Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

In this settings section the administrator specifies the default settings for newly created various settings affecting users, specifically:

Default

...

settings for new users

Newly created user’s account will have the following default settings:

User permissions

Default permissions, that will be granted to newly created users. For descriptions of the permissions, see User permissions.

Disable inactive users

Sets the automatic inactive user account disable function. The action is performed once a day. Disabling an account means revoking user’s login permission. The administrator can enable the user’s account again by granting him the login permission back. But if such user will not log in and therefore will stay inactive, his account will likely be automatically locked again.

Automatically disable inactive users

One of the following options can be set:

  • Off - the function is off, no accounts are automatically disabled

  • Local - only local accounts (created manually inside the application) are automatically disabled

  • Remote - only remote accounts (created automatically after login using an account from AD or ADFS) are automatically disabled

  • All - all accounts are automatically disabled after the inactivity period (set below)

(default: Off)

Inactivity period before account is disabled

The number of days, after which a user account is considered inactive and will have login permission revoked.

(1-36500, default: 180)

Simulation

The SIMULATION button allows for a dry run of the operation without executing the actual action, displaying a preview of the list of accounts that would be affected by the actual execution of the operation.

Below the list displayed in the simulation, there is also a button available that allows for the immediate execution of the actual action, thus locking the accounts mentioned.

Delete inactive users

Sets the automatic inactive user account delete function. The action is performed once a day. Deleted accounts cannot be restored, but can be created as new again.

Automatic users deletion

One of the following options can be set:

  • Off - the function is off, no accounts are automatically deleted

  • Local - only local accounts (created manually inside the application) are automatically deleted

  • Remote - only remote accounts (created automatically after login using an account from AD or ADFS) are automatically deleted

  • All - all accounts are automatically deleted after the inactivity period (set below)

(default: Off)

Inactivity period before account is deleted

The number of days, after which a user account is considered inactive and will be deleted.

(1-36500, default: 365)

Simulation

The SIMULATION button allows for a dry run of the operation without executing the actual action, displaying a preview of the list of accounts that would be affected by the actual execution of the operation.

Below the list displayed in the simulation, there is also a button available that allows for the immediate execution of the actual action, thus deleting the accounts mentioned.

Multifactor authentication

Require multifactor authentication for local users

Turn on if you want a multifactor authentication to be mandatory for local users. Users without a multi-factor authentication will be forced to activate it after logging in.

(default: disabled)

Require multifactor authentication for AD users

Turn on if you want a multifactor authentication to be mandatory for Active Directory users. Users without a multi-factor authentication will be forced to activate it after logging in.

(default: disabled)

Require multifactor authentication for ADFS users

Turn on if you want a multifactor authentication to be mandatory for ADFS users. Users without a multi-factor authentication will be forced to activate it after logging in.

(default: disabled)

User restrictions by IP ranges

User IP address ranges

Ranges of IP addresses (comma separated) from which registered users access the application. To the common ranges defined here are further added the individual ranges defined for each user. Restrictions on user behavior can be then applied according to these ranges, see below.

(default: empty)

Restrict users login

If enabled, users will be allowed to log in only from the specified IP address ranges.

(default: disabled)

Restrict anonymous package uploads

If enabled, it will be forbidden to send a package without login (anonymously) from the the specified IP address ranges.

(default: disabled)

Access detailed results of file checks

Logged in users

Specifies whether logged-in registered users have access to detailed file check results, including sandbox reports. (just like the administrator)

In the case when "only selected" is set, the permission of each user comes into account.

(default: NO)

Anonymous users

Specifies whether anonymous users have access to detailed file check results, including sandbox reports. (just like the administrator)

(default: disabled)