Bioconnect Enterprise v5.0 Software Configuration Guide
Bioconnect Enterprise v5.0 Software Configuration Guide
Bioconnect Enterprise v5.0 Software Configuration Guide
The goal of the BioConnect team is to make the software as easy as possible to install
and configure. If an unexpected problem occurs or if you would like some guidance,
please don’t hesitate to reach out using one of the contact methods listed below:
Support Website:
http://www.bioconnect.com/support/
Telephone:
Email:
Username: Entertech
Password: Bobcat
This section of the software is primarily used by the root level Administrator account
“Entertech”. This allows you to turn on/off Active Directory, set the root account
password, check the status of your license or update the existing license.
After setting up your initial trial or license, you can always update an existing license by
going to Menu -> Configuration -> Licensing from the BioConnect Enterprise
application.
To add a new server, click [Menu] > [Connect to Server] > [Add a new server]
This will bring up a Connect to Server window where you can configure the new
BioConnect Server IP Address/ port value (default is 8139), RabbitMQ IP Address/ port
value (default is 5671).
This is the BioConnect Enterprise home screen. Here you have 3 options to choose
from:
Quick Enrollment: This is where you conduct all biometric enrollments or Template on
a Card encoding. (See Chapter 5 for more information.)
User Management: Here you can see all of the users that have synchronized over from
the access control software. (See Chapter 4 for more information.)
Device Management: Here you can check the status of the readers or complete tasks
such as firmware updates, add new devices, or configure reader settings. (See Chapter
6 for more information.)
Link Management: This is an easy way to launch Link web console. Currently this is
optimized for Chrome and Firefox browsers.
Menu: This Menu consists of the Synchronization tools (Synchronize with Devices or
Access Control Software), as well as software configuration options.
Monitoring: This feature allows you to view system events including reader status
messages, or BioConnect Enterprise user account login/activity data.
About: This will show you the software version of your client and server, technical
support contact information and the software expiry date.
Navigation Tools: There are shortcuts available in each section to assist you with
navigating throughout the software.
Synchronization Status: Data displayed here will inform you of the current status of
the synchronization between your access control software and BioConnect.
The User Management section of the software allows you to view all of the users who
have been synchronized from your access control software. You can sort/filter the users
to see details such as who has been enrolled. Click [Sync] at any time to re-sync the
data in the list.
All badges are listed under the Credentials tab of the user profile.
1. Active Checkbox: The cardholder must have an active credential within the
access control software to appear “active” within BioConnect Enterprise. If there
are no active credentials, the user will appear inactive within BioConnect
Enterprise. Please see below for some definitions of the various options:
2. Biometric Card Checkbox: This option allows you to choose which card is sent to
the access control panel in the event of a Biometric-Only identification. If no card
is selected, the system will assume the first card listed. This is only necessary
when a cardholder has multiple credentials.
3. Card Only Checkbox: This checkbox allows the selected card to be accepted by
the reader without a biometric verification. If the reader is configured for Card +
Finger, this will allow the card to gain access immediately without a biometric
verification. This is a useful feature for people who are not going to be enrolled,
or people who have not enrolled yet but still need access.
1. Enter the username into the text field that you would like to provide access to. In
the example below, the username is ‘test’.
2. Enter a value into the password field (For example, “123”).
3. Retype the password in the text field to confirm it.
4. Choose a location(s) that the person will be working from. This will allow them to
see the enrollment readers that are at that specific location.
5. Decide if the user is going to be an Administrator or Standard User. Admins can
access the entire software including device management, as well as providing
other cardholders access to the software. Standard Users can only login to the
software to conduct enrollments.
6. Decide if the user is a Device Administrator. Device Admins are able to login to
the on-screen menus of devices that have LCDs. This level of access should be
restricted to network administrators.
7. Click [Save Login]
The Quick Enrollment section of the software is where all biometrics are captured. To
enroll a fingerprint:
1. Search for the user you would like to enroll.
NOTE: If you do not see the device in the list that you are looking for, please see
section 6.4 to enable the device as an enrollment reader.
The [Sync] button performs a check on the Access Control database for any changes to
cardholder information.
It is critical for the success of the system that good enrollments are captured. Below is
an example of a good enrollment:
In the above example, you can see that the middle of the finger is placed in the middle
of the scanner. You can clearly see the ridges of the fingerprint and the quality score is
at 100% (Quality scores are only available when enrolling from the BioMini USB
scanner).
When working with Mifare or iClass smartcards, you have the option of encoding two
templates onto the card itself for verification. This allows you to carry your templates
with you to the reader instead of having the reader use the Server as it’s matching
database. This is common in locations where networking is difficult.
Note: The template encoding functionality will only become available once the user has
templates in the system
Face templates are sent to devices in groups. You can choose which location groups to
send the templates to – This will send the templates to all of the devices listed under
that specific location group.
You can enroll two face templates per user (Not required). If a user occasionally wears
glasses, it is best to enroll them both with and without glasses.
Delete Templates: Once enrolled, clicking [Delete Templates] will remove all of the
user’s templates from the system and devices. Once the templates are deleted, the user
will have to re-enroll before using the system again.
Sync with Device: Using the Sync with Devices function will re-send the templates to
the appropriate location device groups. If you want to change the device sync locations
after the enrollment process has been completed, make the location changes and click
[Sync with Device].
NOTE: Your device must be on the same network as your BioConnect Enterprise Client
software. This means, the client should be installed on a local PC or laptop, acquiring
an IP address in the same range/subnet as the readers and connected back to the
BioConnect server.
1. Go to Device Management
Location: This is the location/region of the reader. This location is used throughout the
software primarily to limit which enrollment readers are available for use by the people
performing enrollments. For example, you may not want people in New York having to
filter through enrollment devices across the country to find the one nearest to them. You
can limit which locations a user has access to in the User Management section of the
software.
Enrollment Reader: This option allows you to designate the reader as a possible
enrollment reader. Readers with this enabled can still operate as a production reader,
but will be available within the Device list during the enrollment process.
Online: This box will become active when the device is online.
Operation Mode: The authentication mode of the reader. Possible presets are Card +
Finger/Finger Only, Card + Finger, Card Only. Below are some descriptions:
Card + Finger:
This option requires Card + Finger for authentication.
Card Only:
Various operation modes which support PINs, such as 3-factor authentication (Card +
Finger + PIN and Card or Finger/ID + PIN)), are also included for supporting devices.
NOTE: If your preferred authentication mode is not listed, you will use the BioStar
configuration software to configure these custom settings in the reader. Please see
Chapter 8 of this guide on BioStar Configuration Software for more details.
To update firmware from BioConnect, click [Update Firmware], select firmware file
(preloaded to local drive). Device will reboot and come back online when firmware
update completes.
Note as of BCE 5.0, there is a ‘FW’ column that indicates if a device has outdated
firmware. The column will only show if any single device has outdated firmware.
Outdated firmware is indicated by a red square, up-to-date firmware is indicated by a
green square.
Template Type: The current fingerprint template (Suprema or ISO) used by the reader.
The IP Address, Subnet and Gateway of the reader. Having DHCP enabled will cause
the reader to look to the network for an IP address assignment. With it disabled, you
can assign it your own address.
Server IP Address: The IP address of the server which you would like to have the
device connect into. This should be the server where the BioConnect Enterprise
services are installed. The server must have a static IP address.
Server Port: The default port for the BioConnect Enterprise server to listen on is either
8001 (Generation 1 Device) or 51212 (Generation 2 Device). Be sure that this is not
blocked by your firewall.
Facility Code: This is the facility code that will be sent to the panel (along with the
matching card number) when a fingerprint is authenticated.
Card Format: The card format you want to use on the reader. Suprema readers are
limited to 1 card format per reader. For your convenience, some of the most popular
card formats are included within BioConnect Enterprise:
Card Offset: The card offset is used by some Access Control systems when they have
duplicate card numbers across different card formats within their system. This feature
adjusts for the card offset set within the access control software. If you are not using an
offset, leave this value as 0.
Wiegand Output: This option allows you to send the User ID field instead of the card
number to the panel after a successful card or finger authentication at the reader. It is
recommended that unless in rare cases, you should leave this option set to “Card #”.
Fail Code: The fail code will send the largest possible number within your card format
when a failure occurs at the reader. For example, with 26 bit Wiegand the largest
number would be 65535. Failures include rejected fingerprint or card reads.
Delete Button: The [delete] button within the Device Configuration tabs allows you to
remove a device that is no longer online or used within your system.
Device Memory tab allows you to factory reset the reader or delete all users on the
device from BioConnect software. Factory Reset Without Network enables you to keep
network settings while doing a reset of all other functionality on the reader.
Automatic Sync:
The automatic synchronize occurs automatically every 5 minutes in the background. It
is also triggered whenever you open the User Management section of the client, or do a
search. This means that you do not have to wait 5 minutes for the data to synchronize
if you need it immediately.
The software also does a full re-synchronize each night. This helps by providing
redundancy to ensure that all data was properly updated within the BioConnect
Enterprise.
If an active user meets any of the following conditions, they will be sent down to the
local memory of the device:
• Synchronize All Devices- this sync will synchronize all the devices online
• Synchronize Devices by Location- this sync will synchronize all devices in the
selected locations
• Synchronize Devices by Name- this sync will synchronize all devices with the
selected name
IMPORTANT NOTE: This section is for Suprema Generation 1.0 devices. If you’re
using the BioStation 2 (Suprema Generation 2.0), please consult our Support Portal
(http://www.bioconnect.com/support/) for resources on using BioStar 2.
The BioStar software by Suprema is required for some reader configuration that is not
available within the BioConnect Enterprise. Some examples include:
● You are using a card wiegand format that is not included as a preset
● The Authentication Mode that you want to use is not included as a preset (For
example: Card + Finger OR PIN)
When a device is configured, you point it to a Server IP address and a port. The port
that you choose will determine which software it connects into. To switch a reader from
BioConnect Enterprise to BioStar, simply change the Server Port within its network
settings in the Device Management section of the software.
Please see the BioStar manual and Reader-Specific documentation for more details.
If you encounter issues during the BioConnect Enterprise installation that were not
covered here, please don’t hesitate to reach out to us or visit our support website.
Support Website:
http://www.bioconnect.com/support/
Telephone:
Email:
1. Accept the terms and conditions and keep all options as default.
2. Pay special attention to the Destination Folder “C:\Program Files (x86) \My Company
Name\Ethernet Utility” (this path will be used to establish the initial connection between
BioConnect software and Digitus Ethernet Configuration Utility- for detail refer to Link
BioConnect with Digitus Ethernet Utility).
3. Once the setup completes, click [Finish]. The Digitus Ethernet Configuration Utility
will be activated when clicking [Find Device] button in the Device Management Window.
You’ll only need to connect Digitus Ethernet Utility to BioConnect software for initial set
up. Once the connection is established for the first time, Digitus Ethernet Utility will be
activated automatically every time you click on [Find Devices].
Changing Network Settings will only be used for device initial set up. For existing
devices which have already been added to the network, please refer to Add Device
Online.
1. Click the drop-down menu beside Select Port, select the IP Address of the server
that you want the device to connect to with the Sentry Port of 65532
2. Click [Broadcast]
4. For password, type “password” (you can also reset the password by clicking [Set
Password] under Commands section)
6. In the Set IP field, type the Device IP Address (In this example, Device IP Address
is 010.000.019.071) and then click [Set IP] button to apply the change.
7. In the Set Mask field, type Subnet Mask Address (In this example, Subnet Mask
Address is 255.255.255.000) and then click [Set Mask] button to apply the change.
8. In the Set Gateway field, type the Gateway Address (In this example, Gateway
Address is 010.000.019.001) and then click [Set Gateway] button to apply the change.
9. In the Set Port field, type Server Port Address: 1003 and then click [Set Port]
button to apply the change.
(NOTE: All the changes made from Step 6-9 can be viewed as response events in the
Output Window above [Exit] button.)
11. Click [Reboot] and then exit from the Digitus Ethernet configuration window.
1. Click the drop-down menu beside Select Port, select the IP Address of the server
that you want the device to connect to with the Sentry Port of 65532
2. Click [Broadcast]
3. Available devices will show up, click a device in the list to select
4. For password, type “password” (you can also reset the password by clicking [Set
Password] under Commands section)
7. Click [Send]
8. Click [Save]
9. Click [Reboot] and then exit from the Digitus Ethernet configuration window
12. In the Enter Data field, type “SSP01003” to set TCP port
14. Go back to home page and click back into Device Management. (A device named
“unknown” will automatically show up online in the Device Management window within
about 30 seconds.)
Dashboard
Credentials Tab:
Details Tab:
Sentry Tab: