February 10, 2014
Software Reference
Upgrade of Software
If you are reinstalling an upgrade, we strongly recommend that you make a
complete backup copy of your current system (copy the entire ISONAS folder –
this will save both the software and the database) before you start the installation
process.
The installation process will automatically run one of the utility programs, DBRM
(DataBase Repair and Maintenance) which will automatically convert all versions
later than 11 to the current version. If you are converting from an older version,
you may contact ISONAS for assistance.
If you have an older database and wish to proceed without contacting ISONAS,
the recommended approach is as follows:
1) Run the older version to export the Names of people and group
assignments to ASCII files. This can be done either by using the reporting
menu in the administrative module and choosing the ASCII file output or
by using the Export tool in the DBRM utility program which is available
with more recent version of the ISONAS software.
2) You will then need to use a tool such as Excel or Access to reformat the
data as required for the most recent version of the software (add columns
as necessary). You can then use the DBRM facility in the new version to
import the data. You can easily discover the new format by creating a
single record and exporting it to create an example file.
3) Import the people and groups.
12
February 10, 2014
Software Reference
4) Redefine the controller network.
5) Redefine shifts and permissions.
Software Overview
Crystal Access Administrator
This is the administrative application (ISONAS.exe). It provides all of the facilities
used to define the system and how it should operate, including the definition of
people, assignment of badges, definition of doors and shifts and definition of
permissions. It is only necessary for this program to be run when defining or
revising this information. If the access control system is installed on a computer
which is connected to a network, there can be many different computers in the
network that are used from time to time to update the database that defines the
system and how it operates.
Crystal Access Monitor and IP Monitor
The Monitor application (crystal.exe) and the IP Monitor (ipcrystal.exe) are
nearly identical in functional capabilities. They display the current state and
ongoing activity of the door controllers and IO Modules. If operations are
enabled,they will allow the operator to manually unlatch a door, LOCK or
UNLOCK a door, clear ALARMS or remove people from the “IN” list which is
used to prevent “Passback” of badges so that multiple entries to the facility can
be done with the same badge credential. It is not necessary for the Monitor or
Administrator programs to be running for the access control system to be
operating. In a network installation, there may be many copies of the monitor or
administrative programs running at the same time.
The crystal.exe program uses direct file I/O to access the database tables. The
ipcrystal.exe uses an IP Server program to access the database tables. The IP
Server technique can offer both performance and security advantages when
running the application over the network. The IP Server requires several
additional installation and configuration steps which are documented in Appendix
B.
Badge Printing
This is the badge printing application (badging.exe) which can print photos and
other information on the badges used by the access control system. This is an
optional program sold separately from the access control system but running
from a common database.
Controller Supervisor
The Controller Supervisor (CSUP.exe) program is the application that actively
communicates with the reader controllers. This program must be running for the
13
February 10, 2014
Software Reference
access control system to operate in HOST mode. There may be multiple copies
of the program running if the installation has defined the reader controllers to be
connected to different supervisors. These multiple copies may run on the same
physical computer or on different computers in the network.
Recovery Supervisor
The Recovery Supervisor (RSUP.exe) program is responsible for reestablishing
communications with any reader controllers that get “dropped” by a CSUP.
Reader controllers will be dropped by a CSUP if they are not responding to
commands or will not accept a TCP/IP connection. This architecture allows the
CSUP to continue servicing working reader controllers without spending time and
cycles attempting to connect/communicate with units that are not responding.
The RSUP will continue to attempt to reestablish communications with the
dropped units. Once the units are again responding, the RSUP will notify the
CSUP that the unit is available and the CSUP will pick it up again.
Database Repair and Maintenance
The DBRM (Database Repair and Maintenance) application (DBRM.exe) is
provided to allow import and export of the database of People. It also has utilities
within it that will recover data from the database files in the unlikely event that
there is a database corruption. It also contains conversion programs to assist in
upgrading the database for some required changes.
CCheck
The Controller Check application (CCheck.exe) will read data back from reader
controllers and compare the programming data in the controller to that in the host
database. Discrepancies will be noted. (If a controller is offline when a compile is
done or goes offline while the data is still being sent to the controllers it is
possible for the database in the controller to be out of sync with the host
database.
CMLoad
The Controller Microcode Load (CMLoad.exe) will load PIC and Freescale
microprocessor microcode and embedded web pages into the ISONAS reader
controllers. (CTEST will also perform these functions, but CMLoad will start
multiple simultaneous threads to do the loading for multiple units simultaneously.
CTEST
The CTEST application (CTEST.exe) will allow individual commands to be sent
to specific controllers, These programs are normally used only during the initial
installation and testing of a system and as a diagnostic tool to help isolate and
correct problems during subsequent operation. The CTEST program also will
load microcode into reader controllers. CTEST and CSUP are mutually exclusive,
14
February 10, 2014
Software Reference
so only one of them may be running for a specified group of reader controllers
defined as connected to a specific controller supervisor.
Interfaces – INRServ (ISONAS Notification Request Server)
The INRServ program provides easy access to ISONAS supported interfaces
including SNMP, ISOAscii, and TCP/IP. The interface to the Microsoft Active
Directory is the (separate) ADBridge.exe program. The documentation for these
interfaces is included in the download if the Intefaces component is selected.
IOSupervisor
The ISONAS IOSupervisor (IOSup.exe) is the program that communicates to the
IOModules if any have been configured within the system. It is similar to
CSUP.exe described above, but instead of communicating with the ISONAS
reader controllers, it communicates with IOModules. There can be multiple
copies of this program running and they can all run on the same physical
computer or on different computers.
ISONAS Copy
The ISONAS Copy application (ISOCOPY.exe) is provided to facilitate backing
up the ISONAS database files. Some backup programs will not copy open files,
and many of the key ISONAS database files are kept open when the ISONAS
software is in execution. The ISOCOPY program will create a copy of the key
tables used by the ISONAS access control system. After these files are created,
they are closed and therefore will be backed up by standard backup programs.
The ISOCOPY program can be run from a command line and can be scheduled
using the standard windows scheduling program.
ISONASRPT
The ISONASRPT program is invoked by the IPCrystal program and executes on
the server where the ISONAS software and database is installed. It creates an
output file containing an attendance report. The IPCrystal program then opens
and displays the report. The purpose is to avoid lengthy transmission of the
database files over the network to create the report on the computer where
IPCrystal is executing.
Virtual Reader
The ISONAS virtual reader (VirtualReader.exe) will provide an emulation of an
ISONAS RC-02 reader controller. You can run it in conjunction with the rest of
the ISONAS software to exercise and demonstrate the functions of the hardware
and software.
PlugNPlay
The ISONAS PlugNPlay program is an installation aid for IP reader controllers. It
will find ISONAS devices if they are communicating with the network (even if their
IP address is out of the addressable range) and allow you to easily change the IP
15
February 10, 2014
Software Reference
address and set other parameters for the reader controller. If you are running the
ISONAS reader controllers in a DHCP enabled mode, the PlugNPlay program
should be set up to run as a windows service. It will automatically update the
ISONAS database whenever reader controllers get new IP addresses from the
DHCP process.
RSUP
The recovery supervisor RSUP.exe is a program that has the responsibility of
“recovering” reader controllers that have been “dropped” by the CSUP program
responsible for them. Here is the logic:


When a CSUP can not communicate with a reader controller, it will retry the
communication up to the Network Retry count times and then “drop” the reader controller
from its active list. The CSUP will not attempt further communications to the reader
controller until it is notified that the unit is once again available.
When a reader controller is dropped, the RSUP program will be started (if it is not already
running). The RSUP program will attempt to reestablish communications with the
dropped reader controllers. If the RSUP is successful, it will notify the CSUP that the unit
is once again available.
Virtual Input Output Box
The VirtualInputOutputBox.exe program is an emulator for a modbus compatible
IOModule. It can be used to demonstrate, train, configure and test the ISONAS
systems ability to connect to and integrate with third party IO devices.
Administrative Program (ISONAS.EXE)
Note: The descriptions below show the full capabilities of the Crystal Access
software. If you are logged on to the system with less than full privileges you will
find some controls missing or disabled.
Logging On
Each time you run the Administrative program you will be required to enter a
password. The default password is ‘apassword’ (without the quotes). You will see
how you may change that password from within the Administrative program
below. (During the free 30 day license period the system displays the current
password on the screen below.)
16
February 10, 2014
Software Reference
While the software is unlicensed it is also enabled for the EasyWeb/Advanced
Security Option. With ASO, you may log on as the Administrator or may use an
assigned Username and Password. If you choose to use an assigned username
the screen you will see is shown below.
Virtual Reader
There is a software program that emulates an ISONAS Model RC-02 reader
controller. This program can be used for demonstration and training purposes. To
run the program select Virtual Reader from the Network menu
17
February 10, 2014
Software Reference
Select Yes to install and run the Virtual Reader.
If you choose to run a virtual reader the system will configure one in the database
using your computer name as the Supervisor name, your current IP address as
the connection, and Virtual Reader as the reader controller name. The system
will also start execution of a program which will display the following screen and
will emulate the behavior of a real reader as it receives commands from the
ISONAS software and as you manipulate the various buttons and controls
provided by the virtual reader.
18
February 10, 2014
Software Reference
You can elect to skip this step in the future by checking the “Don’t Show this offer
again” box, and you can bring up the screen from the Network/Virtual Reader
menu at any time. There is a comprehensive document describing the use of the
virtual reader in the DOC sub directory created by the installation process.
Viewing the Network
If the Administrative program has not automatically displayed the network you
may display it by selecting the ViewNetwork option under the Network Menu.
Here is an example of what will be shown.
This network contains three controller supervisors:
 Atlanta CSUP (nine IP reader controllers)
 Boulder CSUP (two IP reader controllers)
19
February 10, 2014
Software Reference
 Tampa CSUP (nine IP reader controllers )
There is also a recovery supervisor
 ~Recovery Supervisor
The function of the recovery supervisor is to attempt to recover any controllers
that are dropped because they fail to respond to commands. When the recovery
supervisor has successfully reestablished communications with a dropped reader
controller, it will notify the responsible CSUP of the recovery so the CSUP can
resume communications with it.
You can also see checkmarks beside the CSUP and RSUP programs indicating
that the programs are running. A red X icon would show that the program is not
running.
Defining the network
You may use the Insert, Change and Delete buttons shown on the network
display above to define the network. First you must use the mouse cursor to
select a level in the tree structure of the display. If you select the top Network
line, you can insert or change Supervisors.
The Supervisor name must be unique and may be set to any value you choose.
The Supervisor ID is two alphanumeric characters and may be set to anything
you wish. It must also be unique.
20
February 10, 2014
Software Reference
The Port is the TCP/IP port that you want to assign to the communications
program for this Supervisor. You may choose this arbitrarily as long as you avoid
conflicts with ports used by other processes. In a network installation, it may also
be necessary to modify the configuration of firewall or other network protection
software to allow communications of this port.
If the checkbox is checked, the system will install and run the communications
program for this Supervisor as a Windows Service. ISONAS recommends that
you do NOT select this option until your system has been installed and running
satisfactorily. Running as a service can complicate some of the debugging and
shakedown steps typically required at installation.
Checking the Enable Server checkbox will configure the controller supervisor to
accept incoming connections from reader controllers configured for client mode
of operation. The reader controllers must be configured to locate the server
where the controller supervisor (CSUP) is running and to connect to the defined
server port.
The reader controllers can be configured to require a periodic reset of an
expiration date to keep them in operation. If this is the case then setting the PIC
Expiration to a non zero value will cause the controller supervisor to send the
necessary reset command.
It is also possible to configure the controller supervisor to use encryption for
communications with all client readers, and to specify the 32 byte encryption key.
When a communications program is running, the IP Address and Host Name will
be filled in with the appropriate values of the computer where the
communications program is running.
The normal case is to leave the Configure IPAddress on the Automatic selection,
allowing the system to select the IPAddress when it starts up. In rare cases with
multiple NIC cards it may be necessary to use Manual IPAddress configuration
and set a specific IP Address to be used.
21
February 10, 2014
Software Reference
Defining Doors
Selecting anything other than the “Controller Network” label at the top of the
display will allow you to define a door (reader controller).
In Client mode the upper right quadrant of the screen shows the following fields:
22
February 10, 2014
Software Reference
Client mode specifies that the reader controller opens the connection to the
controller supervisor program. In Server mode, the controller supervisor program
opens the connection to the reader controller. Client mode is only available for
RC-03, IPBR-2 and IPBR-3 model reader controllers.
The MAC Address uniquely identifies the reader controller. In Client mode, the
server port that the unit will connect to must be preconfigured in the reader, and
must match the port that is configured for the controller supervisor.
For reader controllers in server mode, here is the screen that configures the
connection:
For IPBridge (IPBR-2 and IPBR-3) units there are some additional configuration
requirements because these units use a single IP address to connect two or
three readers to the computer.




The Controller Id can not be set. It will always be 1 for the first reader, 2
for the second reader, and 3 for the third reader (if it is an IPBR-3 unit).
The IP address for the two or 3 readers must be the same
For units configured to operate in Server mode (where the computer
initiates the connection to the unit) the port assigned to the base unit may
be any valid port in the range 1 <= port <= 65533. The ports for the
second and third units must be port +1 and port +2.
For units configured to operate in Client mode (where the reader controller
initiates the connection to the computer) the port must be the same for all
two or three readers. (In this case the Controller Id differentiates the units.)
Note: If you use the PlugNPlay program to configure the units these rules are
applied automatically.
23
February 10, 2014
Software Reference
For older reader controllers the connection could be a COMM port.
The MAC address is read from the reader by the CSUP when it is started.
The IP reader controllers all come from the factory with preset ports. (PORT
10001 for all units except IPBridge), and there is no reason to change that setting
except in special cases using Port Forwarding to connect to the units. IPBridge
units allow you specify a base port only. The second and third readers in the
IPBridge will use the specified port +1 and +2 respectively.
The Controller ID is also preset at the factory. For all IP units except the
IPBridge, it will be set to one and there is no reason to change it. For the
IPBridge, the units must be set to 1,2 and 3. For serial units it will be preset to a
value between 1-254. In the case of serial units, the Controller ID must be unique
on a given serial network so it may be necessary to change a factory preset
value if it creates conflict with another unit on the network. NOTE: There is a
reset button on the back of the reader controller (model RC-01 and RC-02). If the
button is pressed and held in, the unit will clear all settings and revert to factory
default. The factory default IP address for ALL RC-02 reader controllers is
192.168.1.27. For RC-03 and IPBridge units the default is 192.168.1.119.
The fields on the Door definition screen have the following significance:
 Door Name – a name, up to 20 characters. Must be unique.
 Description – optional description, up to 50 characters.
 Area – the area the door is associated with. May be COMMON or one of
the areas you have defined. (See Area explanation under View Area later
in this document).
 Controller ID- For IP reader-controllers, this field will almost always be set
to a value of one. For older serial readers, this is the one byte subaddress
of the controller. It will be a value between 1 – 254 and will be printed on
the controller label. If you are installing multiple serial controllers on the
same connection (the same comm port or the same thin server) they must
all have a unique Controller ID. If the factory assigned controller id values
happen to not be unique, you can use the CTEST utility program
described later in this document to change the controller Id of one of the
units.
 Port – This is the TCP/IP port that the reader controller will communicate
over (if it is an IP or Wireless IP device). The factory default is 10001 and
you can accept this default unless you have to change it to conform to
corporate network rules and conventions or to use Port Forwarding. For a
more complete discussion of Port Forwarding, reference the ISONAS
Installation and Wiring document which can be downloaded from the
ISONAS website.
24
February 10, 2014
Software Reference


IOGroup – this specifies that the Door is associated with a group of
IOModules. You can define IO Profiles and Permissions using those IO
Profiles so that digital output points on the selected IO Modules are
activated or deactivated when people present badges to the reader
controller.
There are seven settings for the Model:
o RC-01 – RC-02 RC03 use these models for ISONAS PowerNet
reader controllers, including those that have a built in keypad. The
correct model number is shown on the label on the back of the
reader, and can also be seen in PlugNPlay.
o PRC-001B – use this model for all controllers that have PRC-001B
on the label, including IP, Wireless IP and Serial units.
o PRC-001 – use this model for all controllers that have PRC-001 on
the label except for the early models as defined below for
dPRC-001
o Use KTP-Keypad for external serial connected keypads. These
must be attached to a dedicated serial connection (either a Comm
port or a thin server emulating a comm. port).
o Use Serial_1 for HID MaxiProx readers. These must be attached to
a dedicated serial connection (either a Comm port or a thin server
emulating a comm. port).
o Use dPRC-001 for early model ISONAS controllers. (Serial
numbers beginning 02xxxx or 01xxxx). These early models
required some delays in the communications protocol. If you
incorrectly define one as a PRC-001 you may see a high error rate
on the controller.
 Network Timeout – the reader controller will automatically drop into
standalone mode if it does not see communication from the host computer
for this number of seconds.
The Host Fields have the following significance
 Monitor Authority Level – this is the authority level (0-3) that the user must
have within the monitor program in order to directly operate the door. If the
user has a lower authority level they may not perform operations on the
door including ADMIT, UNLOCK, LOCKDOWN, and RESET.
 Dual Authentication – this specifies that the door will only open if two valid
badges are presented within the latch interval. You can specify a number
of different conditions:
25
February 10, 2014
Software Reference







o Any – this specifies that any two different valid badges (or a valid
badge and a valit pin code) will open the door.
o Same – the two badges/pin codes must be assigned to the same
person
o Different – the two badges/pin codes must be assigned to two
different people.
Latch Interval – this is the default latch interval for the reader controller.
This is how long the controller will remain unlocked when a valid badge is
presented.
Relatch
o Full Interval – the reader controller will relatch at the end of the
latch interval
o On Open – the reader controller will relatch when it detects that the
door has been opened
o On Close – the reader controller will relatch when it detects that the
door has been opened and closed
Clear Alarm on Authorized Open – if this item is checked then specially
authorized badges will cause the system to clear alarm conditions at the
reader controller when the badge is presented. This would allow a guard
who went to the reader controller to investigate an alarm to clear it “on
site” without having to return to the monitor location.
Admit – there are four checkboxes that control system behavior when an
admit event occurs:
o Beep – causes the buzzer to sound
o TTL1 – activates TTL1
o w/o Unlatch – does NOT activate the relay to unlatch the door
Reject – there are three checkboxes that control the system behavior
when a reject event occurs:
o Beep – causes the buzzer to sound
REX Input - the radio buttons and checkbox under REX input control
system behavior when the REX signal is activated:
o Disable – the signal is ignored
o Use REX DB – the system looks up the permissions defined for
REX in the database and admits if REX is currently authorized to
open the door.
o w/o Unlatch – if this checkbox is checked, then an admit will not
activate the relay to unlock the door.
o ALARM – create a REX ALARM event
o LOCKDOWN – puts the door into LOCKDOWN – no badges will be
accepted, even if authorized, except for MASTER badges.
AUX Input - the radio buttons and checkbox under AUX input control
system behavior when the AUX signal is activated:
o Disable – the signal is ignored
26
February 10, 2014
Software Reference

o Use AUX DB – the system looks up the permissions defined for
AUX in the database and admits if AUX is currently authorized to
open the door.
o w/o Unlatch – if this checkbox is checked, then an admit will not
activate the relay to unlock the door.
o ALARM – create a AUX ALARM event
o LOCKDOWN – puts the door into LOCKDOWN – no badges will be
accepted, even if authorized, except for MASTER badges.
Alarms - there are three alarms associated with the reader controller
o Unauthorized Open – the door sense input is indicating that the
door is physically open but the system has not authorized it to be
unlatched. The Delay field can be set to delay signaling the alarm
for up to 255 seconds.
o Extended Open – the door has been open for too long. The Interval
value specifies how long the door may be open without creating the
alarm condition.
o Tamper – the tamper detector on the reader controller is indicating
a temper condition.. the unit has been disturbed or remove from the
wall. For PowerNet and ClearNets w/optical tamper sensors, the
tamper count should be set to zero. For older units, the tamper
count can be set to require a number of sequential tamper
indications before the alarm is created to compensate for overly
sensitive tamper conditions such as a location with a lot of physical
vibration.
If you select the Local Operation Tab, you have access to the following fields:
These have the following significance:
 Latch Interval – this is the standalone latch interval
 TTL2 on Unauthorized Open – activate TTL2 if an unauthorized open
alarm is activated
 TTL1 on Tamper – activate TTL1 if a Tamper alarm is activated
 BEEP – the controller will beep on the selected events
27
February 10, 2014
Software Reference

BEEP on Accept – if a valid badge is presented in local or standalone
mode and the controller unlocks, it will beep as set here
 REX Input may be set to either Admit or to activate TTL2.
 AUX Input may be set to any of the following:
o Disable – AUX input signal will be ignored
o Authorized Access – the reader controller will unlock for the latch
interval (identical behavior to REX in standalone mode)
o TTL1 – Activate TTL1 when AUX input is detected
o TTL2 – Activate TTL2 when AUX input is detected
If you select the Local Special Badges tab you will have access to the following
screen. The green arrows allow you to select special badges that work in Local
or Standalone Mode.
If the reader controller is an RC-03 model, the screen is slightly different:
28
February 10, 2014
Software Reference
The additional buttons show whether or not a GUID is assigned and allow the
GUID to be set or viewed.
 ADD – when this badge is presented in Local or standalone mode, it will
toggle the reader between ADD and normal state. In ADD state, the lower
LED is green and any badges presented will be added to the internal
database of authorized badges. As each badge is added, the reader
controller will sound the buzzer and flash the LED.
 VOID – when this badge is presented in Local or standalone mode, it will
toggle the reader between VOID and normal state. In VOID state, the
lower LED is red and any badges presented will be removed from the
internal database of authorized badges. As each badge is removed the
reader controlle will sound the buzzer and flash the LED.
 VOID ALL – when this badge is presented and the reader is already in the
VOID state, the reader controller will void all badges and remove them
from the internal database. The reader controller will sound the buzzer
and flash the LEDs in a distinctive pattern.
 LOCKDOWN – when this badge is presented in standalone mode, it will
toggle the reader between lockdown and normal state. In lockdown state,
it will not accept any badges.
 UNLOCK – when this badge is presented in standalone mode it will toggle
the reader between unlocked and normal state.
 NORMAL - when this badge is presented in standalone mode it will force
the reader into a normal (latched) state.
Note: When programming these special badges for RC-03 readers, the full GUID
value associated with the credential must be available for the assignment to work
properly. (The Crystal software will temporarily assign short GUIDs to credentials
29
February 10, 2014
Software Reference
that have BadgeId values as an aid to conversion. These short GUIDS will be
replaced by full GUIDs when the credentials are read by RC-03 readers. The
short GUIDs will not work as special Badges.
If you have an ISONAS PowerNet reader (model RC-01, RC-02 or RC-03) the
Keypad/Serial Port tab will be available to you. If you select that tab you will have
the following screen fields available if you have an RC-02 or earlier unit:

Serial Port Mode
o Disabled – the port is disabled
o Local – the port is handled by the microcode in the reader
controller. (not currently implemented)
o Keypad - silent– the reader controller has an ISONAS integrated
keypad.
o Keypad – beeping – the reader controller has an ISONAS
integrated keypad. The unit will beep on every key press.
o Bitmask – the port is connected to an HID reader and the specified
HID Bitmask will be used to determine the card id reported to the
system.
o Data Mangle – the port is connected to an HID reader and the HID
Data Mangle algorithm will be used to determine the card id
reported to the system.
o Passthrough – the port will pass data to the PC for processing.
Passthrough data must be further defined using the drop box to
specify that the data is:
30
February 10, 2014
Software Reference






Ascii
AsciiHEX (i.e., the character string 4C33 would be
interpreted as 19507 decimal
 Binary
In Passthrough mode if the Advanced HID global flag is set on (in
the Program Doors/NetworkMode screen) it is displayed here and
the HID bitmask is applied to values received through the serial
port.
Length
o Variable – no fixed message length for messages from the attached
device
o Fixed – all messages from the device will be exactly the specified
number of bytes long.
Timeout
o The port will not timeout
o The port will discard partial message fragments after the timeout
interval (in 1/16 seconds) if a complete message is not received
within the timeout interval.
Start Characters – you may specify zero, one or two start characters (by
specifying the decimal value of the byte representing the ascii character
(i.e., “1” = 49, “*” = 42,”#” = 35 ). Values of 0 and 255 are not allowed. The
port will watch the incoming data and if the start character(s) have been
specified it will use them to identify the start of a message.
End Characters – you may specify zero, one or two end characters (by
specifying the decimal value of the byte representing the ascii character
(i.e., “1” = 49, “*” = 42,”#” = 35 ). Values of 0 and 255 are not allowed. The
port will watch the incoming data and if the end character(s) have been
specified it will use them to identify the end of a message.
For reader controllers with keypads, another common configuration is to use a
single stop character and no start character. The value 35,which is the “#”
character or the value 42 (the “*” character) may be used.
For, RC-03 units, the screen is as follows:
31
February 10, 2014
Software Reference
In this case the serial port can be configured for Wiegand data input. When it
receives the input it will either use it as a credential number directly (RAW) or will
first process it with its current HID handling technique before using it as a
credential.
The Mocrocode tab can be used to display information about the microcode
levels in the reader controller.
PRC-001B. RC-01, RC-02and RC-03 controllers have PIC processors. The
Freescale microcode is only valid for RC-01, RC-02 and RC-03 units.
The Advanced tab is shown below.
32
February 10, 2014
Software Reference
The AdvancedIO settings are available for RC-03 reader controllers and they
modify the operation of the reader controller in Local or Standalone mode. The
ISONAS RC-03 has three external inputs which are normally used as DS (Door
Sense), REX (Request Exit) and AUX (Auxilliary). Any or all of these inputs may
be set to Advanced IO input mode by checking the box under “Use Advanced”
The software interpretation of the electrical state of the REX and AUX input
switches is also modified when the Advanced IO mode is used. The table below
summarizes the behavior in both normal and AdvancedIO cases.
Normal Mode
Advanced IO Mode
Electrical
Door
REX
AUX
Input 1
Input2
Input 3
State
Sense
Open
open
off
off
open
open
open
Circuit
Short
closed
on
on
closed
closed
closed
Circuit
33
February 10, 2014
Software Reference
For the inputs that are set to “Use Advanced” you may then set the system to
signal Unauthorized Open alarms and/or Extended Open alarms, and may set
the Extended Open alarm time out value.
You may also Invert the signal so that the “meanings” of the switch on/off states
are inverted.
The LABELS values you specify will be used to report activity of the three inputs
in the monitor and in history reports.
The AdvancedIO Output settings are shown below:
The Advanced Output settings for the RC-03 allow for individual credentials
(badges/GUIDs) to be defined with specific outputs (Relay, TTL1, TTL2 and
TTL1 and 2 together). When a valid credential is presented to the RC-03
operating in Advanced Output mode, the specific outputs defined with the
credential will either be set immediately or are used to define which outputs are
permissible. The individual presenting the credential can then press a key on the
keypad to request selected outputs, and if the requested outputs are permitted
they will be set.
The Output mode settings are:
 Mixed – allows the KP Required settings for the individual outputs to
determine whether the output occurs automatically or the reader
controller waits for a keypad entry
 Auto – all outputs are automatic
 KP – all outputs require a key pad entry
The individual badges can have special properties assigned to them as
described later in this document. These special properties can include values for
the Local operation of the four outputs. (Relay, TTL1, TTL2 and TTL1 & 2
combined).
If the credential has the special property set for an output and that output does
not have the KP Entry Required check on, then when the badge is read the
output will activate (turn on) immediately and will remain on for the duration of the
specified latch interval.
34
February 10, 2014
Software Reference
If the credential has the special property set but the KP Entry Required is
checked for that output the behavior is different. When the badge is read the
reader controller will wait for a keypad entry. If a keypad entry is made within the
keypad timeout interval, the special property settings show which outputs are
authorized. If the entry requests an authorized output, the output will operate for
the latch interval. The keypad entries request the following outputs:
Key Entry
1
2
3
4
5
6
7
Outputs Requested
TTL1 & Lock Relay
TTL2 & Lock Relay
TTL1 & TTL2 & Lock
Relay
Lock Relay
TTL1
TTL2
TTL1 & TTL2
The Output Labels are used to report activity in the monitor program and in
reports for the history file.
NOTE: If the Advanced Output feature is set for the door then any badges that
are read by the reader must have the special bits set to define the behavior of the
reader. If no bits are set then the reader will not activate any of the outputs. Any
credentials that are added using the special ADD card will not have any of the
special bits set and therefore will not operate any of the advanced output
features.
The Encryption Key fields allow you to specify that encryption is to be used and
to specify the 32 byte hex key for the encryption. The format of this key is a
character string (64 chars maximum), which uses the characters 0-9, A-F. If you
choose to encrypt communications you must also set the encryption key in the
reader controller or thin server. This can be done with the ISONAS PlugNPlay
program.
The Persistent Configuration flag will cause the system to skip some controller
configuration initialization steps when the communication program starts up or is
reset. If you have used other programs to modify the settings, this will preserve
those settings rather than resetting them to ISONAS default values. Most
customers should leave the persistent configuration flag unchecked and allow the
system to initialize the reader controllers each time the controller supervisor is
restarted.
The ACS Server and ACS Server IP are associated with DHCP enabled RC-02
reader controllers. When a DHCP enabled unit receives an IP address from the
DHCP server, it will attempt to use DNS to get the IP address of the named ACS
Server. In a properly configured system, this name will be defined in the DNS
35
February 10, 2014
Software Reference
server as an Alias for a computer in the network where the ISONAS PlugNPlay
program is running as a windows service. Once the reader has the IP address of
that computer, it will send a directed UDP message to port 0x77BC. The ISONAS
PlugNPlay program, if it is running on that computer, will receive the message
and use the data in the message to update the ISONAS database with the
current IP address of the reader controller.
If DNS is not available or able to provide the IP address of the ACS Server Alias
name, the reader will use the preset ACS Server IP address to attempt to reach
the PlugNPlay program.
There are several Modes of Operation that can be set for a reader controller:


LOCAL – the computer will communicate with the door at startup time and
any time the programming for the door is changed. For older models, the
system will also request any stored events from the controller on the
heartbeat interval (default 15 seconds). Decisions about whether to accept
a badgeid will be made locally by the controller using the database stored
in the controller. For RC-02 models, the reader controller will
asynchronously inform the host of all events as they occur in real time.
NOTE: If a reader controller is programmed to operate in LOCAL mode
and is subsequently sent a command to UNLOCK, LOCKDOWN or
RESETNORMAL (from the Monitor program or from one of the supported
interfaces), the reader controller will be forced into HOST mode. The
override of programmed behavior may be set to be either temporary or
permanent. Similarly, it the reader is presented with a badge that has
been programmed to Toggle between those states the reader controller
will be forced to HOST mode of operation.
o Temporary override – the unit will respond to the next periodic or
scheduled event. (i.e., the beginning or end of an automatic unlock
or badge unlock shift) and will resume its programmed behavior at
that time.
o Permanent override – the unit will ignore periodic or scheduled
events. It will remain in its setting indefinitely until explicitly
CLEARed.
HOST – all operations will be fully controlled from the computer.
36
February 10, 2014
Software Reference


DISABLE – this door will be ignored completely by the computer. The door
will operate completely in standalone mode and there will be no
communication with the computer.
STANDALONE – the computer will communicate with the door at startup
time and anytime the programming (permissions or other control setting)
are changed. Otherwise the door will be operating in standalone mode.
Decisions about whether to accept a badgeid will be made locally by the
controller using the database stored in the controller.
NOTE: THE FOLLOWING FEATURES ARE NOT AVAILABLE WHEN
OPERATING IN STANDALONE OR LOCAL MODE
o RC-01 and earlier reader controllers ignore Holiday shifts
o Special Badges with the TTL1 or TTL2 operation tag will not cause
the TTL lines to activate
o Anti Passback is not enforced
o Extended latch intervals for individuals are not used
o Dual Authentication is not available
o In Standalone Mode, count limits are not updated until the records
are processed by the host. If badges are used in excess of the limit
before the records are processed, the count limit may be exceeded.
o The Count Limit Interval is not used.
o The Relatch on Open and Relatch on Close features are not
operational
o External Keypads (controller model KTP-Keypad) may be
associated with controllers that are operating in LOCAL mode.
ISONAS integrated keypads on RC-01 and later readers do work
properly, and devices connected to the controller built in serial
interface operate properly.
o IO Profiles are ignored. (Output points will not be directly activated
by badges being accepted. However, script actions as a result of
badge accepts or rejects WILL be executed, including setting of
output points if configured.
o Extended Open Alarm is not available for older model readers. For
RC-02, it is operational.
o With reader controller models earlier than RC-02, Unauthorized
Open and Tamper alarms are not reported to the host computer.
In addition, for RC-01 and earlier models,
 If an older model (PRC-001 or PRC-001B) reader controller is
programmed to have an “UNLOCKED (Automatic” or an “UNLOCKED
(Badge)” shift and the unit falls into STANDALONE mode, the door will
relock.
37
February 10, 2014
Software Reference
The direction of the door may optionally be set to the 4 values which have the
following meanings:
 Unspecified – the direction of the door is not defined as inbound or
outbound. A person passing through this door will not cause any change
to their “on site” status setting
 IN – the door is an inbound door. People who pass through it will be
marked as “on site” and if Anti-passback is enabled, the person will be
refused entrance to other IN doors.
 OUT – the door is an outbound door. People who pass through it will be
marked as “off site”. If Anti-passback is enabled the person will be cleared
for entry to IN doors.
 INOUT – the door is used for both entrance and exit. The status of a
person who uses this door will be “toggled” between “on site” and “off
site”. If Anti-passback is enabled and the person is IN at a specific door,
the person will be refused entrance to IN doors or to any other INOUT
door except the one that they entered by. At that door, the person will be
“toggled” out if they present their badge.
The Permanent Manual Override checkbox shows whether or not the reader
controller is in a “permanent” manual override state (typically in either an
UNLOCKED or a LOCKDOWN condition). This occurs when a command is sent
(from either the Monitor program or through the TCP/IP or IADI Interfaces) to
UNLOCK or LOCKDOWN a reader controller, with a “permanent” tag on the
command. This will typically only be done in an emergency situation where it is
desired to override and suspend the normal programmed behavior of the system.
If the Manual Override flag is set, the system will operate the reader controller in
HOST mode and will ignore further changes to the reader that would be caused
by the beginning or ending of shifts used for Automatic or Badge Unlock
permissions, or for Scheduled Events.
“Permanent” Manual Override is intended to allow users to correctly manage the
behavior of the system during emergencies such as fires or security emergencies
when the desired operation of the system may require that some reader
38
February 10, 2014
Software Reference
controllers be unlocked and others be locked down and those conditions must
remain in effect until explicitly cleared by an authorized user.
Some additional comments on Serial_1 and KTP-Keypad model controllers:
If you choose model KTP-Keypad or Serial_1 the controller is a serial
device which is used in conjunction with another standard ISONAS
controller . In this case. a slightly different screen will appear. The
associated controller field is used to select the standard controller that is
used with this serial device..
It is required that serial device be on a COM port connection and
Supervisor by themselves. That is, it must be the only controller defined
on that connection and the connection must be the only one on the logical
Supervisor. Badge Ids entered in via the keypad or scanned at the serial
reader will appear to have been presented to the associated controller,
and will either be admitted or rejected based on the defined permissions
for the associated controller. No permissions may be defined for a model
KTP-Keypad or a Serial_1 controller.
You may also get into these same screens by starting with the DOORS menu
option from the main screen.
The Doors menu will display a list of the currently defined DOORS and DOOR
GROUPS as shown below.
39
February 10, 2014
Software Reference
By using the Insert, Change and Delete buttons under the Door Groups display
you can create or modify the list of names of Door Groups in the system. By
using the arrow buttons between the two list (with appropriate values selected in
the lists) you can add or remove individual doors from door groups.
When you Insert a Door Group, you will see this screen:
You may give the group any Name you wish (must be unique) using up to 20
case sensitive alpha, numeric or special characters. If you check “Tracking Zone”
the system will treat the door group as a Roster tracking zone and will keep track
of people who are “IN” or “OUT” of the zone as they enter or exit through doors
that are marked as IN or OUT (or Toggle IN/OUT).
40
February 10, 2014
Software Reference
If the Door Group is marked as a tracking zone, you may optionally enable the
Antipassback feature for that zone. A person will not be permitted to reenter an
zone marked as Antipassback without first exiting it.
If a zone is marked as Antipassback, the enforcement of the reentry prohibition
can be set to expire after a specified time. E.g., setting it to 48:00:00 would cause
the antipassback enforcement to expire after 48 hours.
A door may be defined to be a member of as many different door groups as you
wish. The Door Groups are used in the Permissions screen to define which doors
a group of people has permission to open.
The Sort button will sort the doors in each group alphabetically.
Network Status
The Network screen shows the current status of communications programs for
each defined Supervisor, and allows you to start and stop those communications
programs. A red X indicates that the communication program is not running
While a blue checkmark shows that it is running
41
February 10, 2014
Software Reference
If you select one of the running Supervisors, you will see additional information
as displayed below:
The Communication Supervisor Status box shows the most recent status for the
selected Supervisor, including the number of active controllers, the most recent
communications interval, the error count, and the next periodic and scheduled
events if any. Every time you press the button with the question mark
the
communications program status is updated. This is an easy way to confirm
whether or not the communications program is successfully communicating with
the programmed number of controllers defined in the database.
The Trace setting controls diagnostic output from the CSUP Controller
Supervisor Program. It can quickly generate a very large log file. It is typically
used under the direction of ISONAS Technical Support staff when diagnosing
problems.
Suppressing Alarms for Doors
You can program the system to suppress alarms for selected doors or door
groups during selected shifts. Here is the screen that is used for this function.
42
February 10, 2014
Software Reference
Choose a door or door group from the left most list and a shift name from the
shift list and press Insert to add the record to the suppress alarms table.
Programming Reader Controller Behavior for Multiple Units
The Doors menu also provides access to Program Multiple Doors.
Here is the screen that is used to program multiple doors at once:
43
February 10, 2014
Software Reference
The Global Settings tab allows you to set the following parameters, which will
apply to all of the reader controllers in the entire system:
 Communication Retry Count – this is the number of times a message will
be resent to a reader controller if it is not acknowledged. After the count is
exceeded, the system will signal a Controller Error alarm. The system will
then initiate recovery logic to try to reestablish communications with the
unit. If the recovery is successful, the system will automatically clear the
alarm.
 Throttle – for newer ISONAS reader controllers (RC-01 and later) this will
normally be zero. For older models, it could be used to “slow down” the
transmission of compilation records to the reader controllers. If the reader
controllers were very busy receiving database updates they would be slow
to respond to presentation of credentials by users.
 Comm Wait – the system will wait at least this long between sending
commands to a specific reader. Again, older models would sometimes fail
to process commands if they were sent too soon after the previous
command. Does not apply to newer models.
 Response Wait – this is how long the system will wait for a response from
a reader controller.
44
February 10, 2014
Software Reference







Heart Beat – the system sends heartbeat messages at this frequency. If
you are running a unit in HOST mode it is important that this heart beat be
shorter than the network timeout value for the unit. In Host mode, the
heartbeat will “flash” the LED(s) on the front of the reader controller. In
Local mode operation the heartbeat is sent but does not cause the LEDs
to flash.
Count limited interval – if you are using credentials that are good for a
fixed number of uses, this value will prevent the count from being
decremented if a credential is presented before the interval has expired.
This prevents a badge from being “double counted” if the user were to
hold it up to the reader controller for a long time. You could also set the
value high and allow a user to enter multiple times during a day and only
use up one of the authorized uses. Available only for reader controllers
operating in HOST mode.
Log Open/Closed – if this is set then the history log will include the times
at which doors are physically opened and closed.
Suppress Redundant REX/AUX – If a reader controller is in an
UNLOCKED or UNLOCKED LOCAL state it will continue to report events
caused by REX or AUX inputs. If the Suppress Redundant REX/AUX
checkbox is checked these events will not be reported in the History and
Current History tables.
Default Door – If a default door is defined the system will use it as a model
when a new Client mode RC-03 reader first connects to the Controller
Supervisor. The system will automatically copy the default door
configuration to the new reader. It will also:
o Put the new door into any Door Groups to which the default unit
belongs
o Create equivalent individual door premissions
o Create equivalent special badges
Note: It does NOT create Scripts even if there are some scripts that deal
with the default door.
IPBridgeKPSiteCode – If there are keypad readers connected to an
IPBridge this value must be set to a site code value that is different from
the site code being used by any HID readers attached to this system. This
allows the microcode in the IPBridge unit to properly differentiate the data
coming in from the keypad from data coming from a proximity badge
reader. The default value is 1 and would only need to be changed if that
conflicts with the HID site code.
There are three fields associated with the recovery of readers that have
been “dropped” by the system because they can not be reached or are not
responding
o Recovery Interval – this is the amount of time the system will wait
between recovery cycles. At each recovery cycle, the system will
attempt to recover each dropped reader controller. The recovery
interval keeps the system from being continuously attempting to
recover units which may be unavailable for an extended time.
45
February 10, 2014
Software Reference
o Connection timeout – the system attempts to open a TCP/IP
connection to each reader controller. This is the timeout value for
that connection attempt.
o Number of Parallel Processes – this is the maximum number of
recovery processes that will be simultaneously used. For small
systems this is not an important parameter. It is intended to prevent
a large system from being overwhelmed by a massive recovery.
E.g., consider a system with 1000 reader controllers. If a network
problem were to interrupt service and all 1000 were dropped, the
system would be made too busy if 1000 recovery processes were
initiated.
The Set Mode tab will display the screen shown below:
This will allow you to set the operational mode for the selected doors as shown in
the lower half of the screen. These operational modes were defined earlier in this
manual under the door definition description.
The lower portion of the screen shows which doors will be affected by the
settings. The green checkmark beside the door name indicates that the door is to
be included in the settings when the Apply button is pushed. You may double
click on the checkmark to change it to a red x, indicating that the door is not
included. You may also use the Include or Exclude All buttons to establish the
include list, and on the DoorGroups tab you will find additional controls to
manipulate the inclusion or exclusion of doors by door group.
46
February 10, 2014
Software Reference
The Set Like button will set the values of all Host, Local and Serial Port
configurations from the currently selected door in the list. This allows you to then
use those values to set the selected doors to be the same as the “example” door.
Here is the Host Mode screen.
The meanings of the settings on this screen were explained earlier in this
document under the door definition section.
The Local Mode tab will display the following screen:
47
February 10, 2014
Software Reference
The Keypad/Serial Port tab will display this screen.
48
February 10, 2014
Software Reference
The HID Mask tab will display the following screen:
The selected bitmask setting is sent to the reader controllers each time the
Controller Supervisor program (CSUP) is started. Pressing the test button (after
selecting a reader controller) allows you to present cards to the selected reader
controller and see the resultant card number with the different bitmask settings,
including a custom bitmask which you may define.
49
February 10, 2014
Software Reference
The Advanced tab allows you to set parameters for the Advanced I/O features
available on RC-03 reader controllers. The meanings of these settings are
explained in the earlier secition of this document describing the programming of
individual doors.
Starting and Stopping Communication Programs
The administrative program can stop the execution of CSUP programs anywhere
in the network and can start the execution of CSUP programs on the computer or
server where the administrative program itself is running.
If an administrative program is running on a different computer from where the
CSUP programs are running, it may be desirable to disable the administrative
program’s ability to start and stop CSUP programs. This can be done by adding a
command line parameter
/NOCSUP
To the shortcut that is used to start the administrative program.
50
February 10, 2014
Software Reference
If this has been done and the user attempts to start or stop CSUP programs they
will see the following message:
If the command line parameter has not been added, then the facilities described
below will start and stop the CSUP programs.
If you select the “Controller Network” at the top of the screen, you will have
access to a Start All and a Stop All button.
51
February 10, 2014
Software Reference
These buttons will start or stop all of the Controller Supervisors.
If you highlight a Supervisor for which there is not a currently running
communication program you will be given the opportunity to start the
communication program for that Supervisor on the local computer.
Note: For older serial-base reader-controllers, it is only correct to start
communications programs for Supervisors that have defined Comm Port type
connections on the computer where the door controllers are physically attached
to the Comm Ports. If you start the communication program on a different
computer it will be unable to communicate with the doors because they are
attached to a Comm Port on a different computer.
Controller Supervisors with only TCP/IP connections may be run on any
computer within the network.
The communications program can be started as a Windows Service program or
as a console application by configuring the Supervisor definition as explained
earlier.
52
February 10, 2014
Software Reference
If a CSUP has been defined to run as a windows service it will show in the
windows services manager as illustrated below:
A communications program running as a Windows Service has the advantage of
running as a background application within Windows and will remain running
even though a user is not logged into the Windows workstation/server.
When first installing an ISONAS access control system it is recommended that
you run the communication programs as a Windows Console Application, NOT
as a Windows Service. This will simplify some of the diagnostic steps that may
be required during initial installation and setup.
The controller supervisor (CSUP) screen is shown below:
53
February 10, 2014
Software Reference
This application can be maximized/minimized from view as any other Windows
application and will remain active and functional even when a user is logged into
Windows but has “locked” the computer. However, if the user logs out of
Windows with the communications program running as a console application, the
communications program will be stopped by Windows and the associated reader
controllers revert to standalone mode operations.
If you highlight a Supervisor for which the Communications Supervisor program
is already running, you will be given the opportunity to stop it as illustrated below.
In the example above, the communications program was not configured to run as
a windows service. If it had been, the screen would indicate it with a YES beside
the Windows Service line. Note that if you stop a program that has been installed
as a windows service you do not remove it as a service, and it will restart when
the computer is rebooted unless you have changed the automatic start setting
within the windows services manager.
54
February 10, 2014
Software Reference
As a convenience, the ISONAS administration program will also remove
communications programs that have been installed as services, BUT ONLY ON
THE COMPUTER WHERE THE SERVICE IS INSTALLED. The removal of
services can NOT be done over the network to another physical computer. To
remove an installed service, simply uncheck the “run as service” checkbox in the
Supervisor definition screen to display the following screen. If you select “Yes”
the program will attempt to remove the service and will provide feedback on the
success or failure of the removal operation.
Application Menu –Passwords and Options
Here is where you can change the passwords and options. If you are logged on
as a User, here is the screen you will see:
55
February 10, 2014
Software Reference




Allow Compile without running Controller Supervisor – this option
will allow you to do either a full or an incremental compile of
permissions without having any running CSUP.exe programs. The
compile process updates the data that is sent to the controllers for
possible standalone operation. If there are no running CSUP.exe
programs, these data will not reach the controllers. If this option is
not set, the system prevents the compile step by disabling the
buttons on the Permissions screen.
Export On Compile – this option will cause the system to
automatically export three database tables to CSV (Comma
Separated Values) files whenever a compile is done. The three
tables are Network (definition of controller network), people
(definition of people and assigned badgeids) and access (definition
of which badgeids are authorized for which controllers during what
time intervals)
Skip Send on Compile – this option tells the system to NOT send
stand alone records to the controllers, regardless of whether or not
controller supervisor program(s) are running.
Compile trace creates a debugging output in the compile log
56
February 10, 2014
Software Reference
If you are logged on as the administrator you will have access to the
Administrative tab on this screen. The administrative tab provides access to the
administrative and monitor passwords.
The system ships with the following default values:
Administrative password apassword
Operations Level 0
opassword
Operations Level 1
opassword1
Operations Level 2
opassword2
Operations Level 3
opassword3
Monitor
mpassword
The Audit button on the Administrative tab gives you access to the following
screen:
This audit screen shows all updates (Insert, Change or Delete actions) for the
critical files that define access rights. These files are:
 BADGES – which defines badge id and pin code values.
 IDFILE – which defines people
 GROUPS – which define the people who are members of groups
 RIGHTS – which define the doors or doorgroups that groups of people
have rights to during selected shifts
 SPBADGES – which define special badges which may have access rights
to selected doors.
57
February 10, 2014
Software Reference
Whenever these files are modified, audit records are created. The audit record
includes the User Name that was used to log on to the system. The tabs at the
top of the screen allow you to select sort orders in which to view the records. At
the bottom of the screen you will see the record count of the audit records and a
button which will allow you to delete obsolete information which is no longer
needed.
If you have the Advanced Security Option enabled, you will have access to the
Users tab. This allows you to define user names, areas, authority levels, and
assign or reassign passwords.
AREA
There is always an area called COMMON. With administrative authority you can
use the Network/View Area screen shown below to define any number of
additional areas with any names you choose.
Applies To
The authority level values define the scope of authority that applies to the
username. The Applies To shows whether the password is valid for the
Administrative program, the Monitor program, or both. Here is the screen that is
used to define or modify the usernames.
58
February 10, 2014
Software Reference
Every door, shift, holiday, group, person and UserID is associated with an area.
There are different levels of authority and control provided to the UserId
depending on the Area and Authority Level assigned.
Authority Level
The authority level values define the scope of authority that applies to the
username. Within the Administrative program, here are the meanings of the
different levels
Scope
Administrator
COMMON
Level
na
3
COMMON
COMMON
2
1
AREA
3
AREA
2
Capabilities/Limitations
Full control of everything including defining UserIds and Passwords
Full control of everything except the administrative and monitor
passwords.
Can do everything except defining UserIds and Passwords
Can only define people, assign them badges and put them in groups.
Can do these things for all areas. Can not define Shifts, Holdiays,
IOGroups or Permissions. Can not define network
Can define Groups, Shifts and Holidays for the AREA and can define
permissions using those Groups and Shifts for doors that are defined as
part of the AREA or doors that are defined as part of the special
COMMON area. Can define and use IO Groups for the AREA.
Can define Groups, Shifts and Holidays for the AREA and can define
permissions using those Groups and Shifts for doors that are defined as
part of the AREA. Can NOT define permissions for COMMON area doors
but can add or delete people from Groups that are associated with the
named area which may have permissions for COMMON doors. No
59
February 10, 2014
Software Reference
AREA
1
access to IO Groups.
Can only define people and badges and put them in groups which are
associated with the given area.
Within the Monitor program, if a user is logged on to an area they will only have
the ability to see doors that are within that area or within the COMMON area.
They will have the ability to do an Operations Admit to those doors only. They will
have the ability to UNLOCK, LOCKDOWN or reset to NORMAL only doors within
their own area.
This construct implements a “Property Management” model for access control.
To understand this model, consider a building with many tenants. There are
COMMON areas such as main entrances and exits, garages and perhaps
additional common areas such as shared conference rooms or lounges. Then
there are “private” areas that are totally controlled by a single tenant. The
Landlord needs to define and administer some aspects of the overall system but
would prefer to delegate to individual tenants the “full” control of their own space.
The tenants need to have some limited ability to deal with the common area, for
example when they add or terminate an employee, that person has to be granted
or refused access to the COMMON areas.
Applies To
The Applies To shows whether the password is valid for the Administrative
program, the Monitor program, or both. Here is the screen that is used to define
or modify the usernames.
Application Menu – Start Crystal Access Monitor
This menu choice allows you to start the Monitor program from within the
Administrative Program. It will come up with Operations enabled at Level 3, the
highest level.
Application Menu – Support/License
This menu choice will redisplay the license and support screen which was
described earlier.
60
February 10, 2014
Software Reference
Network Menu – View Network
This choice redisplays the network view.
Network Menu – View Areas
This choice will display a list of the defined areas.
The COMMON area is always defined and may not be changed or deleted. The
Insert/Change/Delete buttons may be used to modify the list of defined areas.
61
February 10, 2014
Software Reference
Network Menu – Virtual Reader
This choice redisplays the screen that will let you configure and run a Virtual
Reader program. Note that the configuration is dependent on the current IP
address of your computer. If that changes, you must delete and redefine the
virtual reader to use the new IP address before you can successfully run the
program.
Calendar Menu – Holidays
Choosing the Holiday item from the Calendar menu will display the currently
defined Holidays.
Holidays are defined by an arbitrary name and a date. Each Holiday is also
associated with an Area, and holidays that are associated with the COMMON
area can optionally be defined to also apply to All Areas.
Calendar Menu – Shifts
Choosing the Shifts item from the Calendar menu will display the currently
defined shifts. Shifts have assigned names (up to 20 characters) and are
associated with a defined area. Each shift is defined to be valid on any or all of
the days of the week, to be valid on either normal days or holidays or both, and
to have a defined time interval on each day for which it is valid.
62
February 10, 2014
Software Reference
The grayed out slots show days which are excluded from the shift. The times
show the valid time intervals for the respective days.
Pressing Insert or Change will bring up the following display used to define the
shift.
This is a shift called Regular which is defined for the 5 days Monday thru Friday
from 7:30 AM to 4:30PM. The shift is further defined to be valid only on Normal
days (non Holidays). The other choices allow you to define a shift to be valid only
on Holidays or on Both Normal and Holiday days.
63
February 10, 2014
Software Reference
Note: Defining a shift with zero or blank starting time and zero or blank ending
time results in defining the full 24 hours of the selected day.
IOModules Menu
I/O Supervisors Tab
This menu choice will display the following screen:
The I/O Supervisors tab allows you to define one or more I/O Supervisors which
are the programs that communicate with IOModules. Here is the definition screen
that comes up when you press Insert:
The name must be unique and may be up to 20 characters long. The ID must
also be unique and is a two character alphanumeric field. The port is the tcp/ip
64
February 10, 2014
Software Reference
port that the IOSup.exe program will use to communicate to the administrative
program and INRServ program. It can be any port that is not already being used
by another program.
The checkbox allows you to run the IOSupervisor as a windows service, which is
recommended once the system configuration is stabilized. The Host Name and
IP Address fields show where the IOSupervisor program is running (or most
recently ran).
Defining an IO Module
Here is the screen that you use to deifine an IO Module:
The name must be unique, up to 20 characters long. The connection is the IP
address of the IO module, which must be a unit that support the modbus
communication protocol with a TCP/IP connection. The standard modbus port is
502. There are some units where this can be reset to a port of your choice. The
Unit will normally be 1 but can be reset on some units. There are also modbus
units where a base unit is connected via TCP/IP and expansion units are then
plugged into the base. They are assigned different unit numbers but the same IP
address. The ISONAS system requires that the lowest unit number be the one
that is managing the TCP/IP connection.
You should configure the number of input and output points and set the
addresses. You will need to refer to the manufacturer’s literature to correctly set
these values.
65
February 10, 2014
Software Reference
For input points, it is necessary for the system to “poll” the IOModule to get the
current values of the input points. You may specify the polling frequency by
specifying the number of 1/100th seconds between polling cycles. The system is
not guaranteed to poll exactly on the cycle you specify, and may not poll as fast
as you specify.
The Output point tab displays the following screen:
For output points you may also specify a Throttle value, to slow the system down.
This is provided because with a fast computer it is possible to send data faster
than some IOModules are capable of accepting and processing the data. If
IOPoints show erratic behavior (sometimes processing correctly, sometimes
missing or skipping changes to points, especially higher numbered points) this
may be the problem. It can be corrected by setting the Throttle, which will pause
for the specified number of milliseconds (approximately) between each
transmission to the IOModule.
The model field allows you to select one of the supported models which have the
“latching” feature for input points. Unfortunately the latching feature is not
covered by the modbus standard command set and each manufacturer who
supports the latching feature implements it in a unique way. This requires that the
ISONAS code accommodate the different methods, and the currently supported
models are shown in the list.
There is a “Change” button on both the Input Point tab and the Output Point Tab.
Here is the Input Change screen, which you may use to further configure each
Input point:
66
February 10, 2014
Software Reference
You can give each Input point a name and configure the ISONAS system to log
changes (to the system history file) where they will be displayed and reported.
You can also cause input points to create alarm conditions.
The screen also provides a checkbox to indicate that the input point is a
“latching” type of input. (Once set, a latching point will retain its setting until
specifically reset). This assures that temporary input conditions can not be lost
by having the value change before it can be read by the system. (For example,
consider a large system where the inputs are polled once every 5 seconds. An
input indicating a door was opened could be missed if the door was closed again
before the 5 second poll occurred. Latching would prevent this loss.)
Not all Modbus compatible TCP/IP I/O Units have latching capability for their
input points. Currently supported units with latching capability include:
Adam 6xxx (set the Model field to ADAM)
You may disable an input point using the checkbox provided. This is convenient if
a point is behaving erratically and creating unwanted alarm or log events.
Points may also be disarmed. If points are either disabled or disarmed they are
ignored by the system. The Script processor (explained later) includes
commands to both enable/disable and arm/disarm points. The disable capability
is designed to handle points that may be behaving badly, to take them out of the
system until they are repaired. The arm/disarm capability is provided to make it
easy to change the behavior of input or output points based on SHIFTs, as
67
February 10, 2014
Software Reference
explained in the Script and TCP/IP processing document. (The SCRIPT
processor includes commands that can enable/disable and arm/disarm points.)
The Type button is optional and allows you to specify a type for the point. Here is
the type selection screen with the type definition screen superimposed on it:
A “Type” has the following settable fields







Type – this is a one byte number (range 1-255). If you choose to you can
treat this as a “priority”
Name – up to 20 characters
Normal State – can be defined as on, off or unspecified
Recheck Count – specifies how many consistent sequential input readings
of a given point must be received before the system will accept a change
of state. (Used to prevent a “noisy” input circuit from creating false
alarms). NOTE: When a change is reported, the system will “immediately”
reread the input point as many times as required to accept the change (or
discard it if the change is not consistent). For example, if the polling
interval is set to 2500 (25 seconds between poll events) and the Recheck
Count is set to 3. When a change is initially reported, the system will
reread the input point three times (typically within a second or two) and if
the change is consistent it will be accepted. It will NOT require 3 x 25
seconds to poll and accept the change. The wait between each read is set
to the lesser of .5 second or the specified polling interval, but there is no
guarantee that the system will be able to reread the input points that
quickly.
Authority Level – monitor authority level required to enable or disable the
point
ON Suffix – text string used to define the “on” condition
OFF Suffix – text string used to define the “off” condition
The change screen for the Output points is shown below.
68
February 10, 2014
Software Reference
The settings here are analogous to those for Input points.
I/O Groups Tab
69
February 10, 2014
Software Reference
An I/O Group is defined to collect together a number of different I/O Modules to
be associated with a door or doors and/or to have an IOProfile. Selecting the I/O
Group label at the top of the tree structure and pressing Insert allows you to
define a new group. The name must be unique and may be up to 20 characters
long.
Once the I/O Group has been defined, selecting it in the tree structure and again
pressing Insert will allow you to add the names of I/O Modules to the I/O Group.
You may add an arbitrary number of I/O Modules to any I/O Group, and a given
I/O Module may be a member of many different I/O Groups.
I/O Profiles
Once an I/O Group has been defined, if you select the group or one of its
members you will have access to the I/O Profile screen. The I/O Profile will
define which output points are to be activated in a given I/O Module.
Use the Insert button to create a new profile name:
70
February 10, 2014
Software Reference
You may either type in a name or select one of the existing profiles.
With the profile selected, the right hand side of the screen will then have a list of
the output points for the selected I/O Module. Double click on any of the output
points to toggle its state between the following settings:
You may also specify the reset value and priority associated with each point.
Reset Values have the following meanings:
 If the reset value is left at zero, the point will not automatically reset.
 If the reset value is greater than zero (range 1 – 254), it specifies the
number of seconds after which the point will automatically reset. (When a
point resets, it takes the opposite value to which it was set… a point
which was turned on will turn off and a point which was turned off will turn
on.)
 The reset value 255 is reserved and has special meaning. If the IOProfile
is used in an Output Business Rule (explained below), a 255 reset value
specifies that the point will reset at the end of the Output Business Rule
specified shift. If the IOProfile is used in a permission for a door, the value
255 specifies that the point does not reset at all and will prevent any
IOProfiles with lower priority from changing that point.
Priority Values are used to determine which IOProfile should control the setting of
an output point that has been set and has a pending reset (the reset has not yet
occurred) or has been set with the reset value of 255. If a point is in that
condition and a new profile attempts to set the point, the new profile will be
71
February 10, 2014
Software Reference
accepted if it has equal or higher priority value. It will be rejected if it is lower
priority.
Output Business Rules are defined on the following screen:
72
February 10, 2014
Software Reference
The Business Rules define IOProfiles and associated Shifts. At the beginning of
the shift the IOProfile is invoked and all points on all IOModules defined for the
profile are set as the profile specifies.
At the end of the shift, any points that were defined with a reset value of 255 will
be reset.
Doors Menu - Doors
This menu choice will display a list of the currently defined doors. The
Insert/Change/Delete buttons may be used to modify the doors.
The tree structure on the left shows the defined door groups and the display can
be expanded to show the members of each group. The list in the middle of the
screen shows either all of the doors or the members of the currently selected
door group. The list on the right of the screen shows the door groups to which the
currently selected door belongs.
The buttons allow you to add and remove doors from door groups. The sort
button will sort the doors alphabetically by door name, and the Repair button will
allow a view of the door connectivity. The Repair button is used by Isonas
support to correct connectivity issues which occasionally occur in systems.
Doors Menu – Floor/Site Plans
This choice will display a list of the currently defined floor and site plans.
73
February 10, 2014
Software Reference
The insert button will allow you to select an image file and name it. You may also
use drag/drop to position the defined doors and IO Points on the site or floorplan.
These plans may be selected for display within the monitor program and the
monitor program will display activity at the door locations and the Plan Monitor
view will allow you to select the doors by clicking on the plan to manipulate
(open, lockdown,…) the doors and will display the status of IOPoints.
74
February 10, 2014
Software Reference
Doors Menu –Review Programming
This choice allows you to review the Host and Local programming settings that
have been most recently sent to the reader controllers.
The tabs display the following types of information:
 Basic Info – assigned name, connectivity and the systems defined
UniqueID assigned to the reader controller
 LOCAL TimeZones – the timezones defined and sent to the reader
controller for Local or Standalone operation. These timezones are derived
from the shifts and permissions that have been defined.
 LOCAL Badge Database – this is the complete list of all badges/pin codes
that has been sent to the reader controllers for Local or Standalone
operation. The list also shows for which timezones a badge or pin is valid.
 SP Badges – badges with special properties compiled from the Special
Badges table.
 Periodic Events – if recurring events have been defined as part of the
permissions, they will be displayed here. This will include start and stop
times for automatic unlock and badge unlock shifts for each day of the
week.
 Host Access – this table shows the badges/pins that are in the host
access database. There is an A and a B tab. Each time a full compile is
done the compile process creates the new data in one or the other of
these tables and then switches which one is being use by the system.
75
February 10, 2014
Software Reference


Resend – this table shows records from the most recent compile that
could not be successfully sent to reader controllers. The records are held
until deleted/replaced or until the reader controller becomes available to
receive them.
Compile Queue – this table shows any compile actions that have been
queued for execution but have not yet been done.
The Filter by settings allow you to restrict the information to show only records
that pertain to the selected door and/or person.
Doors Menu –Door Images
This screen will allow you to select images to be associated with doors. These
images will be displayed by the monitor program whenever an event occurs at a
door but there is not an associated badge and person with the event.
People Menu – People/Badges
The People/Badges choice under the People menu configures the Toolbar’s
People Button to access the People/Badges window, and brings up the following
screen. The tabs at the top of the People listing allow you to view the list sorted
by LastName, ID or Badge Id.
76
February 10, 2014
Software Reference
The ~Individual Permissions tab at the top right shows the doors and shifts for
which this individual has been given individual permissions. The Group Name
box at the bottom right shows the group(s) to which this person is assigned, and
the person will have rights to other doors/shifts as defined for the group
permissions (this is explained later in the document).
77
February 10, 2014
Software Reference
As shown above, the system is displaying a person’s image. You may define up
to 9 different images or pictures associated with a person. These are associated
with the Index field shown on the screen, which can be set from 1-9. The access
control software monitor program displays the index 1 image when the person’s
badge is presented at a controller. The associated badge printing software will
allow all of the images to be printed on badges. The delete/select image buttons
allow you to delete the image or select a new one from the image directory.
If you are using images, they must all be collected together into a single directory
which must then be selected as the image directory using the directory selection
mechanism under the Files/Reports menu item. You can set the image directory
from both the Administrative program and from the Monitor program using a
similar technique.
The list on the bottom left shows the badge(s) that are assigned to the person.
The List on the bottom right shows the groups to which the person belongs. You
may use the insert and delete buttons under this list to modify the group
membership for the selected person.
The Insert/Change/Delete buttons under the list of people allow you to manage
the entries in the list.
The tabs at the top of the screen have the following functions:
 Name and ID sort the window’s top display in the indicated order. Note
that the ID field is a 15 character text field and will sort using text rules, not
numeric values.
 Badge ID displays BadgeId values in numerical order in the bottom display
area. When a badge is selected in the bottom display area, the
associated person is displayed in the top display area
 GUID displays GUID values in sorted order in the bottom display area.
When a GUID is selected in the bottom display area, the associated
person is displayed in the top display area.
 Badge Expiration shows badges in the bottom screen, sorted by expiration
date (if any). If you have not defined any expiration dates for badges the
screen will be empty.
 Expired Badges – this will show badges in the bottom screen that are
expired, either because they are past the defined expiration date or they
were defined to be count limited and the number of remaining uses has
gone to zero. On this tab there is a Delete All button which can be
conveniently used to delete all expired badges from the system.
 No Remaining Uses – this will show only badges that are defined to be
count limited and which have no more remaining uses available.
78
February 10, 2014
Software Reference
The Update Permissions button on the lower right of the screen will do a “Partial
Compile” for this person, putting their defined permissions into force. If the
Queue checkbox is checked the system will queue the compile to be started
when the compile process is not already busy. If the Queue check is not set, the
system will attempt to start the compilation interactively.
The Review Permissions button can either review the permissions for the
selected individual or can review all permissions looking for redundancies and
overlapped permissions.
Here is the Review for a selected individual:
This shows the doors and shifts for which the person is authorized. It also shows
the door group from which the permission is derived if applicable. The column on
the left shows redundant permissions and possible overlapping permissions. As
is explained in an appendix, these do not cause any errors in the system but they
do introduce overhead in the compile process and can increase the complexity of
the permission scheme making it difficult for people to understand and
administer.
The Review for all people will produce the following screen:
79
February 10, 2014
Software Reference
Using the Total button calculates the Redundant and Overlapping shifts for the
entire database of people and shows the results for each individual. See the
appendix for a further discussion of the significance of these numbers.
Here is the screen that is displayed when you Add or Change a record.
80
February 10, 2014
Software Reference
The fields are as follows:
 First Name – optional Persons First Name
 MI – optional Persons Middle Initial
 Last Name – Persons Last Name – required.
 Area – the area with which this person is associated.
 Unique ID – 15 character alpha numeric – – required and must be
unique. The Auto UniqueID button will generate a unique value for this
field.
 SSN – optional social security number
 Latch Interval – may be marked to use the default value or a special value.
The latch interval is how long the door controller will remain unlatched
after an authorized badge is presented to the controller. The usual default
is 3 to 5 seconds. If a person requires additional time (because of a
handicap, for example) the value may be set in seconds. (Valid only for
doors operating in HOST mode).
 Default Image – optional default image file – If this is set to one of the
image format types (.jpg, .gif or .bmp) the system will assume that there is
an image file for this person with the UniqueID of the person as the file
name and the selected image file type as the file type. (e.g., auto_14.jpg,
auto_14.gif or auto_14.bmp in the example above).
 The User Defined fields are optional. The Names of the fields can be set
for a given installation to any desired character strings using a menu
described later in this document.
The list box displays the badge(s) currently assigned to the person. The
Insert/Change/Delete buttons under the badge list allow you to manage this list.
81
February 10, 2014
Software Reference
Here is the screen that displays when you Add/Change one of the assigned
BadgeId values.






The badge id is the number which will be read when the badge is
presented to a reader other than an RC-03 or IPBridge.
The GUID is the value which will be read by an RC-03 or IPBridge.
Badge Expires – Check the Expires box if you want to assign an expiration
date.
Active Directory – this is a flag that shows whether or not the credential
was imported from the Active Directory. You should not normally make
any changes to this setting.
Count Limited – Check the Count Limited box if you want the badge to be
valid for only a limited number of uses. If so, set the Remaining Uses field
to the number of permitted uses. NOTE: On the Program Doors Screen
there is a field that lets you set a time interval for the Use Count. If the
badge is used multiple times within the specified interval, it only counts as
one use. This allows you to set a tolerance to prevent counting multiple
uses if a person presents the badge by accident multiple times at a door.
By setting the time interval to 24 hours, you can allow the badge to be
used many times during a single day and only count as one use.
Badge/PIN – this field defines the sources from which the badge should
be accepted.
o Badge – accept the badge number only when read from a proximity
reader controller or via a Wiegand device connected to the
PowerNet by a WIM (Wiegand Interface module).
82
February 10, 2014
Software Reference
o PIN – accept the badge number only when entered as a PIN
(Personal Identification Number) from a keypad or other serial
device.
o External – accept the badge from an external device connected
directly to the ISONAS reader through an RS-232 port.
These fields allow you to directly enter a badgeid and add it to the list of assigned
badges without using the insert button. By selecting a reader-controller from the
dropdown list, and clicking on the Read From button, the system will populate the
badgeID field with the last credential that was presented to that reader-controller.
This is intended for use when an enrollment reader is used to assign badges
without having to type them in.
The Auto PIN button is available if you are defining a PIN code and have the
screen set for Keypad only as shown above. This button will automatically
generate a unique PIN code with the specified number of digits (default 4). You
may set the number of digits to be in the range 1-9.
If the HID checkbox is checked, additional fields are shown:
83
February 10, 2014
Software Reference
HID Badges – ISONAS readers deal with HID badges in two modes.
 HIDEnabled
In this mode the ISONAS reader uses all of the data it can read from the
card and creates a unique 32 bit number which is the card/badge number
that is used by the ISONAS system. This number is always different from
the HID “card number” because it includes information from the HID
site/facility code.
 AdvancedHIDEnabled
In this mode, the ISONAS reader uses a bit mask to select up to 32 bits
from the card information. You can set the bitmask to pick off just the HID
Card number if you want to (making the ISONAS card number match the
HID Card number) or you can include the HID Card number in the
selected bitmask. In this case the ISONAS card number will differ from the
HID Card number by an additive constant. The system enables you to
enter the constant once and it will be remembered for future uses.
84
February 10, 2014
Software Reference
HIDEnabled Mode
If you enter an HID BadgeID and a HID Conversion Factor the system will
calculate how an HID badge will be read by an HID Enabled ISONAS
reader/controller which is configured to read HID badges using the Data Mangle
algorithm, which used an exclusive OR function to combine all of the bits of data
read from the HID card into a single unique 32 bit integer. The HID Conversion
Factor can be determined by pressing the button beside the field to bring up the
following screen:
This screen requires that you have one example of an HID badge which has
been read by an ISONAS controller. If you enter the two badge numbers the
system will calculate the required HID Conversion Factor which you may then
use to predict the ISONAS Id values for other HID badges which have not yet
been read by an ISONAS reader/controller.
85
February 10, 2014
Software Reference
NOTE: At some sites there may be multiple HID Site/Facility codes in use!
A third tab provides access to special badge capabilities:
The Change button under the special badge listing brings up the Special Badges
screen which is described later in this document.
People Menu – REX and AUX
The system will always have two “special” people defined, ~REX and ~AUX, with
special reserved badgeid and GUID values. These reserved credentials are used
by the ISONAS reader controllers to report REX (Request for Exit) and AUX
(Auxilliary) events when they occur at the reader controller. They are also used to
program the readers in network mode to either accept or reject REX and AUX
signals for unlocking the reader controller. For reader controllers operating in
HOST mode, the ~REX and ~AUX “people” can be assigned to Groups and
given permissions just like other defined people. In this way it is possible to
define when the REX input will unlock the reader controller and when it will be
rejected. In LOCAL mode, REX and AUX can be enabled or disabled but you can
not specify any specific shifts or timezones when the behavior will be different.
People Menu – Groups
The Groups choice under the People menu will display the currently defined
86
February 10, 2014
Software Reference
groups.
The Names of groups may be chosen arbitrarily, and the Insert/Change/Delete
buttons on the Groups screen may be used to manage the names of the defined
groups.
Pressing the Members button on the Groups screen will bring up the display as
shown below for the group STAFF.
The left list shows all of the People who are members of the STAFF group, while
the right list shows all the People who are NOT members of STAFF. The two
arrow buttons between the two lists move People from one list to the other.
87
February 10, 2014
Software Reference
The tabs at the bottom of the lists allow you to sort the lists by Name, ID or
BadgeID.
People Menu – User Defined Fields
Here is where you may define system-wide labels for the 20 user defined fields
that the system carries for each person. The labels may be chosen as any string
of up to 20 characters, including blank, special characters, punctuation, etc. The
data in the user-defined fields themselves contain up to 50 characters.
Rights Menu – Permissions
Choosing the Permissions option under the Rights Menu configures the Toolbar’s
Permission Button to access the Permissions Window, and brings up the
88
February 10, 2014
Software Reference
Permissions Window as shown below:
The screen above is displayed if you are logged on as the administrator. If you
are logged using a name/password that is associated with a specific area, the
screen will be slightly different and you will not have the Full Compile button but
will have an Area Compile button.
The major difference is that as the administrator you can do a full compile, which
will compile for all areas and people. When logged on to an area, you can only
do a compile for that area or for one of the doors or door groups which are a part
of that area.
In either case, this is where you assign the rights or permissions for given groups
of People to unlock selected reader controllers during selected shifts. The list in
the middle of the screen shows the currently defined rights. The button at the
center bottom of the screen will delete the selected item from the Permissions
Table. To insert a new item in the permissions table, choose a Group, a Shift and
a Door or a Door Group by highlighting them in the three lists on the left hand
side of the screen. Then press the Insert New Permission Button on the right
hand side of the screen. If you choose a Door, the permission applies to that
door only. If you choose an Door Group, the permission is for all of the doors in
the Door Group.
There is a checkbox on the screen beside the Doors/DoorGroups tab that will
allow you to Include an I/O Profile with the defined permission. The list at the
lower left of the screen shows the available I/O Profiles. The selected item in this
89
February 10, 2014
Software Reference
list will be included with the permission if the Included I/O Profile checkbox is
checked.
This will create a new entry in the permissions table. The final step is to press
one of the two compile buttons on the lower right.
The Interactive/Queue radio buttons select how the compile will be done.
 Interactive – the compile is done on the computer where the
Administrative program is running and the results are displayed
interactively.
 Queue – the compile is put into a queue (which may have other compiles
already scheduled) and will be done on the computer where the CSUP
programs are running. It will be started when it reaches the top of the
queue, which may be immediately or may be delayed while other compiles
are performed. If you have a large database and are running the
administrative program over the network, the Queue compile may be
much more efficient than the Interactive compile because it avoids
sending the database back and forth over the network.
The Full compile does a complete compile of the database and will erase all
authorized badges from the reader controllers and resend the complete list of
authorized badges needed for local or standalone operation to the doors.
The Incremental compile will do a complete compile of the database but will only
send the needed updates (deletion and insertion of badge authorizations) for the
local or standalone operation of the door controllers.
The Partial compile will only compile and send (Incremental) data for the
currently selected door or door group.
The Resend does not do a compile but resends the database from the most
recent compile to the selected door.
90
February 10, 2014
Software Reference
If you have a large number of People/Doors, a full compile may take a while. The
time depends on the speed of the network, the speed of the host computer, the
number of doors and personnel in the system, and the number of permissions
defined.
One instance where a Full Compile or a Resend is required to guarantee correct
standalone operation is when you have replaced a controller with a different
controller with the same controller address. In this case the system database will
show that a number of badgeids have been sent to that controller for stand alone
operation, and the new controller will not have received those ids because they
were sent before it was placed into service.
Partial Compile Limitation
A partial compile for a door group or area is equivalent to doing a partial compile
for each of the current members of the door group or area. As a result there is a
limitation on use of the Partial Compile. If you delete a door from a door group or
area and subsequently do a Partial Compile for it, the door or doors that were
deleted are not included in the compilation process. If you do a Partial Compile
for the door itself it will correctly compile for that door.
On the right hand side of the screen there are some additional options available.
The Permission Door Mode setting has 4 possible values:
 Normal – the door controller is to be in its normal state during the
programmed shift. That is, it will admit authorized badges as they are
presented.
 UNLOCKED Badge – if an authorized badge that has the Unlock feature
for this door is presented at any time after the beginning of the shift, the
door will UNLOCK and remain unlocked for the rest of the shift. At the end
of the shift, the door will relock and revert to Normal mode.
91
February 10, 2014
Software Reference

UNLOCKED – the door will UNLOCK at the beginning of the shift and
relock and revert to Normal mode at the end of the shift.
 LOCKDOWN – The door will be put in LOCKDOWN mode at the
beginning of the shift. It will NOT revert to Normal mode at the end of the
shift. (LOCKDOWN is intended as an emergency state and it requires
manual intervention by an authorized operator to revert to normal
operation.) When the door is in LOCKDOWN, it will refuse entry to all
badges except MASTER badges.
The “Permission Applies To” choice on the middle of the right hand side of the
screen is an obsolescent setting that allows you to define that the permission
should be applied to:
 Both Network and Standalone mode
 Network only
 Standalone only
This setting is not needed for Powernet (RC-01 and later) controllers, which can
store 64,000 badgeids for standalone operation.. There is a limitation in earlier
reader controllers that may require you to define some shifts to be either
Host(network) only or Local (standalone) only…. earlier models of controllers
held 2048 or 500 badgeids. If you have more People who are authorized for a
given door than these numbers, then you can not have all of them loaded into the
controller for standalone operation. What you could do under these
circumstances is define a permission to authorize all of the People for the door
for network operation and then define a subset of those People as another group
and authorize that group for the door for standalone operation. Then if the
computer or communication system is disrupted the door controllers will revert to
standalone operation and the defined subset of People will be able to operate the
controller.
The “Dual Authorization” box allows you to require the same authorizations
described earlier under the Doors menu. Dual Authentication – this specifies that
the door will only open if two valid badges are presented within the latch interval.
You can specify a number of different conditions:
 Any – this specifies that any two different valid badges (or a valid badge
and a valid pin code) will open the door.
 Same – the two badges/pin codes must be assigned to the same person
 Different – the two badges/pin codes must be assigned to two different
people.
You can specify some permissions for a given door to require dual authentication
and others that do not require dual authentication. This gives you the flexibility to
have the dual authentication used only during certain shifts or only for selected
people. If you define “overlapping” permissions and give a person concurrent
access with both dual authorization and single authorization, the resultant system
behavior is indeterminate. The system may enforce either single or dual
authorization depending on which “permission” it encounters first in processing
the permissions database.
92
February 10, 2014
Software Reference
Note that the dual authorization feature is only enforced in HOST mode of
operation.
While the system is compiling it displays a series of informative messages. When
it reaches the state where it is sending messages to the doors, it displays the
following screen which you can also bring up by pressing the NetStat button.
This screen is showing the status of records remaining to be sent to the
individual connections. The purple strip over the Atlanta_CSUP lists 36 records
remaining to be sent to door controllers on that Supervisor. You may close this
screen and reopen it at a later time if you start a “long” compile and want to then
do some other work and come back to check on status.
As the text on the screen explains, if records can not be immediately sent to the
reader controllers they are added to a “Resend” table for later transmission to the
reader controller when it becomes available. If there are records in the Resend
list it is an indication that one or more of the reader controllers is not currently
communicating successfully with the CSUP.
93
February 10, 2014
Software Reference
Rights Menu – Permission Groups
At the bottom of the Rights menu is a button to access Permission Groups and
Schedules:
This button will bring up the following screen:
This screen allows you to define the names of Permission Groups and to put
specific permissions into those groups. (Note that a given permission can only be
a member of one Permission Group). The Permission Groups can then have
date ranges associated with them, defining the date intervals when the particular
Permission Groups are valid. In the example above, the ThanksGvg/Christmas
group has 3 permissions as members, and is valid during the two date ranges
shown, covering Thanksgiving and Christmas of 2009.
94
February 10, 2014
Software Reference
The system will automatically do a compile at midnight on any day when the
permissions change because of the specified date ranges of Permission Groups.
The main permission screen shows only the permissions that are valid on the
date shown at the top of the screen.
Rights Menu – Scheduled Events
A Scheduled Event is an action that will happen on a single day, for specified
time period. This screen allows you to review the currently defined scheduled
events
Below is the definition screen showing the three types of events you may define
for the selected door controller:
95
February 10, 2014
Software Reference
You should be careful to avoid overlapping scheduled events or overlapping
scheduled events with shifts defined to be UNLOCKED, UNLOCKED BADGE, or
LOCKDOWN because the two event streams will both take place and will change
door states erratically..
NOTE: If a LOCKDOWN event is scheduled, the door(s) will go into LOCKDOWN
mode at the beginning of the defined event but will NOT revert to normal
operation at the defined end of the event. LOCKDOWN is intended primarily for
emergency use, and it requires manual intervention by an authorized operator to
resume normal operations.
Special Badge Properties
There are a number of special properties that can be set for badges. The Badges
screen allows these properties to be set for individual badges, for all of the
badges that are assigned to an individual or for all of the badges that are
assigned to the members of a specified group. Here is the Badges screen and
the screen used to insert a new special capability:
96
February 10, 2014
Software Reference
(Note: a number of these special capabilities require that the reader controller
must be a model RC-02 or later, and must be running with microcode version
12.15 or later.)
The special capabilities that can be defined have the following significance:
 Master Badge – the badge will always be accepted even if the door is in a
LOCKDOWN state.
 Start Badge Unlock – if a reader controller has been defined to have a
Badge Unlock permission during a specified shift, then if the badge is
presented and accepted by the reader controller the unit will unlock and
remain unlocked for the rest of the defined Badge Unlock shift.
There are two toggle settings:
 Lockdown – When the badge is presented and accepted by the reader the
unit will be toggled in and out of LOCKDOWN state.
 Unlock – When the badge is presented and accepted by the reader the
unit will be toggled in and out of UNLOCKED state.
The following special capabilities apply to reader controllers operating in Host
Mode.
 Clear Alarms – When the badge is presented and accepted by the reader
controller any active alarms for that unit will be cleared.
 TTL1 – When the badge is presented and accepted by the reader the
TTL1 output will be activated for the latch interval.
 TTL2 – When the badge is presented and accepted by the reader the
TTL2 output will be activated for the latch interval.
The following special capabilities apply to reader controllers operating in Local
Mode using the Advanced IO Configuration feature..
97
February 10, 2014
Software Reference




Relay – activate or allow activation of the relay
TTL1 – activate or allow activation of TTL1
TTL2 – activate or allow activation of TTL2
TTL1&2 – activate or allow activation of TTL1 and TTL2 simultaneously.
NOTE: Whenever special badge properties are changed it is necessary to do a
compile to put the changes into effect.
Files/Reports Menu
There are a large number of reports available under this menu. In all cases you
also have the option to output the report data to an ASCII file in comma
separated format. The interfaces to the reports are intuitive and self explanatory
and will not be documented here. There is also an Image file selection tool under
this menu to allow you to specify the directory or folder where all images are
located, and there is a log file access mechanism to provide additional
information about the system operation.
Scripts Menu
The access control system provides a powerful scripting facility. This facility
allows you to define scripts which consist of one or more commands that will be
sent to the TCP/IP interface within the INServ program when specific events
occur. There are a broad range of commands available including the ability to
unlock or lockdown doors and create other events within the system. (Caution: it
is possible to create infinite loop conditions with the scripting facility if events
trigger other events in such a sequence that the original event is recreated.)
Here is the screen that shows the list of defined scripts.
Inserting a new script brings up the following screen:
98
February 10, 2014
Software Reference
You may assign any name you wish to the script. The conditions that you may
then specify for the script to run include:
 The type of event that must occur for the script to run.
 Whether or not to use a Shift to limit when the event will run the script.
You can have the event run
o Only during the specified Shift
o Only outside the specified Shift
 Whether the script can be interactively invoked from the Monitor program,
and if so, the authority level required in order to do so.
 A door or door group at which the event must occur
 You may limit the event to a specific badge, a specific person, a member
of a specific group or may allow any occurrence of the event to trigger the
script.
If you chose an Input Point event you wil see this screen:
99
February 10, 2014
Software Reference
You may choose to filter by:
 Any IO Point
 a specific point,
 any point in a selected IO Module
 any point on any IO Module in an IO Group
You may also filter by IO Type
 Any Type
 any point of a specific Type
 any point of a type <= a selected Type
 any point of a type >= a selected Type
You may also choose to have the event triggered only on a change from ON to
OFF, only on change from OFF to ON, or on any change in IO state.
Once you have defined the conditions under which the script is to be run, you
may define the script itself.
100
February 10, 2014
Software Reference
This can be done using Notepad or any other text editor to create a file with the
correct filename (the name of the script file) with file type txt. The commands that
are valid in the script file are defined in the document “Script and TCP/IP
Interface Specification for the ISONAS Access Control System”. This document
is automatically loaded into the …ISONAS/Documents folder if you have chosen
to install the Interfaces.
To use the scripting feature, you must run the INRServ (ISONAS Notification and
Request Server) program, and within INRServ, you must run the TCP/IP
interface and the Script interface.
Monitor And IP Monitor Programs
There are two primary views available within the Monitor program
Then view menu allows selection of the view to be displayed:
System Monitor
Plan Monitor
Here is the System Monitor display:
101
February 10, 2014
Software Reference
The list at the top left shows the recent activity. Note that if a credential is marked
as valid as a PIN code (keypad entry) the display will show *pin* instead of the
number.
If operations are enabled then the buttons on the top right side of the screen will
be available and will have the following effects:

Operations admit at the selected door. The door will unlatch for
the latch interval

Opens a lookup screen that allows you to look up a person and
request an admit action for the person/badge at a selected door.

Opens a display of the current roster information. This will show
the people who have been observed entering inbound doors that are part
of a group of doors that are marked as a tracking group.

Depending on the model of the door,its current state and the
setting for the Temp/Perm flag this command will put the door (or all of the
doors in the selected door group) into a new state:
o For newer models (RC-02 and later)
o If the door is operating in Host mode and is in a latched condition
there is no effect on the door if the Temp/Perm flag is set to Temp.
If the flag is set to PERM the door is put into Host/Override state,
and with the Perm flag set, the door will NOT follow subsequent
programmed shift changes in state.
102
February 10, 2014
Software Reference



o If the door is operating in Local mode the door will be put into Host
mode, in the expectation that you want to manually override the
programmed behavior for the door. If the Perm flag is set, the door
will be set to Host Override and will subsequently ignore state
changes that are due to scheduled shifts starting/stopping.
For earlier models
o If the door is operating in Local mode, the door will be put into Host
Mode with either the Temporary or Permanent override set. If the
Permanent override flag is set then the door will ignore future state
changes cause by shift star/end.
o If the door is operating in Host mode it will be marked as either
Temporary or Permanent Override. If Permanent Override is set the
door will ignore state changes resulting from the start or ending of a
shift.
The set button will put a door into Host Override mode with
either the Temporary or Permanent flag set. If the Permanent flag is set,
the door will ignore state changes resulting from the start or ending of a
shift.
The clear button will put a door back into its programmed state,
either host or local. It will clear the Override condition (either Permanent or
Temporary).
The appearance of the third selection (Plan Monitor) will vary depending on what
you have chosen to display as Site or Floor plan views. Here is a typical screen:
103
February 10, 2014
Software Reference
You may select either display from the View menu. The system remembers the
most recently selected display and will automatically come up with that view the
next time the monitor program is started.
Logging on to the Monitor Program
104
February 10, 2014
Software Reference
Here is the logon screen for the monitor program when the software has not
been registered. As a convenience, while the software is not registered the
system displays the current administrative level passwords as shown above.
After the software is registered these are no longer displayed.
In addition to using the administrative passwords, you can logon to the monitor
using area usernames (if they have been defined within the Administrative
Program). When the UserName radio button is selected, the UserName field is
shown as displayed above.
When you logon with a username, you will only see the doors for that area and
the COMMON area, and you will be able to do Operations Admit operations to
those doors. You will be able to do UNLOCK, LOCKDOWN and reset to
NORMAL only for the doors within the logon area. You will NOT have an All
Doors option for these operations.
When you log on to an area, the area name will appear along with the software
version number in the top banner of the screen. When you log on using an
administrative password the top banner will say “All Areas”.
Operational Levels within the Monitor Program
The Monitor program may be run with Operations either disabled or enabled, and
if Operations are enabled, they will be enabled at one of 4 different levels of
authority.
If Operations are disabled, the program displays the status and activity within the
access control system, but does not allow any changes to be initiated through the
monitor program.
If Operations are enabled, the program will permit changes to be made as
defined below:
With Operations Level 0 and above:
 Clearing “In” status from People/badges allowing them to reenter (anti
passback override)
 Change the status of a given controller if the required door operations
level is less than or equal to the currently enabled (logon) authority level
o Normal
o LockDown (Ignore all except MASTER badges)
o Unlocked
If these commands are used to change the status of a controller
operating in LOCAL mode, the controller is forced into HOST mode.
 Operations Admit - Unlatch a door to permit an entry, if the required door
operations level is less than or equal to the currently enabled operations
level.
With Operations Level 1 and above:
 Clearing Alarm Conditions
With Operations Level 2 and above
105
February 10, 2014
Software Reference

Deleting Cleared Alarm records
These operational capabilities are provided based on the authority level at which
the operations are enabled. There are 4 authority levels, which are identified as
Level 0, Level 1, Level 2 and Level 3, with Level 3 being the highest.
To enable operations, you must give a password, and the level of authority which
is granted is determined by the password which is used. There are several
different ways to enter the password, which are discussed in below:
 If you invoke the Monitor from the Administrative module, the highest
(Level 3) operations password is automatically provided.
 If you invoke the Monitor from the “RUN” command or from a shortcut, you
may optionally pass an operations password as a command line
parameter.

Within the Monitor program, if the Operations are disabled you may
reenable them by clicking a checkbox. This redisplays the logon screen
allowing you to specify a password.
106
February 10, 2014
Software Reference
Functions Available within the Monitor Program
Current History
The current history list shows activity within the system in chronological order.
The current history list is limited by the setting of the retention days value, and
will only contain that number of days of information. (Note that the full history is
also available in the administrative program for reports of events that are not in
the current history table.
You can limit the display to show only records from a selected door group:
The scroll bar at the right and the VCR buttons on the bottom allow you to view
earlier events. Every time an event occurs, the list will automatically display it at
the bottom of the list.
107
February 10, 2014
Software Reference
UNLOCK,LOCKDOWN,NORMAL,CLEAR
The programmed door behavior can be manually overridden by using these
buttons. The override can be made either temporary or permanent.
 Permanent – the override condition will stay in effect until manually
removed by using the Clear button. If an Unlocked Badge or Unlocked
Automatic permission or a Scheduled Event shift starts or ends, any
“normal” changes in the door(s) will be ignored and the manually set door
condition will continue in effect. It may be reset by the Clear button.
 Temporary – the override condition will only stay in effect until changed by
the next Unlocked Badge, Unlocked Automatic or Scheduled Event shift
change. It may also be reset by the Clear button.
Roster
The “Roster” button accesses the Current Roster List window, as shown below.
108
February 10, 2014
Software Reference
If you have chosen to designate some Door Groups as Roster Tracking Zones,
and some of the Doors in the Door Group are defined Doors as IN, OUT or
IN/OUT Toggle, then the system will keep track of which people have most
recently been seen going through an IN door for that Door Group.
When a person who is “IN” goes through an OUT or an IN/OUT Toggle door,
they are removed from the Roster.
If you choose to implement anti-passback for the Roster Tracking Group, then
any person who is already IN will be refused access at any door coded IN, even
if they would otherwise be authorized to operate that door. NOTE: Master badges
are an exception to this rule. Master badges will ALWAYS be admitted, even if
the door has been put in LOCKDOWN mode. If some doors are coded INOUT,
then the behavior is as follows: if anti-passback is NOT enabled, the person will
be “toggled” IN and OUT each time they pass through a door coded INOUT. If
anti-passback IS enabled, the person will be toggled IN and OUT as long as they
are presenting a badge at the same door. If they are IN and present a badge at a
different door, they will be refused.
If Operations are enabled, the operator may remove people from the IN list by
using the Delete Button located below the list.
You may filter the Roster display and associated report by Door Group and by
Date/Time.
The Rebuild function is provided to deal with a special circumstance. Intermittent
network difficulties can cause a reader controller to lose communications with the
computer. While the unit is offline, it will continue to operate in standalone mode,
using it’s internal database to make decisions about admitting or rejecting
presented credentials. The reader controllers will record events that occur while
they are offline, and these events will be retrieved by the Crystal software when
the reader controller comes back online.
As these records are retrieved, they are put into the History and Current History
tables, but they do not update the Roster because that could create errors and
inconsistencies.
What the Rebuild function does is replay the Current History records to create a
Roster. This will correctly process all the records that may have been recovered
from standalone reader controllers.
NOTE: If you plan to use this Rebuild function, you should set the retention days
for the Current History file to a large enough number to guarantee that you get an
accurate Roster as a result of a rebuild. The default retention is zero days, which
means that the Current History table contains only information beginning at
109
February 10, 2014
Software Reference
midnight of the current day. People who entered a tracking zone before that time
would not show up in the Roster. By setting the retention days to 2 or 3 you can
be sure that you properly see all of the correct records.
Lookup
The Lookup button will bring up a search screen.
Typing a string into the search string box will and pressing Next will find the first
match in the database. Next and Previous will navigate forward and backward.
The search may be made case sensitive by checking the box. The Enable and
Disable buttons at the bottom of the screen will enable or disable the persons
access rights by either expiring or removing the expiration from all of the badges
assigned to the person.
Doors
The Doors list shows the doors that are currently defined in the system and
shows their current Mode and Status.
The Modes are:
 Normal – the door is prepared to read BadgeIds as presented and will
unlatch if the badge is authorized at this time for that door.
110
February 10, 2014
Software Reference


LockDown– the door will ignore all badges except Master badges, even if
the BadgeId would otherwise be authorized for the door at this time.
Unlocked – the door is unlatched and anyone may enter without
presenting a badge.
The buttons to the right of the list will be enabled if operations are enabled and if
the level of authorization is greater than or equal to the level required to operate
the selected door. If the buttons are enabled, the operator may change the Mode
of the door. If the Mode of the door is changed and the door has been set to
operate in LOCAL mode, it will be forced into HOST mode.
If you check the All Doors checkbox under the buttons, you will be asked to enter
the Administrative Password. If you correctly enter the Administrative Password,
all of the buttons will be enabled and whatever action you select will be applied
globally to all the doors in the system. The All Doors checkbox will be disabled
after you press any button or select a door in the Door List.
The Status column shows the current status of the door. This may include:
 Inactive – the door is not operating
 Closed
 Open
 Emergency – the door is in an emergency state of some sort.
Door Groups
The Door Groups tab will show the available door groups. If the UNLOCK,
LOCKDOWN or NORMAL buttons are pressed, the action will be applied to the
selected DOOR or DOOR GROUP.
111
February 10, 2014
Software Reference
Alarms
The display above shows both an active alarm and a cleared alarm displayed in
the Alarm list. When the alarm first occurs, it will flash and a tone will sound (if
the computer is equipped with a sound card). A silence button will allow any
operator to silence the sound, regardless of whether they have operations
enabled. If operations are enabled at level 1 or higher, the operator will also be
able to clear the alarm, which will remove it from the active display. The operator
may optionally add a note to the alarm as part of the clearing process. If
operations are enabled at level 2 or higher the operator will be able to delete
cleared alarm records.
Alarms may also be cleared by the presentation of an authorized badge to the
door controller at which the alarm occurred if the door and badge have been
properly authorized to do so using the facilities described in the administrative
module.
112
February 10, 2014
Software Reference
Activity
The Activity display shows the most recent activity, either at all doors or at only a
selected door as illustrated above.
If operations are enabled, the Operator may unlatch the selected door by
pressing the Admit button.
Monitoring Input and Output Points
113
February 10, 2014
Software Reference
From the Monitor application you can monitor input and output points. Inputs
typically monitor Alarms or status, Outputs could be used to control lights or other
devices.
The Input and Output tabs allow you to review the status of the I/O points, and
filter the display with numerous criteria.
View 1 through View 5
The view tabs allow you to display up to 5 different views, each of which would
typically be a floor plan or site map as illustrated below:
The select image button on the lower right of the screen is used to pick the image
to be displayed, which must be an image file located in the Image directory.
The Scripts tab allows you to view the scripts that are available for interactive
execution and to select and schedule them.
114
February 10, 2014
Software Reference
Plan View
If you have chosen the Plan View you will see the images that you have
configured for viewing using the Options/Floor Site Plans menu:
This screen allows you to select or deselect the plans that were configured within
the Administrative program. You may select as many plans as you wish. They
will each be displayed on a TAB as shown below:
115
February 10, 2014
Software Reference
The currently selected door is highlighted in the door list on the right and also has
the four colored icon showing on the screen at the door location. You may
change the selected door by selecting from the list or by a Left Mouse click on
the location of another door in the display.
A Right Mouse click on a door location in the display will bring up the following
screen:
A Right Mouse click on an IOPoint will bring up the following screen:
This will allow you to do an Operations Admit to the selected door or see the
current status of an IOPoint.
116
February 10, 2014
Software Reference
You may also get other messages if you are not authorized to manipulate the
door or if the door is in a Disabled or Standalone mode.
Attendance
Under the View menu you will find a choice for Attendance. This will bring up the
following screen:
Enter the time interval of interest in the From and To boxes. Then choose people
of interest. You may choose All people, only a selected group, or just a single
person.
The Doors selection mechanism can choose All Doors, All of the “IN, OUT or
IN/OUT Toggle Doors or all of the IN/OUT Doors in a selected Door Group.
Then press the Review button to see a screen similar to the following:
117
February 10, 2014
Software Reference
This screen shows the selected people on the left and the attendance history of
the selected person on the right. As shown above, if the system detects an
imbalance between IN and OUT it will highlight the person and the detail screen
in yellow and display the error message at the bottom of the screen. You may
use the Insert/Change/Delete buttons to modify the history data for the selected
person.
An imbalance between IN and OUT events can be accidentally created by a
person presenting their badge multiple times at a door during a single entrance
or exit event. The “Filter Duplicate Records” control on the screen will allow you
to remove records that are within the specified number of seconds of each other.
The Autocorrect First and Last check box will cause the system to treat people
are first seen going OUT as if they had entered at the start of the specified
interval, and to treat people who are still IN at the end of the interval as if they
had left right at the end.
The checkbox for “Run Reports on Server” is only available on the IPCrystal
version of the monitor. Instead of running the reports on the local workstation,
this checkbox will cause the reports to be run on the server were the database is
located. For larger systems this can result in a significant performance
improvement. If this feature is used, the report data will be displayed in a
Notepad text edit screen when the report has been completed.
The Print button will print a single person’s access history. The Print All button
will print all of the individual records. The Print button under the list of people will
118
February 10, 2014
Software Reference
print a summary report and also optionally output it in CSV (Comma Separated
Values) format to an ASCII file which can then be input directly into a payroll
preparation program.
NOTE: This report requires that you have coded at least some of your doors as
IN and OUT, and it looks for only IN/OUT records to prepare the report.
Filtered History
Under the View menu you will find a choice for Filtered History. This will bring up
the following screen:
The choices at the top of the screen allow you to set up filters to show selected
information. You may use these filters to very quickly display selected activity.
Options
Under the Options menu you will find two choices, Sound and Image Directory.
The Sound menu shown below allows you to select WAV files to be played when
different events occur. (Note that the computer must be equipped with a sound
card for the sounds to be audible.)
The system is distributed with three WAV files as shown. You may substitute any
others as you wish.
119
February 10, 2014
Software Reference
The Image Directory choice brings up a directory selection screen:
The system requires that all pictures and images of floor plans be in a single
directory, which is chosen here.
CSUP Program
The CSUP.exe program is the communications supervisor program that directly
communicates with the reader controllers defined for a given Supervisor.
A Controller Supervisor may have any number of defined reader controllers.
For older serial-based systems, a CSUP may have at most one Comm Port type
connection. If the reader controllers are attached to a Comm Port, then the
supervisor program must be running on the computer where the connection is
attached to the comm Port.
Normally the controller supervisor program runs as a windows service or is
iconized. If it is running as a windows service, most versions of the Microsoft
Windows operating system will not allow the display of a user interface. If it is
running as an application you can see the user interface and if you maximize it,
you will see a screen like this:
120
February 10, 2014
Software Reference
If the system is operating correctly the clock and interval values will be updating
frequently and the “Active Controllers” will show that all defined controllers are
included in the current active count. For synchronous reader controllers, the
Interval shows the number of 1/100ths of a second since the last time the
indicated controller was polled. The Max Interval shows the longest interval that
has occurred since the last Reset. The Administrative Program will cause the
controllers to reset whenever important control parameters are set or changed.
Communications Supervisor Startup Options
There are a number of ways for the CSUP application to be started as a Console
Application:
Use the Start button available in the View Network screen of the
administrative program. When you select a, the program will allow you to
either start or stop the Communications Supervisor application for that
supervisor, depending on whether it is already running or not.

Shortcut
You may start the programs as a Console Application using a shortcut
121
February 10, 2014
Software Reference
There is a required parameter as shown above (the CS(02) on the Target
line). The parameter specifies the two character id of the Supervisor for
which the CSUP.exe is to run. It is also necessary that the Start In
location be correctly specified. The ISONAS database is in the LiveDB
folder one level down from the ISONAS folder where the programs are
stored.
NOTE: If your path to the folder containing CSUP.exe contains folder
names that have embedded spaces, use the double-quotes around the
fully qualified path name, such as:
“C:\Program Files\ISONAS\csup.exe” followed by the id.
The Controller Supervisor program.exe can be manually started as a
Windows Service by issuing the following command from the Windows run
command facility:
122
February 10, 2014
Software Reference
This will install the CSUP.exe as a Windows Service but will not start the
service itself. To install as a Windows Service and run the program at the
same time, the same run command is issued but with the “/install”
replaced by the “/iss” parameter (“Install and Start Service”).
When the CSUP.exe is installed as a Windows Service but not started
(Install option above), the following confirmation will appear:
Once the Supervisor program is installed, it can be started or stopped
through the Windows Service Manager from either the “Action” menu item,
right mouse-click on the Service and clicking “Start” or right mouse-click
on the Service, clicking “Properties” and clicking on the “Start” button on
the Properties display. This is illustrated below:
123
February 10, 2014
Software Reference
When running the CSUP or other Isonas programs as windows services,
use the recovery tab on the windows services property screen to set the
recovery options to “Restart Service” for all failures.

Startup Directory
124
February 10, 2014
Software Reference
If you create a shortcut to bring up the CSUP.exe (including the
parameters as described above) and put it in the startup directory, the
Supervisor program will be started whenever the computer is logged on.
Controller Supervisor Stop Options
The Controller Supervisor running as a console application can be stopped from
within the Administrative program by clicking on the Stop button with the
specified Supervisor selected on the network display.
It can also be stopped by using the windows task manager (CTL-ALT-DEL)
For Controller Supervisors running as Windows Services, they can also be
stopped through the Windows Service Manager by right clicking on the service
and selecting the stop option.
Note that if the program has been defined as a windows service, stopping it does
not remove it as a service.
To remove the Controller Supervisor program as a windows service, the following
command can be run. It is recommended that you first stop the service.
125
February 10, 2014
Software Reference
Upon issuing the run command for uninstalling the Windows Service, the
following confirmation will be displayed and the Controller Supervisor will be
removed as a Windows Service from the Windows Service Manager
:
Note that if the CSUP.exe program is running as a windows service, uninstalling
it does NOT stop the execution.
Advanced Networking
It is very common for companies to want to have multiple users and workstations
monitoring or administering the ISONAS Access control system, and the system
has been designed to easily allow you the full use of all facilities from anywhere
in the wide area network. You may use any of the standard tools and techniques
to enable users at other workstations to access the software and database stored
on a selected server or workstation.
CAVEAT
One of the most commonly used techniques to enable remote access is to
create a shared folder on the server and simply map that folder on the
remote workstations from which the software is used.
This simple approach is widely used and is a fully satisfactory solution
for many users. However, in some cases it has been shown to create
problems leading to database corruption.
You should always be doing regular data backups to avoid loss of critical
information, and this is especially true if you are using this mapping
technique to enable remote access.126
February 10, 2014
If you encounter database corruption problems ISONAS recommends
that you stop using the mapping technique and use RDP, EasyWeb or
Software Reference
Conceptual Overview
It will help to understand a little about how the system works.
1. The CSUP.exe program(s) are the ones that directly communicate with
the door controllers.
For older serial reader-controllers, the CSUP may be polling each
controller on the connection 3 – 4 times a second. When the controller
reports that a badge has been presented the CSUP.exe program does a
high speed lookup in the database to see if the badge is authorized to
open the door at the present time, and if so it tells the door controller to
unlatch for the defined latch interval. After the latch interval has passed,
the CSUP.exe will tell the door controller to relatch. There are also various
buzzer and LED changes, based on how you have programmed the door
controllers to behave. The CSUP.exe program writes significant events
(such as a badge being accepted or rejected) to the database history file.
For newer reader controllers,there is no polling required. The reader
controllers asyncrously report badge presentations. The reader-controller
usually operate in LOCAL mode. In this mode, the reader controller makes
the decision on how to handle events such as badge presentations and
takes that action. It then sends a message to the computer showing the
action that was taken.
2. The Monitor and interface programs are watching the database history file
looking for new records to appear in it. When they find new records, they
retrieve them and display the information.
3. When an Administrative or Monitor program needs to send information to
one of the door controllers, it does so either by writing into a
127
February 10, 2014
Software Reference
communication file that is unique to the server to which the door controller
is attached or by sending a TCP/IP command to the CSUP using its
assigned TCP/IP port. The CSUP.exe program is looking for new
commands, and when it finds one it executes it.
With this background let’s now look at configuring and setting up for network
operations.
Maximums
The system can theoretically support an unlimited number of door controllers
which can be attached to an arbitrary number of controller supervisors. Actual
limitations are imposed by performance considerations. In local mode it is
reasonable to connect 100 or more readers to a single CSUP and a single
computer can run 30 or more CSUPs.
For older serial readers (Model PRC-001):
The controller id (1-254) must be unique within the connection, and the
theoretical maximum number of controllers on a connection is therefore
254. If you are operating in a non-polled mode, you may put the maximum
number of controllers on a connection. If you are operating in the normal
polled mode then you should limit the number of controllers to guarantee
performance. With the technology available at the time of this writing, we
recommend no more than 8 to 10 controllers per connection when polling
is being used.
Sharing the Database
You can pick anywhere in the network as the location of the database. On that
system, you must define the directory in which the database is located as being
shared for read/write. You may use windows facilities to protect by password and
to limit the users who may share to the selected authorized group.
Every computer on which you are going to run any system component
(CSUP.exe, Administrative Program or Monitor Program) must map the database
directory AS A LOCAL DRIVE.
Location of Software
We recommend having the ISONAS software loaded in ONLY ONE directory
(which does not have to be the same as where the database is but can be.) This
avoids confusion and simplifies updates. The software is quite small and will load
and execute over the network very quickly. Create shortcuts to run the
Administrative and Monitor programs from workstations where they will be used.
Be sure the “start in” directory correctly points to the shared database, which is
mapped as a local disk on each machine.
You can load the software on multiple machines and point it at the shared
database as an alternative if you prefer.
128
February 10, 2014
Software Reference
Where to run the Communications Supervisor programs
For TCP/IP connections, you may choose to run the programs anywhere in the
network .
For older serial-based system with Comm Port connections, you have no choice
but to run the CSUP.exe for that connection on the computer to which the comm.
port is attached..
How to start Communications Supervisor program
The best way to start the communications supervisor programs in a production
system is to have them start automatically when the system starts up. You can
achieve this by defining them as services as described above.
If you do not have the Controller Supervisor programs start automatically, you
must start them manually on each machine on which they must run. You can
physically go to each machine and use the various facilities to start the program
or use tools such as pcAnywhere or network administrator tools to start tasks on
remote computers.
129
February 10, 2014
Software Reference
Badging Program
The Badging program will print information from the People database onto prox
cards. Here are the menus available when you bring the program up.
Options
Image Directory
This choice allows you to set the Image Directory, just as you can within either
the Administrative program or the Monitor program.
Password
This choice allows you to change passwords.
User Defined Field Names
This choice allows you to set or change the labels assigned to the User Defined
Fields.
About Badging
This choice provides information about the badging program itself.
130
February 10, 2014
Software Reference
People/Badges
People
This screen is similar to the one in the Administrative module.
The index value above the image may be set from 1 to 9 to define or select one
of 9 possible images associated with an individual. These can be different
pictures (front view, profile view) or other images such as images of signatures.
Read BadgeIds
This function is provided to make it easy to read in badgeids and assign them to
“new” People in the database so the badgeids may be easily printed on cards.
131
February 10, 2014
Software Reference
To use this function:
1. Select the door controller from which you wish to read badgeids
2. Enter a prefix to be used for the person’s name
3. Enter a starting number to be used for the person’s name.
4. Start the read operation by pressing the Start button.
5. Present badges to the door controller. As each badge is read, the program
looks in the database to see if the badgeid exists in the database. If it
does not, the program creates a Name by using the prefix and the number
and adds a person with that name to the database with the assigned
badgeid.
Later when the Card Printer program is described, you will see that having the
People defined (and sorted in order) makes it simple to print badgeids on the
plastic cards.
Card Layouts
Here is where you define the layouts you wish to use. The system is shipped with
some example layouts which will help you get started.
The list on the left shows the names of the defined layouts. You may use the
Insert/Change/Delete buttons to manage this list. The Copy button is handy if you
want to make a layout that is similar to an existing layout without changing the
existing layout.
The list on the right shows the “Controls” that have been defined for the current
layout, and the raised panel in the bottom center shows detail about the selected
control.
If you press the insert button under the list of controls, here is the screen you will
see:
132
February 10, 2014
Software Reference
On the left side of the screen is a list of the possible choices for the type of
Control you are defining. The options are:
 Text String – this is a string of fixed text, such as the company name
 Variable String – this is an item to be read from the People database, such
as the persons last name or social security number
 Image – this is either the person’s picture from the Image file or another
selected image such as a company logo.
 Region,Line,Box,Ellipse – these are shapes you may draw on the card
using various boarder and fill colors.
If you select the Image type of control, here is the screen that appears:
You may select one of nine possible images associated with a person or may
select another static image such as a logo.
133
February 10, 2014
Software Reference
The control you define will have its “origin” at Xpos , Ypos and will have the
indicated Width and Height. It is recommended that you simply accept the
defaults and then move and size the control using the mechanisms described
below.
There are two ways to select a control to work on it:
 Select it in the list on the right
 Select it with the mouse by positioning the mouse over the control and
holding down the ALT key on the keyboard while pressing and releasing
the left mouse button.
Once a control has been selected you can MOVE it by:
 Directly dragging it. Put the mouse over the control, press and hold the left
mouse button, and drag the control where you want it. Then drop it by
releasing the left mouse button.
 Press the left, right, up or down arrow keys. The control will move in the
indicated direction.
You may also resize a control
 Hold the shift key down and press the left, right, up or down arrow key.
The size of the control will change in the indicated direction.
As you select different types of controls the raised panel will display current
information about the selected control and allow you to make appropriate
changes. Here is the information for a TEXT control
134
February 10, 2014
Software Reference
You can change the font, including typeface, color, size and special effects like
underline and italic. You can set a background color, control the justification,
rotate by tenths of a degree and set the background to be transparent.
The same facilities are available for Variable strings.
For images, here are the choices
The software will always make the image fit in the available space. If the space is
larger than the image, you have the choice to have the image stretched (without
allowing distortion) Note: Stretching an image will reduce the “quality” of an
image. You also may justify the image both horizontally and vertically.
Here are the choices for shapes:
135
February 10, 2014
Software Reference
CardPrinter-Single
This screen allows you to print a single card, which may be either one sided or
two sided.
When you select the CardPrinter menu you will immediately be asked to select
the printer to be used. (Note.. if you do not have a printer defined you can not get
to this screen).
136
February 10, 2014
Software Reference
On this screen, you select the desired layout from the list on the left and the
desired person from the list on the right. You see an image of what will be
printed, and press the print button to send the data to the printer. Whenever you
print, the system will automatically select the next person. If you have used the
Read BadgeId screen described earlier, the People you added will be in the
database in order and you can easily print the badges with badgeids.
CardPrinter-Multiple Badges
This screen allows you to print multiple badges on a single sheet (one sided).
The layout of the badges on the sheet is controlled by the templates that are
displayed on the bottom left. The selected layout is shown visually to the right of
the layout list. To enable reuse of partial sheets, there is a skip count field that
will cause the software to skip printing the first “skip count” positions. The badges
that will be printed are controlled by the selection arrows to the left of the People
List. Use these arrows to move the names of the selected people in or out of the
selection box.
137
February 10, 2014
Software Reference
Tools/Utilities
The following are tools and utilities that are useful for supporting the operation
and maintenance of an active Crystal Access System.
CTEST
The CTEST (Controller Test) utility will send selected commands to reader
controllers and display the responses. It can be used with or without a defined
database of reader controllers. When the program is invoked, it brings up the
following screen:
If you enter the two character ID of a defined CSUP, the screen will display the
defined reader controllers attached to that CSUP.
138
February 10, 2014
Software Reference
Selecting a reader controller and pressing the Connect button will cause the
program to attempt to open the connection to that reader controller. You may
open multiple connections simultaneously. Once the connection is open, an
alphabetical list of commands will appear on the left side of the screen. Selecting
a command will allow you to further select or specify parameters for the
command, after which it may be sent to the selected reader controller. The
hexadecimal values sent and received will be displayed and the response will be
interpreted as shown below.
Database Repair and Maintenance (DBRM)
Infrequently problems arise with relational databases such as the one used by
the ISONAS Access control software. Most often these problems are associated
with the indexes that the database uses to provide high speed access.
Fortunately, the data itself is usually not damaged or lost and the database can
be fully recovered and repaired by a simple sequential copy operation. The
DBRM.exe utility program is provided for this purpose. It also includes a data
import/export facility and a Convert program to change database formats.
139
February 10, 2014
Software Reference
Check
The Check menu brings up the following screen:
Pressing the Check button causes the system to go through the entire database
files listed and check for errors. The number of records found in each file is listed.
If errors are detected a message will indicate the problem. Rarely the system
may actually crash attempting to check a damaged file. You can tell which file is
being worked on by the progress of the record counts.
140
February 10, 2014
Software Reference
Repair
The Repair menu brings up the following screen:
Check any files that need to be repaired and then press the copy button. The
system will make copies of the selected files which you may then rename to
replace the damaged files.
Import
Import allows you to chose either CSV files or XML files
Here is the screen that is displayed when you select the CSV Import menu:
141
February 10, 2014
Software Reference
The tabs allow you to select the type of file to import
The People tab displays the following screen:
If the Convert HID Badge Numbers box is checked, the following additional fields
appear:
142
February 10, 2014
Software Reference
The HID conversion factor is required for the system to correctly convert HID
badgeId values to the value that will be read for that badge on an HID enabled
ISONAS reader/controller. The conversion factor may be determined by reading
one HID badge on an ISONAS reader controller and then using the screen
reached by the HID Site/Facility Code button:
Simply enter the two badge id values and the system will calculate the correct
Site/Facility Code to calculate the ISONAS badgeid values for other HID badges.
Use the ellipsis button to select the CSV (Comma Separated Value) file that
contains the desired information (People information or group membership) and
then press the Import button.
143
February 10, 2014
Software Reference
Hint: An easy way to see the required format for the information is to use the
Export function below to create files and then edit them with Notepad or
Wordpad.
The XML Import mechanism is simpler. It is designed to import a complete
database which has been exported from another copy of and ISONAS access
control system. Here is the Import XML screen:
The normal choice is to select the “Clear table” option.
Export
The Export also provides two choices:
Here is the screen that is displayed when you select the Export CSV Files menu:
144
February 10, 2014
Software Reference
Select the file type you want to export and enter or select the target CSV file,
then press Export.
The Export XML choice will export all of the important tables from the database.
Convert
The convert menu option lists conversion programs used updating the Crystal
Matrix software. See the software upgrade installation instructions for more
details.
INRServ
145
February 10, 2014
Software Reference
The ISONAS Notification Request Server is discussed in a separate document
which is included in the installation if the Interfaces are selected for installation.
ISOCopy
The ISOCopy program is another approach to solving the problem of backup
programs that will not copy open files. This program creates copies of the key
files used by the ISONAS Access control software. Once these files are created
and the ISOCopy program shuts down, the copies are closed and therefore will
be successfully backed up.
The ISOCopy program will copy files from the LiveDB directory to the Backup
directory under the in the ISONAS home directory. It is possible to set up a
Windows Scheduled Task to run the ISOCopy program (typically once a day) at a
scheduled time to ensure that a timely backup is always available.
If the ISOCopy program is run with no command line parameter, it will start up
and will automatically copy files and then automatically shut down. If ISOCopy is
run with the command line parameter
/PAUSE
It will display the following screen:
When the Copy button is pressed, the files will be copied and the record count for
both the original and the copy file will be displayed as shown below:
146
February 10, 2014
Software Reference
Note that these are not ALL of the files used by the ISONAS Access control
system. These are the key files that contain the configuration defined by the user
and the volatile data files representing system activity.
Other files used by the ISONAS access control system are temporary or are
generated from these files when a full compile is performed.
Virtual Reader
See the separately distributed Virtual Reader User Reference Guide for a
complete description of the Virtual Reader and its operation. The virtual reader is
a software program that acts just like a physical reader. It allows you to run the
ISONAS Administrative and Monitor program to observe the operation of the
system.
PlugNPlay
The ISONAS PlugNPlay program is useful in two different contexts:
1. As an installation aid that will assist with the installation and configuration
of ISONAS IP and Wireless IP reader controllers.
2. With DHCP enabled readers, it can be run as a windows service and will
automatically update the ISONAS database when the IP Address of a
reader controller changes.
147
February 10, 2014
Software Reference
The options menu shown above are used to install and uninstall the program as
a Windows service. If the program is not running as a service it will automatically
bring up the PlugNPlay user interface screen. If it is running as a service the user
interface screen is not automatically displayed but may be displayed by selecting
the PlugNPlay menu option.
DHCP Enabled Reader Controllers
For PlugNPlay to automatically update the ISONAS database for DHCP enabled
reader controllers, the computer where the PlugNPlay program is running must
be defined in the network DNS Server with an ALIAS of
SrvrACS
(DNS is not case sensitive). When a DHCP enabled ISONAS reader controller
receives its IP address (either on startup or at a later time when the lease in
renewed) it will use the DNS service to find the SrvrACS computer. It will then
send a UDP message to a specific port at that computer. The message includes
both the MAC address and the IP address of the reader controller. The
PlugNPlay program listens on that port, and when it receives the message it will
update the ISONAS database. If the reader controller is already in the database,
the IP address will be updated if necessary. If the reader controller is not already
in the database it will be added.
NON DHCP Enabled Reader Controllers
Reader Controllers that are not DHCP Enabled use fixed IP Addresses. The label
on the back of the reader controller will show the factory assigned IP address,
which is typically set in the range 192.168.1.50 to 192.168.1.150.
148
February 10, 2014
Software Reference
It is frequently the case that this IP address has to be changed to conform to
local network addressing requirements. PlugNPlay is the tool that is used to
make this change BUT PlugNPlay must be running on the same subnet as
the reader controllers in order to make the change. The reason for this
requirement is that the technique used is to send UDP Broadcast messages, and
those messages are only propagated within the subnet.
When readers controllers are being installed in networks with multiple subnets, it
is necessary to preconfigure the units or to temporarily connect a computer to
each of the subnets in order to use PlugNPlay to change the IP Addresses.
Here is the PlugNPlay user interface screen:
PlugNPlay – AutoFind
The AutoFind function is intended to assist in the initial installation of large
networks. It will automatically run the “FIND” function described below and if new
reader controllers are found the AutoFind function will automatically modify their
IP Addresses to the next available addresses in the IP Address Pool and
configure them on the Isonas network.
149
February 10, 2014
Software Reference
PlugNPlay - Find
Pressing the Find button will cause the PlugNPlay program to search for all
devices with MAC Addresses that begin with 00-20-4A which will find all ISONAS
IP and Wireless IP readers, (and may find additional devices).
ISONAS devices have a checkmark in the ISONAS Device column. Devices that
are out of the addressable range show in red.
PlugNPlay – Manage IP Address Pool
The PlugNPlay program can change the IP address of the selected device. The
first step is to use the Manage IP Address Pool button to define IP addresses
which will be used for the ISONAS Reader Controllers. Here is the screen that is
used for this purpose:
The controls on this screen let you insert, delete or change an individual IP
address or to insert a range of IP addresses into the pool.
150
February 10, 2014
Software Reference
PlugNPlay – Change IP Address
The second step is to use the drop list control on the main screen to select the
desired IP address you wish to assign to the controller and then press the
Change IP Address Button. This will send the commands to the device to change
the IP address and then approximately 10 seconds later will automatically repeat
the Find. The device will now show with the reassigned IP as below.
Note that for RC-02 and RC-03 reader controllers, it is necessary to specify a
password before the IP address can be changed or before other changes can be
made to the configuration. The PlugNPlay program will automatically fill in the
default password. You may change the password on a reader controller by
pressing the Change button beside the password entry field.
The default password is
F0F1F2F3
This value is reset if the reset button on the back of the unit is depressed
and held for 10 seconds.
151
February 10, 2014
Software Reference
PlugNPlay – Add to ISONAS Network
The device can now be addressed. You will note in the screen above that the
device shows a X in the Configured column. This means that the device is not
currently defined in the ISONAS Access Control network, which is displayed in
the tree structure at the right of the screen. Pressing the Add to ISONAS Network
button will add it to the ISONAS Network. Devices that are added will be added
to a CSUP with the two character ID of “~~”. The initial name for this CSUP will
be set to “~Reserved~” but you may change that to anything you wish.
PlugNPlay - Strobe
The final control on the screen is the Strobe button. This button becomes
available when you have selected a specific reader controller in the Access
Control Network on the upper right side of the screen.
Pressing the Strobe button will start a cycle of alternately flashing the LEDs on
the Reader Controller and sounding its buzzer. This will clearly identify the
controller and confirm that it is configured and communicating.
152
February 10, 2014
Software Reference
PlugNPlay - Configure
If you connect to a device you can go to the Configure tab shown below. (Note:
For RC-02 you must have entered the password on the previous screen before
any changes will be accepted). On the configuration screen you can change
settings for the values shown.
The RC-03 unit can be configured to operate as either a server or as a client.
When configured as a server the unit listens on the configured port and waits for
153
February 10, 2014
Software Reference
an incoming connection from a host computer. When configured as a client, the
unit will attempt to connect to the defined host. The unit uses the following logic
to find the server:
 If DHCP is available
o Contact DHCP to get an IP address, subnet mask, gateway and
DNS address
o If the Remote Host name is specified, get the associated IP
address from DNS. Otherwise use the specified Remote Host IP
Address
 If DHCP is not available but the Remote Host Name is specified, use the
DNS IP address to request the address of the Remote Host. Otherwise
use the specified IP address of the Remote Host.
The unit will then attempt to connect to the specified port on the Remote Host,
and will continue to attempt connection several times a minute until it is
successful.
PlugNPlay - Security
This screen shows some options that apply only to PRC-001B units. These can
be used to enable or disable various channels through which the device can be
reached and to enable encryption and set passwords.
Caution – you can make it difficult or impossible to communicate with a
reader controller if you misuse these controls!
154
February 10, 2014
Software Reference
The Encryption option is available for all models of ISONAS reader controllers.
CMLOAD
The CMLOAD program will load microcode into the ISONAS reader controllers.
There are three different microcode types.
 PIC – for the PIC microprocessor
 Freescale – for the Freescale microprocessor
 WEB – web pages for direct access (these run in the Freescale processor.
Here is the main screen for the CMLOAD program:
Use the controls on the bottom of the screen to select the files that are to be
loaded to each controller:
After all the files have been selected, press the Load button on the right hand
side of the screen. This will start load processes on separate windows threads.
The maximum number of concurrent processes is determined by the Concurrent
value set on the lower right side of the screen. Updating of each reader controller
is handled by a single thread.
The CMLOAD program will negotiate with CSUP programs if necessary to
perform the load. The reader controllers will be “disconnected” from the CSUP,
155
February 10, 2014
Software Reference
the load will be performed, and the reader controllers will be reconnected to the
CSUP and restarted.
During the actual upload process the reader controllers will not respond to
badges or keypad entry. The time required for upload varies and can be slowed
by network traffic, but loading all three file types to a single reader controller will
typically require less than 5 minutes.
If multiple units are being uploaded, each thread operates independently so the
time to load is overlapped.
The CMLOAD program can also be started with a command line parameter
“LOAD”. This will cause the program to immediately start the loading process.
You can therefore configure the load at your convenience and then use the
windows task scheduler to have it start at a later time when the interference with
the operation of the doors will be less troublesome.
156
February 10, 2014
Software Reference
157
February 10, 2014
Software Reference
CCheck
The CCheck program will load data back from selected reader controllers and
compare the programming to the host database. The two databases should
normally be in sync, but if a reader is offline for some or all of a compile process
the two databases can be out of sync. Here is the CCheck screen:
158
February 10, 2014
Software Reference
Appendix A - Configuring ISONAS readers and DHCP
ISONAS supports Dynamic Host Configuration Protocol (DHCP) for managing your
PowerNet reader-controller’s IP address. The ISONAS implementation of DHCP support
is accomplished through both the PowerNet reader and with versatile software that will
listen for changes to the reader’s IP address and update the Crystal Matrix database. That
software is the PlugNPlay application.
There are 4 main procedures required to set up DHCP support for the ISONAS system.
1.
2.
3.
4.
Configuring DHCP service on your system
Optionally configuring DNS service on your system
Enabling DCHP in your PowerNet reader
Setting up PlugNPlay
Configuring DHCP service
DHCP service is a native component of many versions of server operating systems and it
is also available in most hardware routers and access points. The actual configuration of
your network’s DHCP service is beyond the scope of this document but you should
know that if you enable DHCP on a PowerNet reader, it will make a request from that
service for its network configuration settings, which include the: Reader’s IP address,
Gateway, Subnet mask, and DNS server IP address.
Configuring DNS service
DNS service is a native component of many versions of server operating systems but is
not usually available for any of the home releases such as XP, Vista or Windows 7. Once
again the setting up of DNS service is beyond the scope of this document but you should
be aware that a DHCP enabled PowerNet reader will make use of your DNS service in
two different wayswhich are described next,

Self Registration
Crystal Matrix Notification DNS Self Registration
When a DHCP enabled reader boots up, it will attempt to register its name with the DNS
service. The format of the name is comprised of the text “RDR-“ followed by the last 6
digits of its MAC ID. Thus a reader with the MAC ID of 00-18-CA-00-16-A5 will
attempt to register a DNS name of “RDR-0016A5.” This registered DNS name becomes
very useful for retrieving the IP address of the PowerNet reader which you can do by
pinging the DNS name. The DNS name is also useful if you should want to connect
directly to the PowerNet reader’s configuration web pages, you may use the DNS name
as the address in your web browser; e.g., “http://RDR-0016A5”.
DNS and Crystal Matrix Notification
In order for your ISONAS system to run smoothly with DHCP, the IP address of the
PowerNet reader must be correctly reflected within the Crystal Matrix database, this
process can be automated via the PlugNPlay program.
159
February 10, 2014
Software Reference
In order for the PowerNet reader to notify the PlugNPlay program of any IP address
changes, the reader must know how to locate the PlugNPlay program and make a TCP/IP
connection. The PowerNet reader can be configured to find the PlugNPlay program
using one of the following configurations:
1. If you have a DNS service installed on your network then you can create an entry with
the name “SrvrAcs” and assign that entry the IP address of the host machine running
PlugNPlay.
2. If you do not want to use the default name of “SrvrAcs”, then you can choose any name
that you like and set it up in DNS but then you must configure the PowerNet reader to
use the your new name rather than the default name (described under Enabling
PowerNet DHCP).
3. If you do not have DNS or do not wish to use it, then as long as you know the IP address
of the machine running the PlugNPlay program, you can configure the PowerNet reader
to use that IP address instead of a DNS name (described under Enabling PowerNet
DHCP).
Enabling PowerNet DHCP Support
The PowerNet reader optionally supports DHCP which can be enabled or disabled
through either the ISONAS PlugNPlay program or the Embedded Web pages on the
reader itself. Once you enable DHCP then the reader will obtain and manage the address
of the reader dynamically according to the rules defined within your DHCP service. If the
DHCP service is not available then the PowerNet reader will revert to the IP address
currently in it’s memory, which was initially assigned at the factory and may have been
updated using PlugNPlay or the embedded web page interface.
Enabling DHCP with PlugNPlay
To enable DHCP in a PowerNet reader using the PlugNPlay program, you must connect
to the PowerNet reader and then use the Configuration tab to:


Put a check mark in Enable DHCP by clicking on it
Fill in the ACS Alias or the ACS Server IP fields
160
February 10, 2014
Software Reference
The ACS Alias field must be a valid DNS entry. If you do not have DNS service or do
not wish to use DNS then you can put the IP address of the machine running the
PlugNPlay program into the ACS Server IP field.
Note: The Password field must be filled in correctly prior to clicking on the Set button.
The default password is “F0F1F2F3”.
Enabling DHCP with Embedded Web Pages
To enable DHCP in a PowerNet reader using the Embedded Web pages you must use a
web browser to connect to the PowerNet reader (http://ipaddress or Error! Hyperlink
reference not valid. ) and then navigate to the LAN page and use the ACS DNS Name or
IP Address field.
The ACS DNS Name or IP Address field must be a valid DNS entry or the IP address of
the machine running the PlugNPlay program.
Note: Be sure to click the Save button and then the Log Out button when you have
finished.
Whichever method you chose for enabling DHCP on the PowerNet reader ensure that the
following is true:


If you configure the PowerNet reader with a DNS name then you must have a
corresponding entry in the DNS service. Remember that if you want to use the default
DNS name “SrvrAcs” then you do not need to configure this in the reader.
If you configure the PowerNet reader with the IP address of the machine running the
PlugNPlay program, then make sure that the IP address is correct.
Once the PowerNet is correctly configured it will perform the following sequence during
its power up sequence (see diagram below):
1. When the reader starts up it will check to see if DHCP is enabled.
a. If DHCP is enabled, then the DNS settings are examined
b. If it is NOT DHCP enabled, then the DNS settings are ignored
2. The reader will check for the existence of a DNS name configured in the reader:
161
February 10, 2014
Software Reference
a. If a DNS name exists then the reader will try to resolve the name into the
corresponding IP address.
b. If the DNS name field is not configured the name cannot be resolved, then the
reader will try and resolve the default DNS name “SrvrAcs”.
c. If steps “a” and “b” fail to find an IP address, then the reader will look to see if
the ACS IP address is configured.
3. If an IP address exists then the reader will start sending a message to the IP address, the
message will contain the MAC ID and actual IP address of the reader. The reader will
continue to send this message until it is instructed to stop sending by the Crystal Matrix
program. The reader will resume sending out the message if one of the following
conditions are met.
a. Any of the network information changes; such as, IP address, Subnet mask.
b. The reader’s power is cycled
When a PowerNet reader is DHCP enabled, the power up sequence may be longer than
when it is not enabled. The length of time that a DHCP enabled reader will take to power
up is dependent on the settings and the response time from your DHCP and DNS
services. If both services respond quickly then the power up sequence will not be
noticeably longer, if the services are slow to respond or do not exist on the network, then
the power up sequence could take as long as 45 seconds.
162
February 10, 2014
Software Reference
Setting up PlugNPlay
The PlugNPlay program must be running in order to process IP Address change
commands from any PowerNet reader. You must make choices about how you want to
run the PlugNPlay program and how you want it to process reported IP address changes.
Running PlugNPlay
The PlugNPlay program can be run on an As Needed Basis, a Terminate and Stay
Resident (TSR) or a Windows service.
Running PlugNPlay on an as needed basis
When you suspect that there are IP addresses that have changed on your network of
readers or if you have installed new readers, you can simply start the PlugNPlay program
using the programs menu of Windows.
Running PlugNPlay as a TSR
Once you have started the PlugNPlay program you can opt to leave it running in the
background instead of shutting it down completely, in fact this is the default option
should you click on the “X” to close down the screen. The only way to cause PlugNPlay
program to actually stop running is to click on the Options menu item and select “Stop
execution”.
If you click on the “X” (as seen below)
to close the PlugNPlay screen, the program screen will disappear but the program itself
will still be executing and a small icon should appear in the executing programs portion
of your windows screen. To activate the PlugNPlay screen again you simply click on the
PlugNPlay icon.
Running PlugNPlay as a windows service
To run PlugNPlay as a Windows Service start PlugNPlay in the normal fashion and then
click on the “Options” menu item and choose “Install as a Windows service.”
163
February 10, 2014
Software Reference
When PlugNPlay is running as a windows service a small icon may appear in the
executing programs portion of your windows screen (depending on the host’s Operating
System).
PlugNPlay processing IP changes
Once the decision on how to run the program is made, there are multiple ways of having
the PlugNPlay program process IP address changes; they are, Manually, SemiAutomated, Fully Automated
Manually
The manual method involves starting the program, clicking on the FIND button to
process any changes that have occurred to the reader network since the last time the
FIND button was clicked. After clicking on the FIND button the program is shut down by
using the option to “Stop execution”.
This method will update the Crystal Matrix database with any IP changes but will not
automatically add any new readers found on the network to the database, this feature
requires “Fully Automated” discussed later in this section of the document.
Semi-Automated
The semi-automated method involves leaving the PlugNPlay running all the time with the
Autofind activated so that it can process any reported IP changes or new readercontrollers added to the system. Each change or addition will prompt the user to accept
the change or addition.
Fully Automated
In order to have the IP address changes processed and to have new readers on the
network added to the Crystal Matrix database, you should run the PlugNPlay program as
a service and have the computer on which it is running identified as the place to which
reader-controllers report their new IP addresses. This can be accomplished by configuring
DHCP and or DNS as described above or by configuring the reader-controllers
themselves with the IP address of the computer to which the notifications are sent.
164
February 10, 2014
Software Reference
Appendix B – Installing and Configuring the IP Monitor
The IP Monitor program (ipcrystal.exe) offers advantages of improved
performance and security when running the monitor over the network. Instead of
direct file IO, it uses an IP server to access database tables. The following steps
are required to install and configure the IP Monitor program.
Install the IP Server on the system where the Crystal software is
installed
165
February 10, 2014
Software Reference
You can use the windows services manager to set other parameters associated
with the service.
Configure the IP Data Server
The first step is to run the RMAdmin.exe program.
166
February 10, 2014
Software Reference
Here is the initial screen:
Set username Administrator with the password field blank
167
February 10, 2014
Software Reference
Next, right click on the Data Manager and choose Register Data Managers from
the pop up menu.
168
February 10, 2014
Software Reference
Here is the final result
Create a Shortcut to IPCrystal.exe on the Remote Computer
The recommended technique is to create a shortcut that points to the
ipcrystal.exe program on the computer where the ISONAS Crystal Matrix
software is installed. This shortcut executes the program over the network and
simplifies the process of installing future software upgrades. An alternative
approach is to install the full ISONAS Crystal Matrix software on the remote
computer and then create a shortcut that executes the IPCrystal.exe program
which is stored locally.
Here an example of the required shortcut as recommended:
169
February 10, 2014
Software Reference
Appendix C – ThyssenKrupp Elevator Systems Interface
The ISONAS Crystal Matrix software provides an interface to ThyssenKrupp
Destination Dispatch Systems. This interface uses a variant of the Modbus
IOModule support described earlier in this document, and interfacing to multiple
DDS systems is supported.
The ISONAS Elevator configuration is a three step process
1) Define the overall physical layout of the elevator, within the ISONAS
system
2) Define one or more subsets of the elevator’s landings. These subsets are
used when granting access privileges to the system’s users.
3) Define the ISONAS Permission(s), which specify:
a. “Who” -- What group of people are allowed access
b. “Where” – What subset of landings are available
c. “When” -- During what time-frame is this access allowed
170
February 10, 2014
Software Reference
Defining the TKSup (ThyssenKrupp IO Supervisor)
Define an IOSupervisor and select the ThyssenKrupp communications protocol.
The Name and two character supervisor Id may be chosen arbitrarily. The
TCP/IP Port that is assigned will be used for communication between the
ISONAS administrative program and the TKSup supervisor program. The only
requirement for this port is that it not be in use by some other process on the
computer where the TKSup program will run. The following additional fields must
be specified:
 ES Group – this is the ThyssenKrupp Elevator System Group number to
which this TKSup will interface and communicate.
 Number Of Landings – this is the number of elevator landings that this
Elevator System has. It can be in the range (1:128).
 Both Front and Rear – The elevator system may be defined to have only
front entrances or to have both front and rear entrances.
Chosing a 52 landing system with Front only causes the system to generate two
(2) IOModules. Each IOModule can define up to 32 landings. The names of the
IOModules will indicate which landings are handled by a given module.
171
February 10, 2014
Software Reference
172
February 10, 2014
Software Reference
Editing the defined IOModules
If you wish, you may change the names of the IOModules and of the individual
landings.
Defining the IOGroup
Once the TKSupervisor and its IOModules have been defined, it is necessary to
define an IOGroup. A single IOGroup can contain a mix of both ThyssenKrupp
IOModules and Modbus IOModules, if necessary.
All of the IOModules that are part of the TKSup should be included in the
IOGroup.
173
February 10, 2014
Software Reference
Associating a Reader Controller with the IOGroup
The defined IOGroup should be specified for the reader controllers that will be
used to summon elevators and select destinations.
Associating Reader Controllers with ThyssenKrupp Entry Devices
The ThyssenKrupp Destination Dispatch System uses the terminology “Data
Entry Device” for the unit that is used to call for an elevator. This may be as
simple as a push button or as complex as an interactive screen console. For the
ISONAS access control system to properly control the elevator system, there
needs to be a one to one pairing of ISONAS reader controllers and
ThyssenKrupp Data Entry Devices.
174
February 10, 2014
Software Reference
Internally, when a user presents a credential to the ISONAS reader, the ISONAS
system communicates with the ThyssenKrupp system to tell the elevator system
which landings the person should be allowed to select. This information then
needs to be used by the elevator system to enable the selection of the allowed
landings from the specific Data Entry Device location.
The recommended way to obtain an accurate list of the Data Entry Devices is to
start the TKSup program that has been defined to communicate with the elevator
system. As part of the initialization process, the ISONAS system will obtain the
configuration of the data entry devices within the Destination Dispatch System.
Once this configuration has been obtained you may view it and map DED units to
Reader Controllers.
175
February 10, 2014
Software Reference
Defining IOProfiles
You may then define IOProfiles for the IOGroup landings:
For each IOModule, the IOprofile(s) specifies a subset of landings which are
available or prohibited.
176
February 10, 2014
Software Reference
Assigning Permissions including Profiles
You then create a permission record with a profile specified. When that
permission record is used to grant access, the IOProfile will be used to tell the
ThyssenKrupp Destination Dispatch system which floors/landings should be
made available.
Initializing Landing Access using Business Rules
You may initialize the state of an Elevator System using the Business Rules.
Selecting a profile and a shift will cause the system to use the selected profile to
initialize the elevator system at the beginning of the specified shift.
177
February 10, 2014
Software Reference
Appendix D – Redundant and Overlapping Permissions
The system permits you to define redundant and overlapping permissions and
correctly compiles and implements them. However, there are two problems that
may be introduced if you have these in your configuration:
 The compilation process will be less efficient and will require more time
 The overall permission scheme will be more complex, making it more
difficult for a person to understand and administer.
As an example, consider a hospital which has Nurses and Medicine cabinets.
Here is the simplest permission scheme:
All nurses assigned to
one people group
All cabinets assigned to
one DoorGroup
NursesGroup has rights
to CabinetGroup
A more granular permission scheme is to have separate groups of people with
rights to separate sets of cabinets. With this scheme some nurses are assigned
to one group and have rights to one cabinet, some are assigned to the other
group and some are assigned to both people groups.
PeopleGroupA
PeopleGroupA has rights
to Cabinet 1
PeopelGroupB has rights
to Cabinet 2
PeopleGroupB
If there are lots of nurses who have rights to both it may be more convenient to
create a group for the “both” case.
PeopleGroupA
to Cabinet 1
to Cabinet 2
PeopleGroupAB has
rigthts to Cabinet1
PeopleGroupAB has
rights to Cabinet2
PeopleGroupB
PeopleGroupAB
PeopleGroupAB
178
February 10, 2014
Software Reference
A simplification of this structure is to create a DoorGroup
PeopleGroupA
PeopleGroupB
PeopleGroupAB
Cabinet1 and Cabinet2
are in DoorGroup12
to Cabinet 1
to Cabinet 2
PeopleGroupAB has
rigthts to DoorGroup12
Now consider what happens if a nurse is assigned to both PeopleGroupAB and
PeopleGroupA.
This creates two permissions that give the person the exact same rights to
Cabinet. The Crystal Matrix system will accept this redundant permission
definition and will process it correctly, but there will be two negative aspects to
the situation:
1) The compile process will be less efficient and will require more time
2) The administration of the system will be more difficult. If at some future
time the nurse has a change of assignment and should no longer have the
rights to Cabinet1 the administrator has to remember to delete them from
both groups and add them in to PeopleGroupB.
The best practice in creating permissions is to plan the definition of
PeopleGroups, DoorGroups and Permissions so that the overlap is minimized.
Start with the business rules you want the system to implement. Identify large
classes of people and doors that will be treated “the same” and define them as
people groups and door groups. Then consider the smaller groups of people and
doors and avoid having the doors more than one group.
179
February 10, 2014

Software Reference Manual

Transcription

Similar documents

In the bars of the Northern Zone a “joint” of marijuana can cost 20

Zak McKracken – Mayan Maze Map

How to search in Cause List

McGuffey`s 3rd Reader - Eclectic Education Series

Rilo Kiley After Hours

The Blanc - Westeck Windows and Doors

SCP60

portable usb dj mixer + scratch controll er + dj software

“Over 125 Years of Quality” Double Acting Spring Hinges