beautypg.com

Grass Valley K2 Media Client System Guide v.3.3 User Manual

Page 141

background image

June 9, 2009

K2 Media Client System Guide

141

Protocol control of channels and media access security

On a K2 Storage System, the users and groups referenced by media access security
features are the users and groups on the K2 Media Clients, not the K2 Media Server.
To simplify account setup and maintenance, you can use domain users and groups
rather than local users and groups.

If you use local users and groups, to support media access security you must have
those same exact local accounts set up on each K2 Media Client within the K2 Storage
System. However, you don’t need to set up security via AppCenter on each K2 Media
Client. When you modify permissions on a shared storage bin from one K2 Media
Client, then permissions are enforced similarly on all of the K2 Media Clients in the
K2 Storage System.

Protocol control of channels and media access security

Protocol security restricts a channel in its access to the media in a bin, regardless of
what user is currently logged on to AppCenter. This is different than the other types
of media access security, in which the security restricts the user (as currently logged
on to AppCenter) in their access to the media in a bin, regardless of what channel is
being used.

Nevertheless, permissions for protocol channels are still derived from user accounts.
In AppCenter’s Configuration Manager, on the Security tab you can associate a user
account with a channel of protocol control. Based on that association, when a protocol
controls the channel, AppCenter checks the credential information for the associated
user account against the access control list for a K2 bin. This is the access control list
that you set up through the Organize Bins dialog box in AppCenter. In this way,
AppCenter determines whether to allow or deny that channel’s operations on the
media in the bin.

By default, protocols have administrator privileges for media access. In addition,
protocols are always allowed access to a channel.

To associate a protocol channel with a user account, do the following:

1. Make sure you are logged on to Windows and AppCenter with administrator

privileges.

2. Create user accounts and bins as necessary to support your permission policies.

3. Click

System | Configuration

. Configuration Manager opens.

4. Click a channel tab.

5. Click the

Security

tab.

This manual is related to the following products:
See also other documents in the category Grass Valley Equipment: