Partitions are used to create “virtual systems” within a larger system. By default (if no partitions are configured) every object is accessible or “visible” to every other object. For example, any User who has Personnel setup permission can see all User records and assign permissions to those Users (except that only Administrators can assign permissions to other Administrators). Likewise, Users can see, and be assigned permissions for, all Devices, Zones, User Groups, and Departments.

 

It is sometimes desirable to “segment” or partition the system into sections that are visible only to Users within those sections. For example, a system might be used to control access in a number of buildings, and the Users restricted to access or control within those buildings. By creating a Partition, a User with “Monitor” permission can see only Doors within that Partition. Thus a User can control and monitor certain Doors in a system and not even know other doors exist.

 

Likewise, a User with “Personnel” setup permission might be restricted to assigning access to certain Doors and certain Users and not even know other Doors or Users exist.

 

By default, objects (Users, Devices, Departments, etc.) that are not specifically assigned to a Partition are in the “System Partition (Unassigned)”. That means they are visible to all Users and have access (or can be assigned access) to all devices. Once an object has been assigned to at least one Partition, it is no longer visible to Users or has access to devices in other Partitions.

 

Only Users with “System Administrator” permissions can create, edit, or delete Partitions. System Administrators can view all objects (Users, Devices, Departments, etc.) regardless of their assigned Partitions.

 

“Partition Administrators” have Monitor, Personnel, and System configuration permission to any objects in Partitions to which they are assigned. A System Administrator must assign Partitions to a Partition Administrator. Partition Administrators can assign Partitions to objects in their Partitions, but objects in other Partitions will not be visible or accessible to Partition Administrators.

 

In practical terms, this means that any User assigned to one or more Partitions can be assigned access only to Devices, Zones, or User Groups in those Partitions.Users who are monitoring the system will see only Devices, and receive events and alarms for Devices, in the Partitions to which they are assigned. Users with setup permissions will see only Users, Devices, Departments, Zones, and User Groups in the Partitions to which they are assigned. Thus, objects in Partitions to which a User is not assigned will be invisible to that User.