Access Management > Users
Enable Access Control and manage local users on the Q-SYS Core, including assigning user Access Management > Roles.
Enabling Access Control
CAUTION: By default, the Q-SYS Core is unprotected. For security purposes, QSC recommends that you enable Access Control, create users, and assign permissions to restrict access to the Core.
By default, Q-SYS Cores ship with Access Control disabled. To enable Access Control and create an Administrator account:
- Click Enable Access Control.
- Enter a Username and Password. Usernames must not contain spaces. Passwords must be at least 8 characters in length.
- Click Create.
You must now sign in with those credentials whenever viewing or modifying your Core configuration in Q-SYS Core Manager.
CAUTION: Do not lose your Administrator account credentials.
Adding Users
When you enabled Access Control, you created an account with Administrator privileges to the Q-SYS Core. However, you can create additional user accounts and assign permission levels as you require.
Tip: Before adding a new user, you can create a custom user role first. Refer to the Access Management > Roles topic to learn how.
-
Click + New User.
-
Type a Username. Usernames must not contain spaces.
-
Select a User Role. These three roles are standard—Administrator, Technicians, and Viewers, but any custom Access Management > Roles you have created are also assignable.
Note: Administrators and Technicians can enable user access for the External Control Protocol and File Management Protocol. These permissions are set in Q-SYS Administrator using separate user PINs specifically for these purposes.
-
Enter a Password for the account. Passwords must be at least 8 characters in length.
-
Click Create.
Role Permissions
The following tables summarize the permissions for each built-in role.
Core Manager Permissions
|
Capability |
Administrator |
Technician |
Viewer |
|---|---|---|---|
|
View all Core settings and features |
✓ | ✓ | ✓ |
|
Modify Core settings |
✓ | ✓ | x |
|
Deploy design files |
✓ | ✓ | x |
|
Update Core firmware |
✓ | ✓ | x |
|
Enable / Disable Access Control |
✓ | x | x |
|
Create, edit, or remove users |
✓ | ✓ | x |
|
View existing users |
✓ | ✓ | x |
|
Launch PIN-protected UCIs (without PIN) |
✓ | ✓ | x |
|
Launch PIN-protected UCIs (with PIN) |
✓ | ✓ | ✓ |
|
Preview audio files (Files page) |
✓ | ✓ | x |
|
Download system information (Utilities page) |
✓ | ✓ | x |
|
Enable External Control Protocol access (Set via Q-SYS Administrator using separate user PINs.) |
✓ | ✓ | x |
|
Enable File Management access (Set via Q-SYS Administrator using separate user PINs.) |
✓ | ✓ | x |
Q-SYS Designer Permissions
|
Capability |
Administrator |
Technician |
Viewer |
|---|---|---|---|
|
Connect to Core via Designer |
✓ | ✓ | ✓ |
|
Load Design from Core (Load, File, & Connect) |
✓ | ✓ | ✓ |
|
Operate runtime controls |
✓ | ✓ | ✓ |
|
Save / Deploy Design to Core |
✓ | ✓ | x |
Note: When Access Control is enabled, users must sign in with their credentials when connecting to a Core from within Q-SYS Designer. The Viewer role permits connecting to a Core and operating runtime controls, but does not allow saving or deploying designs.
Managing Users
Only users with the Administrator role can manage existing users. From the Actions column:
- Click Edit to change a user's name and role.
- Click Change Password to update a user's password. Passwords must be at least 8 characters in length.
- Click Delete to remove the user from the Q-SYS Core.
Note: Administrators can also update their own username and password. Click your username in the top-right corner, and then select Manage Account.
Disabling Access Control
Disabling Access Control deletes all security settings, including the Administrator account, and returns the Q-SYS Core to non-protected mode.
CAUTION: When you disable Access Control, all user accounts are deleted, and a sign-in is no longer required to gain access to Q-SYS Core Manager. This is not recommended for security reasons.
- Click Disable Access Control.
- Click Disable to confirm.
