Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki Display

Solved
Dunky
A model citizen
‎Mar 14 2024 12:12 PM
‎Mar 14 2024 12:12 PM

Meraki Display

Anyone actually using this?

I've got the app OK on the Apple TV box with the intention of using it to display a videowall, but how do you create dashboard users that can access cameras only?

What's to stop that user logging in via a Web browser on their PC and seeing cameras they shouldn't be allowed to add other stuff within that network (mx's, Sensors, APs, sensors etc?

I created a generic user with a fictitious email address but cannot login as it says invalid credentials.

 

TIA

Labels:
0 Kudos
Subscribe
1 Accepted Solution
In response to Dunky
Ryan_Miles
Meraki Employee
Meraki Employee
‎Mar 15 2024 11:26 AM
‎Mar 15 2024 11:26 AM

Apologies. One cup of coffee clearly wasn't enough to fully jumpstart my brain this morning. SAML is supported on Dashboard, Vision Portal, and Mobile today. SAML is not yet supported on Display.

 

But going back to your primary ask here local camera only admins appears to meet your requirements with Meraki Display.

View solution in original post

Subscribe
12 Replies 12
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 14 2024 12:38 PM
‎Mar 14 2024 12:38 PM

Even if you create a user to view the cameras, you will not be able to restrict them from accessing a specific device.

 

You can restrict access to cameras by creating specific roles for users.

 

Restricting Access to Cameras - Cisco Meraki Documentation

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
Dunky
A model citizen
‎Mar 14 2024 12:44 PM
‎Mar 14 2024 12:44 PM

Roles only apply to SSO.  SSO isn't supported in Meraki Display.  Hence I am unsure how to create a user and give them access to cameras only?

0 Kudos
Subscribe
In response to Dunky
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 14 2024 12:48 PM
‎Mar 14 2024 12:48 PM

Look at the first option in the link I sent you.

 

Local Camera and Sensor Admins on Network Level

This method outlines the steps on how to create a camera and sensor privilege role and assign it to a specific Network Administrator:

  1. For MV only networks, navigate to Cameras > Configure > General. For combined networks, navigate Network-wide > Configure > Administration.

  2. Under the Camera and Sensor Only admins section, select an existing Network Admin from the dropdown or Create a new user. 

  3. Assign the appropriate permissions to the User:

 

 

Permissions

Scope

Camera Permissions

View and export any footage

All Cameras

Individual Cameras

Cameras by Tag

View any footage

View Live footage

No Access

Sensor Permissions

Full Sensor Access (includes write Access to Alert Profiles)

All Sensors

Read-only Sensor Access

No Access

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
Dunky
A model citizen
‎Mar 14 2024 12:50 PM
‎Mar 14 2024 12:50 PM

Isn't that for Admins though?

The account is solely to diaplay the videowall

0 Kudos
Subscribe
In response to Dunky
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 14 2024 1:00 PM
‎Mar 14 2024 1:00 PM

But you can  give read-only access on the organization.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to Dunky
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 14 2024 1:27 PM
‎Mar 14 2024 1:27 PM

Unfortunately, these are the options you have.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to Dunky
Ryan_Miles
Meraki Employee
Meraki Employee
‎Mar 15 2024 9:19 AM
‎Mar 15 2024 9:19 AM

Here's a real example from my Org. On the Network-wide > Administration page create Camera only admins (or you can choose any previously configured admin). In my example I create a new user and for this example only allow access to a single camera by name. You could expand the scope to multiple cameras, cameras by tag name, or all cameras in the network.

 

These same permissions apply to Meraki Display. If I login to dashboard, Vision Portal, the mobile app, or Meraki Display app they all will limit my access to just this single camera in my example.

 

Screenshot 2024-03-15 at 09.11.34.png

0 Kudos
Subscribe
In response to Ryan_Miles
Dunky
A model citizen
‎Mar 15 2024 9:29 AM
‎Mar 15 2024 9:29 AM

Thanks Ryan.

I have done that but the problem is if they login to the dashboard then it gives them admin access to the cameras.

All I want is for them to view live video, they are not admins, they are people that work in warehouses and weighbridges!

 

Do you have any idea when SSO will be supported as this will solve the issue -  we can then just map the relevant SAML role and lock the Azure account down so that it can only be logged into from the site.

 

 

0 Kudos
Subscribe
In response to Dunky
Ryan_Miles
Meraki Employee
Meraki Employee
‎Mar 15 2024 9:41 AM
‎Mar 15 2024 9:41 AM

This doc mentions camera only permissions.

 

"Camera Permissions are View-only. This means the user can only view the Cameras and cannot change any settings such as focus, zoom, aperture, etc."

 

I have this configured right now and I cannot make any changes to the camera. It shows the settings tab, but prevents any changes.

 

SAML is already supported if you want to deploy it that way. I also have this configured here in my lab.

 

https://documentation.meraki.com/MV/Advanced_Configuration/Restricting_Access_to_Cameras#Role-based_...

0 Kudos
Subscribe
In response to Ryan_Miles
Dunky
A model citizen
‎Mar 15 2024 11:12 AM
‎Mar 15 2024 11:12 AM

I must admit I didn't actually try to make any changes when logged in as a camera only admin, I had assumed the word 'admin' meant they could be changed with a usage case being for installers to adjust settings when installing.

 

You say SAML is  already supported. - There is no option to login using SSO on the latest Meraki Display App that I have installed - how do I login to Meraki Display using SSO?

 

 

0 Kudos
Subscribe
In response to Dunky
Ryan_Miles
Meraki Employee
Meraki Employee
‎Mar 15 2024 11:26 AM
‎Mar 15 2024 11:26 AM

Apologies. One cup of coffee clearly wasn't enough to fully jumpstart my brain this morning. SAML is supported on Dashboard, Vision Portal, and Mobile today. SAML is not yet supported on Display.

 

But going back to your primary ask here local camera only admins appears to meet your requirements with Meraki Display.

Subscribe
In response to Ryan_Miles
Dunky
A model citizen
‎Mar 15 2024 11:48 AM
‎Mar 15 2024 11:48 AM

Thanks Ryan, I will have another look a lot closer next week then 😀

 

Are you able to share any timescales around SSO support for Meraki Display?

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.