The integration between Access It! Universal and pivCLASS utilizes a XML file to transform the data from the smart card to the Access It! Universal database. Depending on system use, the XML file may need to be manually adjusted. It is recommended a backup of the XML file be performed prior to making any adjustments. Any changes made in the XML file will require the pivCLASS PACS service to be restarted to take effect.
The template.xml file may need to be modified depending on the cards used in the system. Below are configurations required for a 75 bit PIV card, as well as a 128 bit PIV-I card.
75 bit PIV Card
Stored in the 75 bit PIV Card is a FASC-N (Federal Agency Smart Credential Number) that is composed of the following.
It is recommended the template.xml file be configured so the combination of Agency Code, System Code, Credential number is stored as the card number in the Access It! Universal database. To accomplish this, the following code must be used within the Card.Cardnumber section of the template.xml file.
Access It! Universal will need to be configured to use this custom created 75 bit format as outlined here: 75 Bit Wiegand pivCLASS Card Format.
128 bit PIV-I Card
Stored in the 128bit PIV-I Card is a 128bit GUID (Globally Unique Identifier). This GUID is unique to all PIV-I cards. Mercury-Security and RS2 Technologies introduced a feature in Access It! Universal 4.0.25 that allows for a cardholder to map a GUID to a randomly generated card number. To accomplish this, the following code must be used within the Card.Cardnumber section of the template.xml file.
The default template.xml distributed with pivCLASS 1.2.266.0 already contains the code required to support the 128 bit GUID
The following code must be used within the Card.LargeEncodedID section:
Modifying the site name, (if applicable):
The template.xml file is pre-configured by default to insert the cardholder into the default site "Main". If this site has been renamed, the following section must be modified with the name of an existing site - (replace "Main" with name of site)
<!-- Cardholder.SiteName -->
<!-- Site name assigned to the given cardholder.
This must be updated to match the site name available in your system
The template.xml file will need to be required in order to automatically assign Access Levels to a card when imported. The pivCLASS integration can assign Access Levels by prompting the user to select an Access Level while importing, or forcing the pivCLASS integration to assign a static Access Level.
Dynamically Provide List Of Access Levels To Assign
In order for pivCLASS to provide a list of Access Levels, a Data Import must be performed within the PACS Service Administration
The template.xml will need this portion of code to un-commented out within the AccessLevel field.
Static Access Level
To assign a static AccessLevel, the PACSRecordID needs to be obtained for the Access Level. This ID can be obtained by querying the AccessRights table within the pivCLASS SQL database.