The Access control tab located on the driver screen provides the ability to select which assets the driver will be able to access. By default, all new drivers added to the organization may operate all new or certain selected assets in the organization. The default can be changed in the organization settings.
To specify which assets a driver may access, follow the steps detailed below:
- Click on Monitor.
- Under Fleet Admin, click on Drivers.
- Search for the relevant driver, using the search feature.
Click on the image to view it in full screen if the article is open in your browser:
- Click on the green hyperlinked name of the driver, or click on the downward-facing actions arrow and select Edit.
- Click on the Access control tab on the left.
Assets operable - indicates the number of assets the driver may access. Total Assets - indicates thetotal amount of assets in the organization.
Click on the image to view it in full screen if the article is open in your browser:
- Check the box if this driver may operate selected assets and all new assets in the organization. This will write a [[#Understanding whitelisting and blacklisting|blacklist]] to the blue driver plug or the unit depending on config setup.
- Click on the plus to expand the view of the list of assets in the organization to only select certain assets.
- A check in the box indicates that the driver will be able to access all assets in that group or site.
- An empty square indicates that none of the assets in that specific group or site will be accessible.
- A partially checked box within the selection box indicates that only certain selected assets in that specific group or site are accessible to this driver.
Understanding whitelisting and blacklisting
For FM units, users can decide whether to store the driver list on the blue driver plug or on the mobile device's onboard computer.
Mobile devices that allow access control (e.g. MiX 2000, MiX 4000) automatically store the driver lists on the onboard computer (OBC).
-
When you select the checkbox, "This driver may operate selected assets and all new assets in this organization", a blacklist is written to the blue driver plug or the onboard computer. Any vehicles on this blacklistcannot be started by the driver. There is 1 driver ID and 50 vehicle IDs written to the plug. The blacklist can be empty.
-
When the "This driver may operate selected assets and all new assets in this organization" checkbox is not checked , a whitelist is written to the plug or unit.In this case, only vehicles on the whitelist can be started by the driver. There must be at least one asset in the whitelist or the driver will not be able to operate any assets.
In summary:
-
Theblacklist contains specified assets that the driver may not access.
-
Thewhitelist contains assets that the driver is allowed to access.
If the driver/vehicle access table is stored on the onboard computer (automatically for all MiX devices, except the FM) and the extended config stores the list of drivers or assets, it takes up space depending on the number of drivers/assets specified. The extended config saves various components, such as access control lists, CAN scripts, etc. When the driver access control list becomes too large, it may cause the extended configuration to run out of space, leading to a failure in compiling the config. This may result in some of the other components ceasing to function when the limit has been reached.
- Remember to generate the driver plug using the Plug Management Utility or that you must upload the event configuration to the on-board computer after changing the list for unit based access control.
Please note:
Changing the driver access details in Fleet Admin when the associated asset is utilizing unit-based access control will cause the asset to move to a "Config Changed" status.
This change can be made either in Fleet Admin/Assets/Access Control or Fleet Admin/Driver/Access Control to either add/remove drivers on an asset or add/remove assets to a driver.
If you use access control for immobilization, you need to set up an immobilizer in your config via the mobile device template.