Security
User Accounts
The user account is central to security under MediaMatrix. A user account consists of a name, a password, and a list of privileges that determines what operations the user is allowed to perform.
Current User
At any given time, one user is Logged On and is considered the Current User. This users name is displayed in the Status Bar at the bottom of the screen. A user logs on by choosing "User | Log on..." from the User Menu and entering a name and password. When a user logs on, the menus are reconfigured to show only the commands that the user is allowed to access. For example, if the current user does not have "Modify the view file" privileges, the "File | Save" menu item is hidden.
Creating User Accounts
User accounts are created, edited and deleted by choosing "User | Edit User List..." which brings up the Account Administration Dialog. You edit an account by double clicking or selecting it and pressing the "Edit..." button which brings up the Account Properties dialog box. From this dialog you can change the account password and the privileges granted to the account. You can only enter the account name when it is created, after this time the name cannot be changed.
The following is a list of the privileges that may be granted to a user account along with a brief description.
Shut down MediaMatrix
Enables File | Exit and System Menu | Close. Closing MediaMatrix turns off your sound system so you may want to prevent some users from doing this.
Change the current view file
Enables File | Switch. If your sound system uses multiple view files to re-configure the sound system for different occasions, you would give the system operators account this privilege. If the system only uses a single view file, you would not.
Run hardware diagnostics
Enables Tools | Diagnostics. Diagnostics mute the audio system while they are running.
Access the terminal window
Enables the user to interact with the terminal window. This should only be allowed for more advanced users.
Change the terminal window options
Allows access to the terminal window options dialog which allows control of such things as file logging.
Access the on-line help system
duh.
Access the system remotely
Allows the user to log in remotely using RAMM (Remote Access MediaMatrix) and RATC (Remote Access Telnet Client).
Adjust settings in the system
Allows the user access to Control Mode which allows adjusting knobs and faders and pressing buttons.
Change the system options
Allows access to the Tools | Options... dialog.
Edit the user list
Allows access to User | Edit user list... which allows creating, editing and deleting user accounts.
Modify the view file
Allows access to Edit Mode and all of the features that support the creation and editing of view files.
Special Accounts
When MediaMatrix is installed, two special accounts are created: DefaultUser and Administrator. These accounts can never be deleted and have other special properties.
This is the account that is automatically logged on when the software starts up. This account never has a password. The privileges of this account determine how the software behaves when no other user has logged on.
This account always has all possible privileges. By default, the password for this account is "Administrator", but you can and should change it if you intend to use the security features of the software.
View Level Security
In addition to the security provided by the above described user accounts, some security is built into the view file by the system designer.
Blocks may be locked so that they cannot be opened in control mode. This means that users who do not have "Modify the view file" privilege and thus do not have access to edit mode can not open the block. Frequently the designer of a view file will place the entire schematic for a system inside a locked block and only copy out a few controls for the operators to adjust. A block is locked by choosing "Locked (cannot be opened in control mode)" from the "Block" page of the "Block Object Properties" dialog box.
A block can be protected with a password. This feature can serve several purposes. First, it allows system designers to protect the schematic of their sound system, which may be considered proprietary information. Second, it allows differentiation of different levels of operators. For example, some operators may have access to only a rudimentary system level control, whereas others (if they know the password) can access a setup panel with gate and tone controls. A block is password protected by checking "Password required to open window" from the "Block" page of the "Block Object Properties" dialog box.