Access Management System
Integrating Milestone XProtect with AMS
en Software manual
Access Management System Table of contents | en 3
Table of contents
1
2
3
4
5
5.1
5.2
5.3
Short information 4
System overview 5
Compatible versions for installation 6
Configuring Milestone XProtect to use AMS 7
Troubleshooting and limitations 10
Certificate validation problem 10
Conflicting plugins 10
Inflated log files degrade performance 10
Bosch Security Systems 2021-03 | 3.0.1.1 | SM
4 en | Short information Access Management System
1 Short information
This document describes how to configure Milestone XProtect
to use the access control features of the Bosch Access
Management System (AMS).
2021-03 | 3.0.1.1 | SM Bosch Security Systems
Access Management System System overview | en 5
AMS
XProtect
Plugin
Plugin
2 System overview
A plugin provided by AMS, but installed on the XProtect server,
transmits events and commands to AMS, and sends results back
to XProtect.
Bosch Security Systems 2021-03 | 3.0.1.1 | SM
6 en | Compatible versions for installation Access Management System
3 Compatible versions for installation
Access Management System (AMS) Versions
– AMS version 3.0 and later
Milestone XProtect Versions
Bosch recommends the following versions of Milestone
XProtect:
– XProtect Corporate 2020 R1
The following versions have also tested as compatible:
– XProtect 2018 R3 Professional
2021-03 | 3.0.1.1 | SM Bosch Security Systems
Access Management System
Configuring Milestone XProtect to use
AMS | en
4 Configuring Milestone XProtect to
use AMS
The configuration has 3 stages, which are described in the
following sections:
– Installing the AMS public certificate on the XProtect server.
– Installing the AMS plugin on the XProtect server.
– Configuring AMS within the XProtect application.
Prerequisites
– AMS is installed and licensed.
– XProtect is installed and licensed on the same computer or
on its own computer.
– A network connection exists between both systems.
Installing the AMS public certificate on the XProtect server
1. Copy the certificate file from the AMS server
C:\Program Files (x86)\Bosch Sicherheitssysteme
\Access Management System\Certificates\Access
Management System Internal CA.cer
to the XProtect server.
2. On the XProtect server, double-click the certificate file.
The Certificate wizard appears.
3. Click Install Certificate…
The Certificate Import Wizard appears.
4. Select Local Machine as the Store Location and click Next
5. Select Place all certificates…
6. Click Browse…
7. Select Trusted Root Certification Authorities and click OK
8. Click Next
9. Review the summary of the settings and click Finish
7
Installing the AMS plugin on the XProtect server
1. Copy the setup file
AMS XProtect Plugin Setup.exe
from the AMS installation media to the XProtect server.
Bosch Security Systems 2021-03 | 3.0.1.1 | SM
en | Configuring Milestone XProtect to
8
use AMS
2. Execute the file on the XProtect server.
The setup wizard appears.
3. In the setup wizard, make sure that the AMS XProtect
Plugin is marked for installation, and click Next.
The End User License Agreement is displayed. Click Accept
to accept the agreement if you wish to continue.
4. The wizard displays the default installation path for the
plugin. Click Next to accept the default path or Browse to
change it before clicking Next.
The wizard confirms that it is about to install the AMS
XProtect plugin.
5. Click Install
6. Await confirmation of the completed installation and click
Finish.
7. Restart the Windows service named Milestone XProtect
Event Server.
Configuring AMS within the XProtect application
1. In the XProtect management application, navigate to
Advanced Configuration > Access Control
2. Right-click Access Control and select Create new…
The plugin wizard appears.
3. Enter the following information in the plugin wizard:
– Name: A description of this AMS-XProtect integration
to distinguish it from other integrations on the same
XProtect system
– Integration plug-in: AMS - XProtect Plugin (This
name will be available in the drop-down list after
successful installation of the plugin)
– AMS API discovery endpoint: https://<hostname
of the AMS system>:44347/
where 44347 is the default port selected when
installing AMS API.
Access Management System
2021-03 | 3.0.1.1 | SM Bosch Security Systems
Access Management System
– Operator name: The username of an AMS operator
with at least permissions to operate the doors to
which XProtect cameras will be mapped.
– Operator password: the AMS password of that
operator.
4. Click Next
The AMS plugin connects to the AMS server that you have
specified, and lists the access control elements that it
discovers (doors, units, servers, events commands and
states)
5. When the progress bar is complete, click Next
The Associate cameras wizard page appears.
6. To associate cameras with doors, drag cameras from the
Cameras list to access points in the Doors list.
7. When finished, click Next.
XProtect saves the configuration and confirms when it has
saved successfully.
Configuring Milestone XProtect to use
AMS | en
9
Bosch Security Systems 2021-03 | 3.0.1.1 | SM
10 en | Troubleshooting and limitations Access Management System
5 Troubleshooting and limitations
5.1 Certificate validation problem
A bug in Milestone XProtect 2019 R2 Corporate edition causes
the certificate validation to fail, so leaving network
communication unsecured.
Because of this, the recommended XProtect version is XProtect
Corporate 2020 R1
Background:
The AMS - XProtect plugin communicates with AMS services
using HTTPS (secure HTTP). If the XProtect server and AMS
server are on separate computers, the AMS certificate has to be
imported onto the XProtect for HTTPS communication.
Due to a bug in XProtect, the trust validation is turned off,
allowing HTTPS communication without installing the certificate.
This bug has been confirmed in the following versions:
– XProtect 2018 R3 Corporate
– XProtect 2019 R2 Professional+
– XProtect 2019 R2 Corporate+
Other variants, such as Expert 2019 R2, Professional 2019 R2,
Express+ 2019 R2 and Express 2019 R2 may also be affected.
5.2 Conflicting plugins
If the XProtect plugin of AMS is used in parallel with plugins of
other distributors, the initialization of the AMS plugin can fail.
5.3 Inflated log files degrade performance
If AMS DIP DOPs (Digital input/output devices) are used in
Milestone XProtect, the debug log file of Milestone can inflate
quickly, causing a degradation of overall system performance.
The Milestone application logs events from plugins. The log files
are located in the following folders, respective to the Milestone
installation folder <Milestone>:
2021-03 | 3.0.1.1 | SM Bosch Security Systems
Access Management System Troubleshooting and limitations | en 11
– <Milestone>\XProtect Event Server\logs\
– <Milestone>\XProtect Management Client\Logs\
– <Milestone>\MIPSDK\
Bosch Security Systems 2021-03 | 3.0.1.1 | SM
12 | Troubleshooting and limitations Access Management System
2021-03 | 3.0.1.1 | SM Bosch Security Systems
Access Management System Troubleshooting and limitations | 13
Bosch Security Systems 2021-03 | 3.0.1.1 | SM
14 | Troubleshooting and limitations Access Management System
2021-03 | 3.0.1.1 | SM Bosch Security Systems
Bosch Security Systems B.V.
Torenallee 49
5617 BA Eindhoven
Netherlands
www.boschsecurity.com
© Bosch Security Systems B.V., 2021
202103261130
Loading...