Preview only show first 10 pages with watermark. For full document please download

Morpho/bioscrypt V-prox

Rating
Date

September 2018
Size

1.7MB
Views

9,635
Categories

Home Home security & automation Security door controllers

Transcript

System Galaxy Quick Guide CONFIGURATION AND OPERATION Bioscrypt 4G V-Flex(PROX) SG 10|APR 2011 [4G V-Flex/V-PROX] WIN XP System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide System Galaxy Quick Guide BIOSCRYPT / L-1 Information in this document is subject to change without notice. Therefore, no claims are made as to the accuracy or completeness of this document. Galaxy Control Systems makes no claims on the requirements or limitations of software or devices of 3rd Party Manufacturers. Every effort is made to include all known requirements and capabilities as they relate to System Galaxy. Information herein may not supersede requirements of 3rd party manufacturers. Configuration & Operation V‐Flex 4G, V‐PROX, Vers 4.1.10 1st Edition Apr 2011 Revised July 2011 Copyright © 2011  Galaxy Control Systems  All rights reserved No part of this document may be reproduced, copied, adapted, or transmitted, in any form or by any means, electronic or mechanical, for any purpose, without the express written consent of Galaxy Control Systems. Copyright protection claims include all forms and matters of copyrighted material and information, including but not limited to, material generated from the software programs, which are displayed on the screen such as icons, look and feel, etc. Trademarks Microsoft®, Windows®, Windows NT®, MSDN® and SQL ServerTM are registered trademarks of Microsoft Corporation in the U.S. and other countries. DbaMgr2k may or may not be a registered trademark in the U.S. and other countries. Bioscrypt is a trademark of Bioscrypt Inc. Adobe®, Acrobat® are registered trademarks of Adobe Systems Inc. Graphics and illustrations by Technical Writer. Galaxy Control Systems 3 North Main Street Walkersville MD 21793 www .galaxysys. com Page 2 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide Table of Contents 1. INTRODUCTION TO THE BIOSCRYPT INTERFACE.................................................4 INFORMATION COVERED IN THIS MANUAL.......................................................................................4 TYPES OF BIOMETRIC CREDENTIALS SUPPORTED...........................................................................4 OVERVIEW OF GALAXY ENROLLMENT PROCESS ........................................................5 SYSTEM INTEGRATION VIA SHARED or LINKED SQL SERVERS ...........................................................5 HOW BIOMETRIC CREDENTIALS ARE MADE .....................................................................................5 HOW BIOMETRIC CREDENTIALS ARE STORED .................................................................................5 INTEGRATION REQUIREMENTS (order dependent) ...................................................6 2. SYSTEM INSTALLATION ............................................................................................7 INSTALL READER HARDWARE ........................................................................................................7 READER WIRING CHART ................................................................................................................7 INSTALL SYSTEM GALAXY v10.0 (or higher) .......................................................................................8 INSTALL SECURE ADMIN DATABASE SERVER ..................................................................................8 INSTALL SECURE ADMIN CLIENT ..................................................................................................13 3. REGISTER & CONFIGURE V-Flex (Prox) Device in Secure Admin ......................15 REGISTER L-1 READER IN SECURE ADMIN (SADB) ..........................................................................15 TCP/IP vs. USB ............................................................................................................................15 IF using TCP/IP to detect and register, follow the step 6 below:................................................................17 IF using USB to connect and register, follow the step 7 below:.................................................................18 To continue registering, follow the steps below:....................................................................................19 CONFIGURE L-1 DEVICE SETTINGS for V-FLEX (PROX) ....................................................................21 Configuring Device Mode: ...............................................................................................................22 Configuring Wiegand Format:...........................................................................................................23 CREATING CUSTOM 32-BIT WIEGAND FORMAT...............................................................................25 VIEW TEMPLATES IN L-1 READER .................................................................................................26 4. SYSTEM GALAXY CONFIGURATION ......................................................................27 REGISTER the L-1 READER IN SYSTEM GALAXY (SysGal database) ....................................................27 ENABLE BIOSCRYPT AS THE ENROLLMENT SYSTEM AT SG WORKSTATION......................................28 CONFIGURE THE READER PROPERTIES FOR AN L-1 READER IN SG .................................................29 5. ENROLLING & MANAGING TEMPLATES................................................................30 ENROLL FINGERPRINT [IDENTIFY MODE] IN CARDHOLDER SCREEN.................................................30 ENROLL CARD AND FINGERPRINT [VERIFY MODE] IN SG CARDHOLDER ...........................................32 See the Appendix (section 6 of this guide) for more indications and messages associated with connecting, capturing, saving and loading templates.LOADING ALL TEMPLATES UTILITY...................33 LOADING ALL TEMPLATES UTILITY................................................................................................34 6. APPENDIX: TROUBLESHOOTING ...........................................................................35 GALAXY MESSAGE LOGGING (Communication Control Window)...........................................................35 GALAXY USER MESSAGES - BY OPERATOR ACTION .......................................................................36 REGISTER READER with USB (private LAN/ not using DHCP) ...............................................................39 ADDING A LINKED SQL CONNECTION STRING TO SYSGAL...............................................................40 Page 3 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 1. INTRODUCTION TO THE BIOSCRYPT INTERFACE For convenience, this manual includes basic setup in SecureAdmin for the 4G V‐FLEX PROX Reader software that is required to integrate with System Galaxy. Consult the Bioscrypt Manuals for instructions on any SECURE ADMIN features not covered in this document. INFORMATION COVERED IN THIS MANUAL This manual covers the following …  Hardware wiring from the 4G V‐FLEX PROX reader to the Galaxy access control panel  Basic install steps for SecureAdmin Server/Client (as example – see Manufacturer’s Guide for in‐depth)  Configuration of shared SQL Server settings  Registering the 4G V‐FLEX PROX reader within the SecureAdmin  Configuring 4G V‐FLEX PROX device’s Reader Mode and Wiegand Settings in SecureAdmin  Registering and setting System Galaxy for Biometric Support using L‐1 Solutions  Configuring Galaxy reader port to work with the 4G V‐FLEX PROX reader  Enrolling credentials from within System Galaxy  Mass loading templates to a reader from System Galaxy TYPES OF BIOMETRIC CREDENTIALS SUPPORTED System Galaxy 10 (SG 10) integrates with the Bioscrypt L‐1 V‐Flex 4G, V‐PROX reader as follows: CURRENTLY SUPPORTED ON WINDOWS XP ONLY READER MODE IDENTIFY (1:N) SECURE ADMIN CARD FORMAT SYSTEM GALAXY CARD FORMAT Custom 32‐bit Wiegand (a) Galaxy Standard 26‐bit‐pass‐thru 26‐bit Wiegand HID Corporate 1000 HID Corporate 1000 CREDENTIALS finger‐only 10K Templates VERIFY (1:1) Prox card + finger in device 500K Templates Card Only (b) Prox card pass through Same as VERIFY mode (a) Custom 32‐bit Wiegand must be manually created in SecureAdmin (i.e. is not predefined); Note: the code is required for identification in access control panel ‐ a physical card is not issued. (b) Card Only mode, means the reader uses VERIFY mode, but disables biometric verification for all users. You must enroll both card and fingerprints for all users. Biometric verification is disabled after templates are loaded to the reader. All credentials are sent to the access control panel without finger verification. Page 4 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide OVERVIEW OF GALAXY ENROLLMENT PROCESS Fingerprints must be enrolled from System Galaxy. SG does not pull templates from SADB. Card and Template data are stored in the SysGal database (i.e. not in the SADB). SYSTEM INTEGRATION VIA SHARED or LINKED SQL SERVERS System Galaxy uses Linked or Shared SQL server to SecureAdmin (SADB) connection to pull the List of L‐1 Devices and IP Addresses for enrolling and mapping readers to doors. System Galaxy warns the operator at time of log‐in that biometric features are disabled if SQL Database connection cannot be established. HOW BIOMETRIC CREDENTIALS ARE MADE The System Galaxy captures the fingerprint/s and card code and assigns access privileges. The credential is automatically loaded to the reader when cardholder record is saved. HOW BIOMETRIC CREDENTIALS ARE STORED The fingerprint templates are also stored in blob format in the System Galaxy database. Page 5 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide INTEGRATION REQUIREMENTS (order dependent) 1. System Galaxy & SecureAdmin Databases are both compatible with SQL Server 2005 or 2008 2. System Galaxy 10.0 server/database should be installed before the SecureAdmin Server. 3. SecureAdmin software 4.1.10 is only supported on Windows XP 4. SecureAdmin server / client 4.1.10 must be installed using the setup.exe - found in the Installers/L1 folder on the Galaxy DVD (disk 1). 5. During the SecureAdmin server install, select DEFAULT CERTIFICATE. 6. Systems must be properly configured to support SQL Server connection: a) For shared SQL Server Instance (default option): choose to install on existing SQL server. Supply the SysGal database connection parameters when prompted by SecureAdmin install program. b) For Linked Server: you can install SecureAdmin on separate servers and use a connection string to link the databases. Insert the SQL connection path in SysGal’s SADB_PATH column of the L1_SADB_INFO table. You must also enter a 1 in the L1_ENABLE column. String example: [server_name\instance_name].[database_name].[owner_name] 7. Each L-1 Reader must be registered via server in the SecureAdmin software before SG can connect. a) Secure Registration is done with the USB Cable that comes with the reader. When the Device Driver Wizard opens, you must browse to the 4gserial folder (located on the SecureAdmin server in Program Files\Bioscrypt\SA\SecureAdmin Server\4gserial. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. b) The reader must be configured for TCP/IP communication using valid IP settings for the same broadcast domain as the Galaxy enrollment workstation. In SecureAdmin, each reader must be configured for the correct card format (“26bit Pass-thru”, HID Corp 1000, and custom “Galaxy 32bit Wiegand” are supported). You must enroll fingers from the System Galaxy cardholder screen. Templates are stored in BLOB format in the Galaxy database. System Galaxy 10.0 supports enrollment and interoperation using IDENTIFY (finger-only) and VERIFY (prox+finger in reader) modes with the Base and Prox models of the V-flex and V-station. SG 10.0 does not support Smart Card enrollment. SG 10.0 does not support PIN modes or memory expansion in the Vstation. SG must be registered for Biometric Support (Corporate or Enterprise) in System Registration. SG must have L-1 Solutions chosen as the biometric system in System Settings screen. SG must have L-1 Solutions chosen for the reader technology, and the specific L-1 Reader Name must be assigned to the door in the Reader Properties screen. Load Templates must be “checked”. System Galaxy must be able to connect to the SADB when it starts up and operator signs in. If unable to connect, the software displays a warning that the L1 Features will be disabled, You can capture from 1 to 10 prints per card. Prints are captured in the Enrollment screen and held in memory until the APPLY button is pressed in the main Cardholder screen. Authorized templates are sent to each reader when the Cardholder APPLY button is pressed. Likewise, templates are removed from each reader when the APPLY button is pressed. “Authorized templates” must have (a) valid loop privileges, (b) valid access group, and (c) the Send Templates option “checked” in the Cardholder screen. NOTICE: the Load Templates option must be “checked” in the reader properties. 18. The L1 Load Utility will ‘bulk’ load all authorized templates on a per reader basis. Page 6 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 2. SYSTEM INSTALLATION INSTALL READER HARDWARE Also see the Bioscrypt documentation for additional wiring information.  Wire the L‐1 Reader to the DPI board in the System Galaxy access control panel (508i or 600/635)  Connect the L‐1 Reader to the network/LAN READER WIRING CHART 1. The reader comes with a power supply. See the manufacturer’s documentation for how to control power to the reader. 2. The reader comes with a USB serial cable that can be used to register the reader into the SADB 3. The reader requires cat‐5e network cable / connection to the LAN. This is required in order to integrate the reader with System Galaxy enrollment. 4. The reader also comes with a pigtail for wiring to an access control panel. The reader data and LED lines wire as shown in the chart below. L‐1 Pigtail (colors) 600 DPI (pinout) 508i (pin color) 7 Wiegand LED In (Grey/Black) LED ( pin 1 ) LED (Brown) 12 Wiegand DOUT‐0 (Green) Data 0 (pin 2) Data 0 (Green) 14 Wiegand DOUT‐1 (White) Data 1 (pin 5) Data 1 (White) 16 WGND (Black/White) GND (pin 4) GND (Yellow) NOTES:  The L‐1 reader can be set to use DHCP enabled to acquire an IP Address.  You must register the reader in Secure Admin before you can use it. This is done from the SecureAdmin software after the reader is installed on online.  The L‐1 Reader is not setup from factory to use WIEGAND OUTPUT – this is done through SecureAdmin software.  You can enroll fingerprints from the L‐1 Reader finger sensor (no extra scanner needed). The reader that is used for enrollment must be registered and able to connect to the client via USB or via TCP/IP.  IMPORTANT: Do not use the SecureAdmin to enroll users; however these fingers do not transfer from the SecureAdmin database to the System Galaxy database. When making credentials and capturing prints, you should use System Galaxy cardholder screen.  The reader used to capture fingers does not have to be connected to an access panel, but it must be registered, powered on, and online via the cat‐5 network cable.  If you enroll from a reader that is connected to a panel, it will cause the lock relay to activate (unlock door) each time you enroll or verify prints. Page 7 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide INSTALL SYSTEM GALAXY v10.0 (or higher) System Galaxy must be installed using the GalSuite installer which is located on Disk‐1. The GalSuite installer is designed to auto‐run when Disk‐1 is inserted into the disk drive. Insert the GalSuite Disk‐1 and run each part in sequential order. 1. Install Part 1 of the GalSuite from Disk‐1 (required to install Prerequisites Components) 2. Install Part 2 of the GalSuite (required to install SQL Server/Components & Database) 3. Install Part 3 of the GalSuite (required to install System Galaxy software & utilities) INSTALL SECURE ADMIN DATABASE SERVER This section covers the basic instructions to install the Secure Admin Database Server. 1) On the GalSuite DVD in the INSTALLERS\L1 FOLDER 2) Run the SETUP exe 3) click Server Installation Page 8 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 4) Accept the license agreement and advance to the next screen 5) Choose the default install path in program files folder even on WIN‐7 6) Connect to existing SQL Engine. a) To use shared server instance, (installing SECUREADMIN on the same server/instance as SysGal database, choose to install on selected SQL Server and choose the same instance that SysGal uses. Provide the Authenticated login parameters. Page 9 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide b) IF YOU ARE USING LINKED SQL SERVER: you will need to edit the L1_SADB_PATH table.     Open MS SQL Management Studio and Log in with the SA login and password Expand the SysGal database and open the L1_SADB_PATH table. Type the numeric value 1 into the L1_ENABLED column (0 disables the connection string) Type the connection string into the SADB_PATH column using correct syntax. SYNTAX EXAMPLE: [server_name\instance_name].[database_name].[owner_name] Note: if you are using a SQL script to insert the path, you do not need quote marks around the number 1 to enable the path, but you do need single quotes around the path since it is a text string. 7) Choose DEFAULT CERTIFICATE. 8) Enter the Administrative login and password (remember this login, you will be required to enter it to sign into the Client software when the installations are complete) Page 10 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 9) The Install Wizard will install the SecureAdmin Server. Page 11 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 10) After installing the System Galaxy and SecureAdmin servers, you must enable read and write privileges of the SADB in the SQL Server engine. a) Open Management Studio and login/connect to the System Galaxy instance b) At the instance branch level, choose SECURITY > LOGINS c) Right‐click gcs_client login name and select PROPERTIES d) Choose USER MAPPINGS on the left menu e) Check the SADB database in the upper window f) the following roles must be checked/enabled: db_datawriter, db_datareader, db_backupoperator, and public g) click OK System Galaxy pulls the IP parameters, serial number, group and device names of each L‐1 Reader from the SADB. This data is used for mapping readers to doors, and connecting to readers for enrollment of finger templates and card codes. Page 12 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide INSTALL SECURE ADMIN CLIENT This section covers the basic instructions to install the Secure Admin Client. 1) Install the client software at the same workstation that will be a enrollment station 2) Accept the license agreement and advance to the next screen 3) Choose the default install path in program files folder even on WIN‐7 Page 13 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 4) Choose how to display fingerprint image and select DEFAULT CERTIFICATE as you advance through the next screens. 5) Check the desktop ICON as desired 6) Exit the Install Wizard when completed Page 14 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 3. REGISTER & CONFIGURE V-Flex (Prox) Device in Secure Admin Before you can enroll templates from the System Galaxy software, you must properly register and configure the reader in the SecureAdmin database (SADB). Once the SecureAdmin configuration is completed, you can setup the reader in System Galaxy. This section covers:  Registering an L‐1 Reader in SADB  Configuring an L‐1 Prox (V‐Flex, Prox) for VERIFY mode (Card+Biometrics in Device)  Configuring an L‐1 Prox (V‐Flex, Prox) for IDENTIFY mode REGISTER L-1 READER IN SECURE ADMIN (SADB) TCP/IP vs. USB 1) Apply power to the L‐1 reader and connect your reader to the PC or LAN to register a) TCP/IP ‐ Connect the reader to the network using Cat5e cable. The reader should be on the same broadcast domain as the SecureAdmin Server/PC. b) USB ‐ Connect the reader to the PC using the USB cable that is provided with the reader). If the Device Driver Wizard opens, you must browse to the 4gserial folder, which is located on the SecureAdmin server in Program Files\Bioscrypt\SA\SecureAdmin Server\4gserial. 2) Start / Login the Secure Admin software Page 15 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 3) The Client software will open as follows when the login is correct: 4) Expand (open) the NETWORK menu by clicking on the Network button on the left side 5) Choose Register via Server Page 16 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide IF using TCP/IP to detect and register, follow the step 6 below: 6) Choose Ethernet option a) Check Search Automatically to detect all readers on the broadcast domain.  NOTE: it is alternately possible to enter a specific IP Address or an IP Range to search for devices. If you search by specific or range of addresses you should uncheck the automatic search option. b) Click [ SCAN ], the device will appear in the Available Devices list view.  NOTE: the DHCP option might be enabled from the factory. If you do not have a DHCP server, or simply cannot detect the reader using TCP/IP, you can use the USB cable to connect to the device (see step 7 to detect the device via USB Cable). c) Click the Reader icon in the Registration Status column (icon shows a yellow plus sign if it is not registered). d) Advance to Step 8 to continue registration instructions. Page 17 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide IF using USB to connect and register, follow the step 7 below: 7) CHECK the Serial Connection / Com Port option in the left corner a) Set the Baud Rate to “Auto”. b) Click [ SCAN ], and the device will appear in the Available Devices list view. c) Click the Reader icon in the Registration Status column (icon shows a yellow plus sign if it is not registered). Page 18 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide To continue registering, follow the steps below: 8) UNCHECK the Obtain IP from DHCP if you do not intend to use DHCP addressing 9) If you are using a static IP Address for the device, then set the IP Address, Subnet and Gateway as required to operate on your network. Data shown in the screenshot below is only an example. 10) Click NEXT to continue 11) Create a descriptive Device Name for the reader 12) Assign the reader to a Group 13) Click REGISTER Page 19 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 14) The device will be added to the SecureAdmin database (SADB) 15) CLICK OK to return to the NETWORK screen.  To ensure that DHCP is set properly, go to the Device Settings page and open the Communications tab. Be sure that DHCP is set up as needed (UNCHECKED is off). 16) The READER ICON will now show a yellow checkmark to indicate it is registered. Page 20 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide CONFIGURE L-1 DEVICE SETTINGS for V-FLEX (PROX) 1) Expand the DEVICE SETTINGS menu (left panel) 2) Double‐click on Device Network and double‐click on Default Group (or the group name you used) 3) Double‐click on the reader name that you just registered ‐ this will populate the tabbed setup screens Page 21 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide Configuring Device Mode: 4) select the BIOMETRICS tab (beside the General tab) 5) choose VERIFY or IDENTIFY as appropriate for the Device Mode a) VERIFY (1:1) – this enables the reader to use access cards in combination with fingerprints b) IDENTIFY (1:N) – this enables the reader to use fingerprints only (physical card not issued / used). NOTE: When using Identify mode, System Galaxy will still add a unique card code to the biometric credentials so that the access rules (schedules and door privileges) can be assigned to the user. 6) Click APPLY to save. NOTE : Other settings may be adjusted as needed. You must consult the Bioscrypt manuals concerning options that are not discussed in this document. Page 22 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide Configuring Wiegand Format: 7) select the WIEGAND tab and set the Wiegand Format: a) If using VERIFY mode, choose PREDEFINED option  Set the format to 26‐Bit Pass‐Thru for standard prox cards; or HID Corporate 35‐bits for Corp1000 cards. b) If using IDENTIFY mode, choose the CUSTOM option  Set the format to Galaxy 32 bit. You have to create the 32‐bit format manually. See section about Creating Custom 32‐Bit Format. Page 23 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 8) enable (CHECK) the Activate Wiegand Input option 9) Enable (CHECK) the Activate Wiegand Output option and choose “Always…” 10) Click APPLY to save settings NOTE: in the Wiegand Output Settings (button) you must have Verification Pass option set to NONE. Page 24 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide CREATING CUSTOM 32-BIT WIEGAND FORMAT You must create a Custom 32‐bit Wiegand format if you are using IDENTIFY mode (fingerprint only) . (1) click the [CUSTOM WIEGAND SETTINGS] button ( bottom of the Wiegand screen ) (2) (3) (4) (5) click the EDIT (pencil icon), to open the Wiegand Format dialog create a name and set the field Length = 32 in the Wiegand ID group, set Start = 0 ; set Length = 32 click APPLY to save (now you can use the custom 32bit format in step (7b) ) Page 25 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide VIEW TEMPLATES IN L-1 READER 1) Expand the TEMPLATES menu (left panel) 2) Choose Templates 3) expand Device Network branch 4) expand the DefaultGroup – or‐ the group you that assigned to your reader 5) Double‐click the reader name; the list of templates will populate the list view – these are currently stored in the reader memory. TIP the REFRESH button will renew the list. TIP the yellow checkmark icon will allow you to verify a print when you click it. TIP the Template ID field shows the Wiegand card code that was assigned in System Galaxy TIP if you check the checkbox in the left‐hand column, and click DELETE you can remove a template from the reader. Page 26 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 4. SYSTEM GALAXY CONFIGURATION REGISTER the L-1 READER IN SYSTEM GALAXY (SysGal database)  Start / Login the System Galaxy software as a master operator at the main Communication Server  Go to the CONFIGURE menu to start registration ~ choose Configure > Options > Registration > System 1. Choose the appropriate Product Level (per purchase order) 2. Set the Workstation Count (per purchase order) 3. Enter the Customer and Dealer name and phone 4. Set the correct Expiration Date (per purchase order) 5. CHECK the Biometric Interface Support 6. set any other options as purchased 7. Set the Maximum Readers AND the Maximum No. of Biometric Readers as purchased 8. Enter the Registration Code you receive from Customer Service 9. click APPLY to save changes Page 27 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide ENABLE BIOSCRYPT AS THE ENROLLMENT SYSTEM AT SG WORKSTATION  You must be logged into System Galaxy as a master operator at the workstation  Go to Configure > Options > System Settings ~ choose the General Tab 1. Set the Biometric System to use ‘L‐1 Bioscrypt’ 2. Set the programming reader source as Controllers 3. you can set up any other system options as appropriate if this is the first startup 4. click APPLY to save changes 5. shut down and restart the System Galaxy software Page 28 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide CONFIGURE THE READER PROPERTIES FOR AN L-1 READER IN SG  You must be logged into System Galaxy as a master operator at the main Communication Server  You must have already added your Loop and Controller(s) in System Galaxy software/database  Go to the CONFIGURE menu to configure Reader Properties ~ choose Configure > Hardware > Doors/Readers 1. Select the Loop Name 2. Select the Controller Name 3. select the Reader Name (edit the default name to make it more logical) 4. set the Reader Type to L‐1 Identity Solutions 5. select the General tab 6. select the name of the Device Group that the L‐1 is registered to in Secure Admin software 7. select the name of the Reader that the L‐1 is registered as in the Secure Admin software 8. check the Load Biometric Templates option; (unchecked will stop templates from being loaded to the reader during enrollment or load utility) 9. click APPLY to save Page 29 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 5. ENROLLING & MANAGING TEMPLATES ENROLL FINGERPRINT [IDENTIFY MODE] IN CARDHOLDER SCREEN  You must be logged into System Galaxy as an operator at the main Enrollment Workstation  You must have already enabled the L‐1 Bioscrypt System at the workstation  This is supported with Galaxy Standard format that must have already been configured at the reader.  Go to the CONFIGURE menu to open cardholder screen ~ choose Configure > Cards > Cardholder 1. 2. 3. 4. 5. click the ADD NEW button enter a cardholder name select the Card/Badge Settings tab add a Loop (you may add more than one loop) select an access group for each loop you gave to this card 6. set the Card Technology  ‘Galaxy Standard’ if using IDENTIFY / FINGER ONLY MODE  26 bit Wiegand’ if using VERIFY MODE (PROX Card + finger in device) 7. enter the card code (manually or select next code); card code must be unique in the system 8. check the Send to Readers option; unchecked will stop prints from being loaded to readers Page 30 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 9. click [Scan Fingers] button to open the L‐1 Enrollment Screen a. select the Device Group b. select the L‐1 Device c. click the [Connect] button d. click the finger button above the finger you wish to enroll e. click the [Enroll] button on the same finger you have chosen f. when prompted, you must place your print on the sensor of the L‐1 Reader g. when prompted, you must remove your finger from the reader h. repeat steps ‘d’ thru ‘g’ until you have captured all desired fingers i. click [OK] to exit the Enrollment screen 10. click [APPLY] on the cardholder screen to save the templates to the SG database and send the card id and templates to the readers at the panels (based on the loops you assigned) Place Finger on Sensor NOTE if the finger is not clean or too dry, the L‐1 may report back that the fingerprint could not pass and will not be captured. If finger captures successfully, the L‐1 will report back that the fingerprint passed and the print will be held in the temporary memory at the computer until the record is fully saved. If you cancel or do not save the entire cardholder record, the fingerprint will have to be recaptured. NOTE: a black dot will appear on the tip of the finger image to indicate a template is saved for that finger. NOTE: you can verify (compare) prints from this screen also by clicking on the white dot above the finger and clicking the VERIFY button. Enrollee must place their finger on the reader sensor when prompted to make a comparison. Page 31 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide ENROLL CARD AND FINGERPRINT [VERIFY MODE] IN SG CARDHOLDER  You must be logged into System Galaxy as an operator at the main Enrollment Workstation  You must have already enabled the L‐1 Bioscrypt System at the workstation  This is supported with 26‐bit Wiegand and Corporate 1000 formats  Go to the CONFIGURE menu to open cardholder screen ~ choose Configure > Cards > Cardholder 1. click the ADD NEW button 2. enter a cardholder name 3. select the Card/Badge Settings tab 4. add a Loop (you may add more than one loop) 5. select an access group for each loop you gave to this card 6. check the Send to Readers option; unchecked will stop prints from being loaded to readers 7. click [Scan Fingers…] button to open the L‐1 Enrollment Screen a. select the Device Group b. select the L‐1 Device c. click the [Connect] button; a message appears indicating connection established Page 32 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide d. click the [Read Wiegand ID] Button and quickly present the HID card at the L‐1 Reader e. the Card ID and FAC are captured and populated in the appropriate fields f. select the Finger radio button (above the finger image) of the finger you wish to enroll g. click the [Enroll] button on the same finger you have just chosen h. when prompted, you must place your finger on the sensor of the L‐1 Reader; the reader will scan the finger i. when prompted, you must remove your finger from the reader; Galaxy will display a pass (or fail ) message based on reply from reader. If the finger quality fails, you will need to retry the capture. If the finger quality passes a black dot will appear on the tip of the finger image and a fingerprint will appear in the gray box on the right side. j. repeat steps ‘f’ thru ‘i’ to scan an additional additional finger k. click [OK] to exit the Enrollment screen 8. click [APPLY] on the cardholder screen to save the templates to the SG database and send the card id and templates to the readers at the panels (based on the loops you assigned) 9. The Communication Control Window (message tab) will display the messages that connection was established with each authorized reader and templates stored successfully. If you see a Template format error/corrupt template message in Comm. Control Window, check the offending reader’s template format. The error occurs for any reader whose template formats (BUR, VUR, etc.) is different than the enrollment reader. To resolve this, either use the same format at all readers or enroll an additional finger(s) directly from the reader whose template format differs. See the Appendix (section 6 of this guide) for more indications and messages associated with connecting, capturing, saving and loading templates. Page 33 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide LOADING ALL TEMPLATES UTILITY Also see the Bioscrypt documentation for additional wiring information.  Go to the UTILITY menu to open cardholder screen ~ choose Utility > L‐1 / Bioscrypt > Load Templates to Device 1. Select the DefaultGroup (or all groups; or the group you desire) 2. Select the L‐1 Device (the reader you need); note that only the reader that are connected are shown. Readers whose properties are set to not load (SG Reader Property screen) will not appear in the list. 3. click OK 4. the templates will load and the Communication Control window will open to show logs 5. click HIDE to close the Communication Control window Page 34 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide 6. APPENDIX: TROUBLESHOOTING GALAXY MESSAGE LOGGING (Communication Control Window) Open a Communication Control Window from the View menu in System Galaxy and select the Message tab. You can move the window to the side or downward, so you can access the data entry fields in the Cardholder enrollment screen. Table 1: Communication Control Message Log Comm. Control Message Log Communication Closed Communication established successfully Device timed out wile waiting for user action Error TCP/IP Socket Finger not detected No response from device Template was erased on device successfully Template was stored on device successfully Unable to access com port. Meaning This message indicates the currently open connection to the reader is closed. This occurs when the SG operator exits the L1 Enrollment screen This message indicates that SG has successfully connected to the L1 reader over TCP/IP. This occurs when the SG operator CONNECTS to the reader from the L1 Enrollment screen; and when the templates are loaded to the reader (either when Cardholder APPLY button is clicked or the Load Utility is sending) This message indicates that the reader timed out. Time Out occurred because card was not presented to the reader correctly or within the time allotted; or the wrong card format/type card was presented. This message indicates that the reader was not online to the SADB when System Galaxy was signed‐in and connected to the SADB. Restart SG after restoring reader to online status. Finger was not placed on the sensor in time or at all. This message indicates that the reader is not online. Restore reader power or IP connection to recover. This message indicates that a template was deleted through the SG Enrollment screen. This message indicates that a template was capture and saved/loaded from SG Cardholder or Load Utility. This message indicates that the specific reader has not been selected before the operator clicks the CONNECT button. Page 35 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide GALAXY USER MESSAGES - BY OPERATOR ACTION The following messages appear in the System Galaxy application and the Communication Control window during integrated operation. (the Comm. Control window opens from the View menu) Table 2: Connecting to L1 Reader in SG Enrollment CONNECTING to READER ‐ L1 Enrollment screen OPERATOR ACTION click the CONNECT button when a  {reader } is selected click CONNECT button when a {reader } is selected  click CONNECT button when a {reader } is selected  click CONNECT button when reader is not selected  SG INDICATION MESSAGE LOG (L1 ENROLLMENT screen) (COMM CONTROL screen) Confirmation “{Reader} ‐ Communication Communication established successfully”. established successfully Error “[!] Error opening TCP/IP socket.” Error opening TCP/IP socket.” Reason: reader was offline in SADB at the time System Galaxy was started. Resolution: restore reader power & Ethernet connection. Restart Galaxy. Error “[!] No response from device.” No response from device. Reason: reader has gone offline, lost power or Ethernet connection after System Galaxy was started or signed‐in. Resolution: restore reader to online status (power / Ethernet connection). Restart Galaxy. Error “[!] Unable to access com port. Possibly in use by another application.” Reason: reader is not selected. Resolution: select reader before connecting. Page 36 of 40 Unable to access com port. Possibly in use by another application. System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide Table 3: Capture Card Code (VERIFY MODE) READ / CAPTURE CARD CODE ‐ L1 Enrollment screen Select [Read Wiegand ID ] button SG INDICATION (L1 ENROLLMENT screen) Card code and facility code are captured and populate Enroll ID & FAC field. No system message generated. Error “[!] The device timed out while waiting for user action.” Select [Read Wiegand ID ] button Reason: 1. Card was not presented/or read. 2. Card is the wrong format / type Resolution: 1. Present card within time allotted 2. Present the correct card type Error “[!] Card code is a duplicate. The n/a card is assigned to ‘other name’.” OPERATOR ACTION Select [Read Wiegand ID ] button    Select [Read Wiegand ID ] button  Reason: card is already enrolled for the cardholder name that is shown. Resolution: get a new card or delete the existing card from the other cardholder. Error “[!] No Response.” MESSAGE LOG (COMM CONTROL screen) n/a The device timed out while waiting for user action. No response from device. Reason: reader has gone offline. Resolution: restore reader connection. Table 4: Enroll Finger Template (IDENTIFY OR VERIFY MODE) ENROLL FINGER ‐ L1 Enrollment screen SG INDICATION OPERATOR ACTION (L1 ENROLLMENT screen) Prompt 3 = Enroll Passed  Click a Finger ENROLL button (black dot appears on enrolled finger ) (after connecting to reader (also after PROMPT 3 = Enroll Failed enrolling card code if in VERIFY mode)) (no black dot or template image) Prompt 1 = Place Finger on Sensor  Reason: poor quality of print. Prompt 2 = Remove Finger Resolution: retry; use better finger; make sure sensor is clean, etc, Click a Finger ENROLL button Error “[!] No Finger Detected.” MESSAGE LOG (COMM CONTROL screen) n/a  Click a Finger ENROLL button when Enroll ID is empty/blank.  Reason: finger not placed on sensor. Resolution: retry; Error “[!] Please supply numeric Enroll ID larger than 0”. Reason: reader is in VERIFY mode. Resolution: enroll/read card code before you try to enroll a finger. Page 37 of 40 n/a Finger Not Detected n/a System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide Table 5: Verify Finger Template VERIFY/COMPARE TEMPLATE ‐ L1 Enrollment screen SG SYSTEM MESSAGES OPERATOR ACTION (L1 ENROLLMENT screen) Prompt 3 = Verify Passed  (finger passes the verification check ) Select [Verify Template ] button Prompt 1 = Place Finger on Sensor PROMPT 3 = Verify Failed (finger fails the verification check) Prompt 2 = Remove Finger  Reason: poor quality of print. Select [Verify Template] button  Resolution: retry; ensure sensor is clean. Error “[!] Timed out waiting for user.” L1 MESSAGE LOG (COMM. CONTROL screen) n/a n/a n/a Reason: finger not presented or read. Resolution: retry; ensure sensor is clean. Table 6: Closing Enrollment CLOSE L1 Enrollment screen OPERATOR ACTION  Click [Close] button SG INDICATION (L1 ENROLLMENT screen) No system message generated. Operator returns to the main Cardholder screen when L1 Enrollment screen closes. MESSAGE LOG (COMM CONTROL screen) Communication was closed. NOTE: At this time templates are held in memory. NOTE: Templates are sent to reader* and stored in Galaxy database as blob data when the operator clicks the APPLY button in the main cardholder screen. * Load/send templates option must be checked in the Cardholder screen and in the reader properties screen, reader must be online and able to receive data over IP; card must have loop and access privileges assigned. IMPORTANT: if you Cancel out of the main Cardholder screen after enrolling, the data being held in RAM will be dumped and nothing will be saved / sent to reader. Table 7: Save/Apply Cardholder and Send Templates to Reader APPLY EDITS/SEND TEMPLATES ‐ Cardholder Screen SG INDICATION OPERATOR ACTION (L1 ENROLLMENT screen) Click [Apply] button NOTE: At this time, templates are sent to reader(s) and  (after enrolling card stored as Blob data in Galaxy database. and/or templates) [!]  MESSAGE LOG (COMM CONTROL screen) Template was stored successfully. Template format error message in Comm. Control Window occurs for any reader whose template formats (BUR, VUR, etc.) is different than the enrollment reader. To resolve this, either use the same format at all readers or enroll an additional finger(s) directly from the reader whose template format differs. Click [Apply] button (after deleting templates) No system message generated. NOTE: At this time, templates are removed from reader(s) and Galaxy database. Page 38 of 40 Template was erased on device successfully. System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide REGISTER READER with USB (private LAN/ not using DHCP) 1. Do not connect L1 to the network cable yet (factory may have DHCP on) 2. power up L1 reader (wait for all beeps to sound – this takes a couple of mins) 3. connect by USB cable from L1 device to the PC 4. when device wizard opens, browse to the 4gserial folder  Program Files\Bioscrypt\SA\SecureAdmin Server\4gserial  Note if you are using Windows7 you may need to copy the 4gserial driver to the Windows\System32 folder and then update the driver path to that location. 5. complete the PC device driver setup 6. look in the PC Device Manager to find out which COM port the 4gserial device is using 7. start up (log into) SecureAdmin software 8. choose the NETWORK menu and select REGISTER VIA SERVER 9. “check” the COM port that the Device Manager identified as the 4gserial device (SecureAdmin will not filter out other active com ports) 10. select AUTO for the baud rate 11. click the SCAN button; the device will display in the list with a yellow plus symbol 12. double‐click on the device icon that shows the yellow plus symbol 13. click NEXT (do not program IP Address at this time) 14. enter a device name and assign the default group 15. click REGISTER to complete registration; click OK and close to exit. 16. go to DEVICE SETTINGS menu, expand the default group and double‐click the reader 17. select the COMMUNICATION TAB and make sure DHCP option is unchecked 18. now “check” ETHERNET option and add the network address parameters you desire 19. click APPLY to save network settings 20. go to NETWORK TREE and right‐click the reader, choose Change Connection 21. select the ETHERNET option and put in the IP Address and click UPDATE Reader should be correctly connected and able to talk. This process is the one L‐1 Tech Support walked me through Page 39 of 40 System Galaxy Quick Guide for Bioscrypt / L‐1 Setup and Enrollment System Galaxy Quick Guide ADDING A LINKED SQL CONNECTION STRING TO SYSGAL After you install the Galaxy database server and the SecureAdmin Server, you must enable the linked SQL connection and add the connection string in the SysGal database.  Open SQL Server Management Studio.  Use the SA login to connect to the GCSSQLEXPRESS instance  INSERT a 1 in the L1_ENABLED column and the correct SQL connection string into the SADB_PATH column of L1_SADB_INFO table in SysGal database Example syntax of SQL connection string: [server_name\instance_name].[database_name].[owner_name] NOTE - if you are using a shared (same) SQL instance, the connection string and L1 enabled value will be automatically inserted when you follow the database installation and configuration steps in this manual. Page 40 of 40

Morpho/bioscrypt V-prox

Rating

Date

Size

Views

Categories

Share

Transcript