Restricting other terminals to enter Admin PIN

Hello, so I have a restaurant that has 8 other computers other than the original server and cashier pc. I want to prohibit other terminals that are not server or cashier pc from entering the admin pin even if they know the pin. I couldn’t find anything in the settings and I am lacking skills to do an automation. Could you please help?

This should work.

Check to see if you have this actions (they may be named different, look at the images below for what they should like):

  • Show Message
  • Logout User

If you do not have these, then you will need to create them:

Then create a new rule with these constraint’s:

Role Name Equals Admin (If you are using a different name, look under Manage → Users → Role List for the name of the admin(s).)
{:CURRENTTERMINAL} Not Equals <name of your server terminal>
{:CURRENTTERMINAL} Not Equals <name of your cashier terminal>

Then add the 2 actions to the rule. In the Show Message, you can put what ever you like to inform the admin user to let them know they can not log into that terminal.

If you are unsure about the exactly what to enter, post a screen shot of the Role List and the Terminals list. You can create the rule below, BUT I HIGHLY RECOMMEND TO UNMAP THE RULE FIRST. It should look like this:

This is essentially turning the rule off. I do not what a situation where you can not access the manage section.

What will happen is the Admin login but a popup message will appear informing them they can not login. When they click the OK button, it will auto log them out.


Thank you but I also want them to sign in with their password. Just not with Admin password. They have their own pins they need to log in with.

If a user has 2 pins (1 admin and 1 non-admin) this will work. It will allow any non-admin to login. In the rule the Role Name is equal to Admin (any Admin user).

Maybe setting up a new user role would be the better solution.

What is the reason you do not want admin to login on the other terminals?

Ok, I managed to do that the way you showed it’s just me seeing it wrongly. Sorry for disturbing thank you so much!

In the event the 2 terminals are not accessible, it maybe a good idea to create a private (sudo) admin. That way it would be possible to turn the rule off to be able to access Samba’s back end from any terminal. This new role/user should be used by you and/or a trusted employee.

Create a new role called Private Admin
Put anything in the Department.
DO NOT CHECK the Admin box.
In the Management Permissions tab, put this: Automation.Rules

Create a new limited Admin:

When this user logs in (from any terminal) and goes into the management tab, they/you will only see Automation → Rules. From here you can turn off (un-map the above rule) or delete the rule. This will give all Admins access to all terminals.