Macula Console Login

All server configuration is conducted through a dedicated interface - the Macula Console management application. The management interface has been intentionally separated from the Macula Monitor application in order to concentrate all administrative utilities in one place and also to conceal the unnecessary menus from the Macula Monitor operator. Applications are totally independent from each other and can be or not be installed on the same machine. Macula Console for a single installation management can be installed on one or more computers, depending on the system administrator's needs.

It is implied that Macula Enterprise installations are handled through the central server by logging into the target central server locally or remotely via Macula Console. Recording servers can be also reached via Macula Console but it is not possible to change their settings directly.

Run Macula Console application by double-clicking the Macula Console shortcut from the desktop or Start menu.

To log in, simply enter your Macula Global server's local or remote address (IP or host name), TCP port and user information. If you have logged into different servers from this Macula Console instance in the past, the Macula Console login dialog box will have a drop-down list in the Server field.

If your server has default TCP port configured (which is 60554), you do not need to specify it when connecting: simply type the IP or hostname of the server to connect to. However, if the server TCP port has been altered, you need to specify the port explicitly, making the connection address look as follows:

• <address>:<port>, e.g., 192.168.1.77:60555 or localhost:60887

Server TCP port can be changed via Macula Server Setup Wizard.

Note that, if you already have pre-configured user accounts, the user must have corresponding permissions in order to connect.

Macula Console can be launched multiple times if you need to control multiple different servers simultaneously, e.g., if you need to configure Macula Global and check Macula Recording Server configuration directly at the same time. In general, you only need to connect to your Macula Global server machine directly once for all configuration routines. Direct Macula Recording Server login is usually required for monitoring and audit purposes.

First-Time Login

When logging in for the first time, use the default combination of user name and password: admin/[empty]. You will be asked to change the password to a more secure one immediately afterwards.

The default username and password for the new installation is admin/[empty].

If you are refused a connection, make sure that the server is running and accessible over the network. (For more detailed information about what to do, please refer to the Troubleshooting section of this document: it is constantly updated with most common cases).

After logging in for the first time with default username and password, you will be reminded to change your password. For security reasons, we strongly recommend that you do so at once.

You will be given the option to change the password using an additional dialog box. To change the password, enter your old password (initial, default password is empty so just leave the field empty), then enter your new administrative password for the current server, enter it for the second time to confirm, then click OK to save.

The new password must comply with server policies, by default these are: minimum 8 characters total length, including at least 2 lowercase and 2 uppercase letters.

After you are done with password update, you will be given the opportunity to fill in the initial server settings using the quick Setup Wizard. We recommend that for optimum first-time configuration you follow the steps in the wizard.

Two-Factor Authentication Login

Starting from the version 1.21, Macula supports 2FA for Macula Console. You can use it to log into the Macula Global system and or individual Macula Recording Server servers.

This application supports two-factor authentication as an additional security measure for the user login. It does not eliminate the necessity to enter the user password; instead, it serves as an additional security layer.

If the target server has two-factor authentication (2FA) policy enabled, you will be asked to confirm your identity by requesting and entering a code. Depending on the server configuration, the code may be requested by email or by SMS.

2FA is configured by your Macula server administrator, so if you have any issues with requesting, receiving, or entering the code, contact the person who maintains the target Macula server. Provide the server administrator with your valid email and full phone number.

The 2FA settings affect all users and all clients by default; the system administrator can set up exceptions for localhost connections and also for individual users.

The login procedure with 2FA is as follows:

• an additional dialog box pops up upon the server connection attempt

• choose one of the provided verification methods and click Request code

• in the next dialog, you will see a session ID and an empty box

• check your email or phone (or other provided verification source) for an email with the same session ID (for example, marked as #6708 here) and copy the code from the message body (1234 here)

• click Submit code: if everything is OK, you will be logged in

OAuth Login (External Authentication)

It is possible to log in using third-party authentication providers - - instead of internal account verification. The choice depends on the configured list of providers.

In Macula Console, first switch to advanced mode, and then choose OAuth 2.0.

Click Connect: A Web browser window will open automatically. Enter the user credentials. If the authorization was successful, you will get the corresponding response: now, you can return to Macula Console.

• if there are multiple providers, you will have to choose one, and then proceed;

• if there is only one authentication provider, there will be no dialog box with the choice.

For Microsoft accounts: you may be asked to verify Macula because it is an unverified application as it is not published by Microsoft. Click Accept to proceed: you should get a success message immediately afterwards.

Return to Macula Console and then, if asked, proceed with entering the token from Macula Console. It is only necessary to enter the token when activating the user account, i.e., using the external authentication for the first time.

Click OK. If the token is correct, the user will be logged into Macula server.

You only need to enter the token once, to activate the user account. The next time you log in, there will be no need to enter the token.