Home
Troubleshooting
Troubleshoot common issues that can occur.
Modifying local GPOs for non-administrator user accounts
By default, non-administrator user accounts have restricted access to Streamvault™ appliance features. To customize their permissions, you can modify the local group policy objects (GPOs) for the Non-Administrators group through the Microsoft Management Console.

Introduction to your Streamvault appliance
Learn how to deploy your Streamvault appliance.
Getting started with SV Control Panel
Configure your Streamvault appliance to work with Security Center access control and video surveillance.
Getting started with Streamvault Maintenance plugin
Configure your Streamvault Maintenance plugin to work with Security Center.
SV Control Panel reference
These reference pages help you understand the SV Control Panel.
Additional resources
Get more insight on your appliance.
Troubleshooting
Troubleshoot common issues that can occur.
- Performing a factory reset on a Streamvault All-in-one appliance
  If the software on a Streamvault™ All-in-one appliance fails to start or stops working as expected, you can perform a factory reset using a USB key.
- Performing a factory reset on a Streamvault workstation or server appliance
  If the software on your Streamvault™ server or workstation fails to start or stops working as expected, you can perform a factory reset using a USB key.
- Mercury EP controllers remain offline when TLS 1.1 is disabled
  After enrolling a Mercury EP controller in Security Center, the unit doesn't come online.
- Enabling Transport Layer Security (TLS)
  The Transport Layer Security (TLS) 1.0 and 1.1 protocols have several major vulnerabilities, so they are disabled on Streamvault™ appliances. When a device enrolled in Security Center requires one of these protocols for communication, you must enable the protocol on your appliance.
- Remote Desktop can’t connect to a Streamvault appliance
  When you try to access a Streamvault™ appliance using Remote Desktop, you receive a message that Remote Desktop can't connect to the remote computer.
- Removing restrictions from non-administrator user accounts
  By default, non-administrator user accounts, including the Operator, have limited access to Streamvault™ Control Panel features. You can remove the restrictions from those accounts to give them more access to features.
- Local accounts can't access Remote Desktop, file sharing service, and remote management
  When the Remote Desktop service, Remote management, or File sharing service options are turned on in the SV Control Panel, local accounts still can't access the features.
- Enabling Smart Card related services
  If you've upgraded to SV Control Panel 3.0 from an older version and want to enable Smart Card related services, you can do so through the Windows Services application.
- Enabling support for Mercury EP and LP firmware 1.x.x controllers
  Before you can integrate Mercury EP or LP firmware 1.x.x controllers on your Streamvault™ appliance, you must enable an older SSL cipher suite.
- Enabling support for the Synergis IX integration
  Before you can enroll Synergis™ IX controllers on your Streamvault™ appliance, you must add an extra SSL cipher suite.
- Modifying local GPOs for non-administrator user accounts
  By default, non-administrator user accounts have restricted access to Streamvault™ appliance features. To customize their permissions, you can modify the local group policy objects (GPOs) for the Non-Administrators group through the Microsoft Management Console.
- Turning off the Windows firewall
  By default, the Windows Firewall uses local group policy objects (GPOs) from the hardening profiles to secure the Streamvault™ appliance. If you want to turn off the Windows Firewall for troubleshooting purposes, you need to first turn on manual firewall control in the SV Control Panel.
Technical support
Genetec™ Technical Assistance Center (GTAC) assists customers with Streamvault issues related to software and hardware.
Glossary
Where to find product information
You can find our product documentation in the following locations:

Modifying local GPOs for non-administrator user accounts

2025-05-14

By default, non-administrator user accounts have restricted access to Streamvault™ appliance features. To customize their permissions, you can modify the local group policy objects (GPOs) for the Non-Administrators group through the Microsoft Management Console.

Procedure

From the Windows Start menu, select Run, then type mmc.exe, and click OK.
The Microsoft Management Console window opens.
In the left pane, click File > Add/Remove Snap-in .
The Add or Remove Snap-ins dialog box opens.
In the Available snap-ins section, select Group Policy Object Editor and click Add.
In the Group Policy Object wizard, click Browse.
In the Browse for a Group Policy Object dialog box, click the Users tab, select the Non-Administrators group for which a local GPO exists, and click OK.
In the Select Group Policy Object dialog box, click Finish.
The Add or Remove Snap-ins dialog box, click OK.
In the Microsoft Management Console window, go to Console root > Local Computer\Non-Administrators Policy > User Configuration > Administrative Templates > Streamvault > <hardening profile> ,
where <hardening profile> represents one of the four predefined hardening profiles: CIS Benchmark Level 1, CIS Benchmark Level 2, Genetec™, and Microsoft Security Baseline.

All the GPOs that are configured for non-administrator accounts are listed in the selected hardening profile.
Note:
A GPO is configured if its state is Enabled or Disabled. A GPO with a state of Not configured is not controlled by Streamvault.
Double click the individual GPOs to view or edit them.