Trading Networks 10.3 | Administering and Monitoring B2B Transactions | Managing File Transfers with ActiveTransfer | Administering ActiveTransfer with Command Central | Managing Users, Groups, Roles, and Templates | Users, Roles, and Groups | Configuring Advanced Settings for Users, Roles, and Groups
 
Configuring Advanced Settings for Users, Roles, and Groups
Once associated with ActiveTransfer, you can configure advanced settings for users, roles, and groups.
*To configure advanced settings
1. On the navigation pane, select Users > Users, Roles,or Groups.
2. In the Users, Roles, or Groups page, click on the user, role, or group for which you want to configure additional settings.
3. If you want to change the user's password, click Change Password.
Note:
This step is not applicable for roles and groups.
a. In the Change password dialog box, do one of the following:
*Select Generate random password if you want ActiveTransfer to create a password.
*Select Create new password if you want to create a specific password.
Select Would you like to inform the changed password to user? to inform the user about the password change, and click Ok.
b. Under Basic, you can update the user's First name, Last name, Email address, and the default Template associated with the user.
4. You can specify the following details:
Field
Description
Basic
Distinguished name
Displays the uniquely identified user, role, or group in LDAP or in the Directory Service. For example, uid=john,ou=people,o=system,o=mws.
Disable login
Select this option if you want to disable a user’s ID and prevent the user from logging on to the server. The same applies to roles and groups.
Associated partner
No partner
Select this option if you do not want to associate the user, role, or group with either a partner or your enterprise.
Enterprise
Select this option if you want to associate the user, role, or group with your enterprise.
Partner
Select this option if you want to associate the user, role, or group with a partner and then select a partner from the list.
Note:
Trading Networks partners are available only if Trading Networks is installed either on the local or remote machine and if the mft.partners.useTNPartners property is set to true. If mft.partners.useTNPartners is set to false, then you must create partners in ActiveTransfer manually.
Upload preferences
Maximum speed (Kb/sec)
Type the maximum permissible speed in kilobytes per second for an upload operation.
Maximum individual file size (MB)
Type the maximum permissible size in megabytes for an uploaded file.
Maximum amount per session (MB)
Type the maximum amount of data in megabytes that can be uploaded per session.
Maximum amount per day (MB)
Type the maximum amount of data in megabytes that can be uploaded per day.
Maximum Amount per month (MB)
Type the maximum amount of data in megabytes that can be uploaded per month.
Download preferences
Maximum speed (Kb/sec)
Type the maximum permissible speed in kilobytes per second for n download operation.
Maximum amount per session (MB)
Type the maximum amount of data in megabytes that can be downloaded per session.
Maximum amount per day (MB)
Type the maximum amount of data in megabytes that can be downloaded per day.
Maximum amount per month (MB)
Type the maximum amount of data in megabytes that can be downloaded per month.
Active time window
Do one of the following:
*If you want to restrict access to particular days of a week, then under Days, select the required days you want the server to be available to the user.
*If you want to restrict access to particular time slots, then under Time selector, click . Select the From Time and To Time from the lists, respectively.
File name filters
Patterns
Click to add one or more patterns to restrict actions to particular files, and specify the following details:
*Command: Select a command ( List, Download, Upload or Rename) from the list.
*Filter type: Select a filter type (Starts with, Ends with, or Contains) from the list.
*File name: Type a portion of the file name that the Filter type criterion should evaluate (for example, “exe”).
Note:
Any characters except wildcard characters and regular expressions are permitted. ActiveTransfer Server treats those characters as part of the file name.
Block paths matching these patterns
Click to restrict a user's access to specific folders in the file system, and specify the following details:
*Pattern and Actions: Type the folder path you want to block.
Tip:
You can use simple pattern matching by preceding the pattern with the tilde (~) character. For example, to deny user access to the folder /system/bin, you must type: ~/system/bin/*
Authentication and login
Maximum simultaneous logins
Type the maximum number of simultaneous logins allowed for the same user.
Require public key and password
Select this option if you want ActiveTransfer Server to require the user to provide a public key and password.
Maximum login time per session (min)
Type the maximum number of minutes a user can remain logged in per session.
Maximum idle time per session (min)
Type the maximum number of minutes a user session can remain idle.
Paths to trusted public SSH key files
Click and specify the trusted public SSH key files for authentication and type the path to a public key. For example, /usr/var/keys/key_1.
Connection
Connection protocols
Select the protocols for which you want to allow connections for from the list.
Default character encoding
Select the appropriate default character encoding from the list. The default is UTF-8.
IP restrictions
Click to add one or more IP addresses for which ActiveTransfer Server can accept or deny connection requests and specify the following details:
*Select Allow or Deny from the list.
*Type the IP address range in the From and To text boxes.
File-based encryption
Public PGP key location
Type or browse to the file path of the public PGP key. For example, C:\keylocation\simple.key on Windows and /usr/keylocation/enterprise.key on UNIX.
Note:
You can use the wm.mft.security.pgp:generatePGPKeyFiles service to generate an OpenPGP key pair. For details, see webMethods ActiveTransfer Built-In Services Reference.
File-based decryption
Private PGP key location
Type or browse to the file path of the private PGP key. For example, C:\keylocation\simple.key on Windows and /usr/keylocation/enterprise.key on UNIX.
Private PGP key password
Type the password for the private PGP key.
Note:
You can use the wm.mft.security.pgp:generatePGPKeyFiles service to generate an OpenPGP key pair. For details, see webMethods ActiveTransfer Built-In Services Reference.
Active tunnels
Tunnels
Select the tunnel that you want to associate with this user, role, or group from the list of available tunnels on the Acceleration page.
Note:
You must only map one tunnel to a user. If you map more than one tunnel to a user, ActiveTransfer Server ignores all but the first tunnel you mapped.
5. Click Save or Save & Close.
The user, role, or group is updated with the additional settings.