Version 2021

Integrating Paxton Net2 with MicroStrategy Identity

You can let users unlock physical resources, such as locked doors or offices, using the MicroStrategy Badge app on their smartphone. To provide access to locations that are secured with Paxton Net2, you integrate your Net2 system with MicroStrategy Identity.

You integrate Paxton Net2 through a Windows-based web service that communicates to the Net2 physical access control system server remotely. The web service that performs this role is called the adapter.

MicroStrategy Identity Server will update ID and credential records in the Paxton Net2 PAC system automatically. This ensures that all directories stay synchronized and credentials managed by MicroStrategy Identity are accepted by the Paxton Net2 PAC system for physical access.

Follow the steps below to integrate your Paxton Net2 system with MicroStrategy Identity. You can also secure the adapter by completing an optional step that ensures only MicroStrategy Identity Server communicates with the adapter. This process is included in the steps below.

When Paxton Net2 successfully connects to MicroStrategy Identity, each physical access point secured by Net2 is loaded into the Identity Server as a digital key. To control which users have permission to unlock each physical access point, you must manage user permissions in Paxton Net2. In MicroStrategy Identity, you can customize how keys are displayed to users in their MicroStrategy Identity app. For examples and steps to customize keys, see Managing Physical Access Keys.

After the Identity adapter for Paxton is installed, you can check that it is installed correctly, optimize it, verify that it is running, refresh the cache of users and permission information, and view logs. For steps, see the following:

  • To create the Paxton Net2 adapter, the server that hosts the adapter must meet the following requirements:
    • Windows Server 2008 R2 operating system or later (64-bit).
    • Microsoft Internet Information Services (IIS) version 7.0 or later.
    • Microsoft .NET Framework version 4.0 (64-bit) or later.
    • Paxton Net2 server 4.4 or later is installed and is licensed and configured for remote connection.
    • If the server hosting your Paxton Net2 adapter has Microsoft Windows Server 2012 and Microsoft IIS 8.5 or later, enable the HTTP Activation feature for Windows Communication Foundation (WCF) so the adapter operates properly with MicroStrategy Identity.
      Select the following features in Microsoft Server Manager for IIS:
      • .NET Framework 4.5 Features
      • WCF Services
      • HTTP Activation
      For detailed steps, see Microsoft's documentation.
  • You must create a MySQL 5.5 database space with a 64-bit ANSI system DSN pointing to it. The MySQL database is used by the adapter to log adapter activity and errors.
  • Gather the following information:
    • The name of the machine hosting Paxton Net2, and the port number used to access it.
    • A user account that has associated administrator access to the Paxton Net2 server. This account is used to create parallel connections between the Paxton Net2 server and the Paxton adapter, to improve performance.
    • The user mapping key field that will be used to look up identified Net2 users. This field can be email, employee ID, or Social Security number. The field must hold a value that is unique for each person.

      The Identity Gateway adapter for the Paxton Net2 supports email addresses of any case (upper-case, lower-case, mixed-case). This enhancement eliminates identity record mapping errors when ingesting or synchronizing from the Paxton PACS.

    • Connection information to the MySQL database space that you created for the adapter log.
  • If users were added to your Identity Network by entering their information manually or by importing a comma-separated values (CSV) file, you must meet the following requirements:
    • You have a MicroStrategy Cloud implementation.
    • The field in your Paxton Net2 sytem that is used to look up identified Paxton Net2 users must correspond to a field in the user's Identity profile. For steps to add users to your network and provide information for Identity user profile fields, see Adding Users Manually or Adding Users from a CSV File.

To Enable Physical Access with MicroStrategy Identity to Locations Secured by Paxton Net2

  1. To create an Identity adapter for Paxton, contact MicroStrategy at support@microstrategy.com and request the Identity Adapter for Paxton.
    To secure the adapter (optional), inform the support personnel that you want to create a certificate for MicroStrategy Identity Server.
    MicroStrategy sends you the installation files for the Identity Adapter for Paxton.
  2. On the machine that you want to host the adapter on, unzip the Identity Adapter for Paxton .zip file. The file contains a SQL script that you run to create the adapter log database and the installation file for the adapter.
  3. Use a MySQL client to connect to the MySQL database space you prepared, as described in the Integrating Paxton Net2 with MicroStrategy Identity, and execute the Paxton_log.sql script file that is included in the .zip file.
  4. To install the adapter, on the machine hosting the Paxton Net2 adapter, open and run the UsherAdapterPaxton.msi installation file:
    1. Review the information on the Welcome screen, then click Next.
    2. In the Net2Server field, type the name or IP address of the machine hosting Paxton Net2, as described in the Integrating Paxton Net2 with MicroStrategy Identity.
    3. In the Net2Port field, type the port number to use to connect to Paxton Net2, as described in the Integrating Paxton Net2 with MicroStrategy Identity.
    4. In the Net2User and Net2Password fields, type the user account name and password for a user that has associated administrator access to the Paxton Net2 server, as described in the Integrating Paxton Net2 with MicroStrategy Identity.
    5. In the LogDB DSN field, type in the DSN of the MySQL database you prepared for the log, as described in the Integrating Paxton Net2 with MicroStrategy Identity.
    6. In the User Mapping Key field, type the field to use to look up identified Net2 users. This field can be employee ID, email, or similar, as described in the Integrating Paxton Net2 with MicroStrategy Identity.
    7. Click Next.
    8. In the Database server that you are installing to field, type the IP address of the server running the MySQL database. Alternatively, to locate the server, click Browse. From the list of available servers, select the one hosting the MySQL database space, then click OK.
    9. If you are using a port number other than 3306, after the IP address, type a comma and then the port number, with no spaces. For example, 10.11.12.13,3308.
    10. Select the Server authentication using the Login ID and password below option, then type the Login ID and Password used to connect to the MySQL database.
    11. In the Name of the database catalog field, type Paxton_log.
    12. Click Next.
    13. Click Install. The adapter is installed. Click Finish to close the wizard.
  5. Log into MicroStrategy Identity Manager:
    1. Navigate to the Identity Manager home page.
    2. On your smartphone, open the MicroStrategy Badge app and scan the displayed QR code.
  6. Click Physical Gateways.
  7. Under Building Access, click the Paxton icon Paxton icon. The Configure Paxton Physical Access System page opens.
  8. Click Next.
  9. Enter the following information:
    • Configuration Name (required): A descriptive name for this connection to the Paxton Net2 system. This is the name that you see in MicroStrategy Identity Manager.
    • Adapter Server URL (required): URL of the Paxton Net2 adapter server, such as http://IPaddress:port, http://hostname:port, or https://hostname:port.
    • Adapter Service Path (required): Path of the Paxton Net2 adapter.
    • User ID Mapping (required): The field to use to look up identified Paxton Net2 users.
      If the users in your network are added manually or by importing a comma-separated values (CSV) file, type the Identity profile field that contains information used to look up identified Paxton Net2 users, as described in the Integrating Paxton Net2 with MicroStrategy Identity. Select from the following fields:
      • If Paxton Net2 users are identified by their first name, type first_name.
      • If Paxton Net2 users are identified by their last name, type last_name.
      • If Paxton Net2 users are identified by their email address, type email.
      • If Paxton Net2 users are identified by their title, type title.
      • If Paxton Net2 users are identified by an alternate value that you provided when you added users to your Identity Network, type user_name.
    • SSL Bypass: By default, communication is encrypted with secure sockets layer (SSL). To use plain, unencrypted communication between the adapter and Identity, type true. MicroStrategy recommends that you leave this as the default; do not bypass SSL unless you are testing.
  10. Click Refresh. When Identity successfully connects to the adapter, a green check mark is displayed.
  11. Click Next. The keys in your Paxton Net2 system are loaded into Identity.
  12. To secure the adapter (optional), upload the certificate that MicroStrategy support personnel set up for you. If you do not have a certificate, contact MicroStrategy at support@microstrategy.com to create a certificate for MicroStrategy Identity Server.

You can now customize how keys are displayed to users in their MicroStrategy Badge app. For steps, see Managing physical access keys.

Related Topics

Verifying that the Paxton Adapter Installation is Correct

Creating a MicroStrategy Identity Network and Issuing an Administrator Badge

Distributing Badges to Users in Your MicroStrategy Identity Network

Categorizing MicroStrategy Badge Resources