I am creating a script to run in PowerShell for configurations of over all security. I am struggling to find the ID number of a few areas as highlighted below. (There are more than these three):
The ID number currently there is just for reference on the format.I can only find the ID number of individual recording servers using Ctrl but this seems to be located somewhere else. Am I overlooking any config files?
Overall security would be overall, meaning for all recording servers.
If you want security settings that are not overall, you would do security settings on devices like cameras. There is no way to do security settings for one Recording Server and not for them all, but for individual cameras you can.
Note; I have made this observation based on how you do security settings in general and on the Management Client. You might be using the MilestonePSTools, which I do not have a lot of experience with, but as a rule of thumb I always consider first how you would do if you were using the regular Milestone clients..Hi @Bo Ellegård Andersen (Milestone Systems),
The overall security permissions is what I am looking to configure on this script. The issue is, I cannot find the Security Name Space and Member ID as highlighted above to add to my script.
I am using the script as I have a number of Federated child sites as well as the parent to configure. All will have a number of roles with exactly the same permissions, using PowerShell to input this configuration script will save me time.
Please clarify, are you using MIP SDK or MilestonePSTools? Could you share a snippet of code which gives you the output you list first?
Hi @Bo Ellegård Andersen (Milestone Systems)
I am using MilestonePSTools. I have just managed to get the information I need by running the command ‘Get-VmsOverallSecuity’ I then received the following: -
cmdlet Get-VmsRoleOverallSecurity at command pipeline position 1
Supply values for the following parameters:
Role:
I inserted the Role and it provided me with the Security Name Space and Member ID.
Hi @James Tyler,
I’m glad to see you managed to find the ID’s for the different overall security namespaces.
With the new *VmsRole* functions, you’re no longer expected to have to handle the namespace ID’s and you can instead reference the namespace names with support for tab-completion. But I know you’re attempting to use an older cmdlet from the MilestonePSTools.Security module and the ID’s are required there.
For reference, here’s a command that will retrieve the first user-defined role, and then return the available security namespace values. The ID’s for security namespaces are the same on every installation and across versions so the example output below should be valid anywhere. Also, there could be overall security namespaces not listed here but available to you based on your permissions and installed plugins. Here’s the MIP SDK documentation for the ChangeOverallSecurityPermissions method for reference, though the weeds of the .NET SDK are what the PowerShell module attempts to hide 
(Get-VmsRole -RoleType UserDefined | Select-Object -First 1).ChangeOverallSecurityPermissions().SecurityNamespaceValues
<# Example Output
Key Value
--- -----
Management Server e9914e39-a67a-496c-a3c1-5b4aaab28f15
Recording Servers 9710735d-eb10-44ea-888d-fa8ab05a6433
Failover Servers 6339122c-04f5-41f2-b3e3-3555997cfcef
Hardware f97772d8-7b6d-4ea4-b6b5-ee4ea010fa2c
Cameras 623d03f8-c5d5-46bc-a2f4-4c03562d4f85
Microphones 15f48f88-ca89-4926-9a84-2b02864ec77a
Speakers 48b602bc-e752-4bbf-8e2a-7de01f53a6dd
Metadata ede4d51c-f691-4894-9c0b-c3ae096dc04d
Input 3ed79ef0-ee2f-40b8-a49a-17e9380c5932
Output a95fce90-753d-4cb7-86fb-f8cad9f93b67
Smart Wall 8732fcac-a63c-46ea-9683-532b4c6644e7
View Groups ec543c56-adf7-4600-b9ad-97e166552be9
User-defined Events d4ff31cd-d9ac-46df-8e92-5b545d191baf
Analytics Events 2e319f3e-0350-4df1-90c6-633ead31c117
Generic Events d4d19c01-03f2-4ac6-9d2b-5356b5de62f1
Matrix 988d493d-1597-4be6-aff0-396bfd5d047a
Rules c24c91a7-7d89-459b-b78e-c4548c74640d
Sites 875f4a4e-4d78-4a8d-a978-290227253475
Server Logs c201ae6f-6ff3-41d4-bcbf-0f9db5049988
Alarms 9807ca8a-1111-2222-3333-6423dae2cd88
Access Control b71fd628-1111-2222-3333-5a927ea9bda4
System monitor 2d4048fa-41da-435a-a800-2419137e4a3e
Metadata Search 55bf1320-0224-48c7-8f57-bd41090576c8
Search d2d396e4-819e-4226-aa7f-af36896d78bc
LPR servers 6b1845a7-1111-2222-3333-940463a5c2e7
License plate match lists fe3450d5-1111-2222-3333-a03bc1b988f2
Metadata Indexing Framework ba4465ed-1111-2222-3333-2113bbc99188
Radar e085e129-1111-2222-3333-4a048ab474ab
AXIS Camera Assistant a7a3026d-1111-2222-3333-803f56ff9bcc
ONVIF Bridges 357a694a-1111-2222-3333-b106142c050a
Transaction sources 9a1492d1-fca0-44d7-ba9c-3699c99063a7
b4722667-e468-41d3-ad1e-7470fa8f7f79
VPS Framework-Video Processing Framework 541bbdec-fec9-4d85-acee-b2c7c12478ca
AXIS Communications-Perimeter Defender 7a012ac1-16f0-4acd-a02b-e3c58a9d1499
Transaction definitions b4ee79cc-7d0b-449f-a53a-ebf0a3d1f14b
Milestone Smart Client Watermark cc3d108f-8055-41d7-ab81-1bc3d4731225
AXIS Optimizer Security 6ad068b4-e959-4412-bf27-dce6b3f7a670
Bosch Enhanced Metadata 8882a72b-4005-4d22-973a-df45aa37ef53
BG Series Panels 217a9d91-12d9-4a8c-81ef-1a885dbdab80
Areas 9681e734-886c-40a4-a26b-105c41fa35bd
Points 114359b9-4054-4d88-a684-d86e0e486bb1
Doors ebf1f8f1-2683-46d9-9230-83a7429a11e1
Outputs 45eb1ac3-4a77-4a2c-aaac-57e739c0dd2c
Incident properties 77fa1106-fa1d-4c52-a945-b6f87f89deec
Incident projects 743c1a10-c864-4f9f-8a56-57f31e42d1db
Comments 567a4819-a38c-4e17-a982-45c780485c13
Sequence list 77f8f2a9-9de8-4048-8d63-26bf44dcced1
Calls 32979a29-2887-4ff5-b568-3876967f1730
Activity logs fbfb0321-ab7e-416d-8b8d-a558d24166fb
Draft sequence list 76de2b27-de9c-4f46-865a-e7445d47e70e
Reports 14d0e992-e258-4582-8ee3-ae8e42966c66
#>
And in the latest version of MilestonePSTools if you wanted to retrieve just the “Cameras” security namespace attributes, you can run “Get-VmsRoleOverallSecurity -SecurityNamespace Cameras”. The output is a hashtable which also includes the namespace display name, ID, and role ID. Here’s a quick example of retrieving the attributes and changing them using the newer cmdlets, but there’s not a new “Import-VmsRole” just yet.
# Show the attributes for the AxisOptimizer role's "Cameras" namespace
Get-VmsRole AxisOptimizer | Get-VmsRoleOverallSecurity -SecurityNamespace Cameras
Name Value
---- -----
DisplayName Cameras
DELETE_BOOKMARKS None
RESERVE_PTZ_SESSION None
EDIT_BOOKMARKS None
CREATE_BOOKMARKS None
CREATE_EVIDENCE_LOCK None
MANAGE_LOCK_PTZ_PRESET None
ACTIVATE_PTZ_PRESET None
SecurityNamespace 623d03f8-c5d5-46bc-a2f4-4c03562d4f85
ADMIN_SECURITY None
SMARTSEARCH None
AUX_COMMANDS Allow
GENERIC_WRITE None
READ_EVIDENCE_LOCK None
READ_REMOTE_RECORDINGS None
GENERIC_READ None
LIFT_PRIVACY_MASKING None
STOP_MANUAL_RECORDING None
DELETE_EVIDENCE_LOCK None
READ_BOOKMARKS None
PTZ_CONTROL None
EXPORT None
MANAGE_PTZ_PRESET None
Role Role[EDBB882E-F32A-4FD1-ABC0-75B674DFD0FB]
START_MANUAL_RECORDING None
DELETE_RECORDINGS None
READ_SEQUENCES None
VIEW_LIVE None
RELEASE_PTZ_SESSION None
PLAYBACK None
# Set the Cameras / Edit permission for the AxisOptimizer role to "Deny"
$permissions = Get-VmsRole AxisOptimizer | Get-VmsRoleOverallSecurity -SecurityNamespace Cameras
$permissions.GENERIC_WRITE = 'Deny'
Set-VmsRoleOverallSecurity -Permissions $permissions