From Pumping Station: One Wiki
Jump to: navigation, search

This page describes a version of the RFID system based on the UHPPOTE Professional Wiegand TCP IP Network Access Control Board a 125kHz system that should be compatible with transponders from the BeagleBone Black based system RFID

A diagram of the system overview is available.


  • System stores all data locally to the door controller, only requires power for door access.
  • System integrates with out member management system (Wild Apricot), RFID fobs are enabled and disabled based on member status.
  • Super-user passwords can be used as a generic code (moving to only RFID entry Oct '19).
  • Allows multi-door access via RFID.
  • Systems can be retrofitted/extended for machine control, cabinet access.

System Description

  • all production software is on a VM in our server closet and documented on the official PS1 Github
  • [membership.pumpingstationone.org The member management system], Wild Apricot, user has RFID fob entered into user profile. Can be by admin or self service, seperate multiple tags by a comma
  • WA2AD goes down the list of all members in WA and does an active directory lookup to see if the member exists and verifies members status. If the user doesn't exist an AD user is created. It runs on our active directory controller (DC01), via Windows task scheduler every 5 mins. Ron uses a tool called "active directory explorer" to see all groups in users in AD.
  • WA2AD handles computer authorization - it looks up the string associated with the "computer authorizations" checkbox in WA and puts the user in an AD groups that enables the user to log into the computer associated with that piece of equipment.
  • Active directory stores member status with the userAccountControl field - if a members is inactive their RFID fob and all computer logins are disabled.
  • AD2RFID is a program that runs as a cron job everty 15 min on Glue, a centOS linux box. It only adds users to the board when they are new and explicitly diables them on the board when they are inactive members. It replaces all members every time it runs.
  • AD2RFID does the Weigand conversion to the fob number to store on the controller board, which is what is compared to what the RFID readers at the door send to the control board.
  • The IP address of the board is effectively static and is assigned via MAC address.
  • The board occasionally hangs and AD2RFID times out after 1 minute of not receiving a reply from the board and waits for the next scheduled job to try again.
  • Glue and the domain controller must be running for the data transfer process from WA to the board to work correctly.


  • All RFID fob numbers must start with 00 - sometimes the reader reports numbers incorrectly - the number on the fob will be be the number in the RFID field in WA.
  • Make sure the member has an active account
  • Make sure the tags in RFID field are separated by a comma. All RFID tags are stored in otherPager field (which contains an array of numbers) in AD.

What's next

  • A USB reader that allows people to determine the RFID tag they have and so they can input that into their user account. A small USB module is by the HP computer that will read the fob ID number. Sam C. has done some research and figured out how to derive the RFID number from the fob ID.
  • Hook in the doorbell that identifies the doors individually. A small MP3 board will be connected to the RFID reader control and play a unique sound for each door over some PA speakers.
  • Write instructions so that members can add their fobs to the RFID system as it is now.
  • Writing a cron job to sync PS1Auth data (that members can add their RFID) to the RFID2 SQL database the door reader uses.
  • Create an Auto-it script that presses the upload button in the control software to send info from the SQL database to the controller.


A wifi enabled microcontroller with an RFID reader makes a webservice call to Glue. Dev2AD is running on Glue and receives the call. DEV2AD validates that the tag is associated with the authorization for that tool. Currently the theory would be that DEV2AD would look at the AD group for a particular piece of equipment, grab the list of all users in that group, and search for a matching tag - if a tag matches then an activity will be initiated.


Status Persons Task
TBD Andrew Wingate, Andrew Vaughan Develop software for RFID client / hardware controller
TBD Andrew Vaughan Develop middleware application for RFID clients to communicate with
TBD Andrew Vaughan Develop application for managing RFID from LDAP applications
In Progress Andrew Wingate Developing initial schematic and prototype for RFID client / hardware controller
In Progress Andrew Camardella Sourcing of bulk components to build RFID client / hardware controller
In Progress Andrew Camardella Development of case for holding RFID client / hardware controller
In Progress Andrew Vaughan Develop Python module for interacting with UHPPOTE door-strike RFID boards
Complete Sam Chen Reverse engineer RFID keys to convert printed serial number to RFID code.
Complete Andrew Camardella Implement UHPPOTE control board for door strikes

Professional Door Control Management Software Notes

  • The software can be setup to use just the RFID card swipe, a swipe plus a pin (swipe + PIN + #), and typed tag number plus pin (* + tag_number + * + PIN + #)(the PIN an be left blank).
  • Individual account must be allowed "Access Control" in the software to turn system use on an off - this can be used to control when memberships end.
  • Accounts can have doors added and subtracted from each user's profile (this could also be used to control machine access and or cabinet/tool access)
  • All account parameters are manageable through the SQL database
  • When parameters are changed in the database they must be pushed to the controllers. The downside is that apparently this an only happen via the "upload" button in the software. Auto-it has been recommended as a tool to automate this process.


  • Sourcing for electronics in bulk is being done by @rtystgeek
  • The case and composure are being developed by @
  • Python module for communicating with LDAP and UHPPOTE door controls being developed by @Andrewvaughan


  • Python applicaton
  • Python application to manage power control to hardware to be developed by

RFID Reader

The RFID reader is TYPE and is plugged directly into the control board.

This is the wiring scheme that comes directly out of the reader. The wires that come out of the wall are listed below.

  • Red - +12v DC
  • Black - GND
  • White - D1 / TX
  • Green - D0 / RX
  • Blue - LED
  • Yellow - Beep (not connected)
  • Gray - Weigand 26/34 protocol (not connected)
  • Orange - Doorbell switch
  • Brown - Doorbell switch


There are 2 wiring buses in parallel to make the doorbell/doorstrike/data transfer work. They connect to 2 terminal blocks at each doorway. Everything currently runs on 12v.

Brown 8 conductor wire

This wire supports the doorbell button, strike actuation, and ring.

  • Red - +12v DC
  • Black - GND
  • White -
  • Green -
  • Blue -
  • Yellow -
  • Orange - Back door strike
  • Brown - Front door strike

Grey CAT3 6-pair wire

This wire supports the RFID reader wires directly. Note that the twisted pairs are different than normal.

The Cat 3 was used to extend the short RFID wire and below is how the wires map. Note: the Grey and Yellow wires from the RFID reader are not connected to the Cat 3 and terminate in the tube that passes the cable through the wall.

  • Red and Blue striped pair - Red - +12v DC
  • White/Grey and Grey pair - Black - GND
  • White/Green and White/Blue pair - White - D1 / TX
  • Green - Green - D0 / RX
  • Blue - Blue - LED
  • White/Orange and Orange pair - Doorbell switch
  • White/Brown and Brown pair - Doorbell switch

RFID Manual Code Conversion Instructions

  1. Scan number on the RFID reader attached to the computer upstairs next to the water cooler. (123456)
  2. Convert scanned number to binary (1 1110 0010 0100 0000)
  3. Pad with leading 0s on the left to get 24 bits total (0000 0001 1110 0010 0100 0000)
  4. Convert first 8 bits to decimal (1)
  5. Convert last 16 bits to decimal (57920)
  6. Concatenate results of steps 4. and 5. to get key number, enter this into the software (157920)

(If you need to manually enter code in door pad, add 0s to the left until 4. is three digits long (00157920), and wrap with *s (*00157920*))

Other Systems to look into