Support Home

Creating user accounts (Back to top)

To create a new user on a host:

1. From the menu, select Hosts > Users. The Users page opens.

2. Click Create. The Create User page opens.

3. Enter the appropriate information for each of the fields.

§     Username. Enter the username for this user. The username is provided to authenticate with the server.

§     Password. Enter a password for this user.

§     Confirm password. Re-enter the password for this user.

§     SSH user key. SSH user host keys are one of the methods used by SSH listeners to authenticate users. Click Select to select, import or create an SSH user host key. To clear the selected key, click         Clear. 

§     Full name. Enter the full name of the user if desired.

§     Email address. Enter a valid email address for this user. This email address can be referenced in notifications by using the notification variable: %emailaddress

§     User type. Select a user type.  

§     Regular. Select this option to make this user a regular user.

§     Anonymous. Select this option to designate this user as an anonymous user.

§     Host administrator. Select this option to grant this user host administrator privileges. Host administrators have full permissions to all folders on the host and can manage the host through the File Watchdogs Web Admin.

§     Disable login. Select this option to disable this user account.  If this option is selected, this user cannot log in to the server.

§     User can change password. Select this option to allow this user to change his or her password.

§     User must change password at next logon. Select this option to force the user to change his or her password the next time he logs in to the FTP server or the SSH server. This option is disabled by default. This option is available only if User can change password is enabled.

For the FTP Server:

When the user attempts to log in from the client, the FTP server returns:

560 Password expired, use 'pass oldpassword newpassword'

The user must then log in and, in the Password box, enter the old password and the new password, separated by a space: 'oldpassword newpassword'

The password is reset to the new password.

For the SSH Server:

The SSH Server issues an SSH_MSG_USERAUTH_PASSWD_CHANGEREQ packet to the client. In response to this message, the client should prompt the user for the new password.

In either case (FTP or SSH), the server ensures that the new password meets criteria for any password rules for the host. If the password is accepted, the server resets the User must change password at next logon option.

§     Require user to change password every x number of days. When this option is selected, users are required to change their password at least once during the time frame specified. If a user fails to change his password during the allotted time, he cannot authenticate to the server. If this option is selected, the number of days remaining before this user must change his password is listed below this field. This option is available only if User can change password is enabled.

§     Home folder. Select whether you want this user's home folder to be created in the default location or a custom location.  If you select Custom, enter the full path to the folder or click Browse to locate it.

§     Lock user to home folder. Select this option to prevent this user from navigating outside their home folder.

§     Show home folder as root. This option can be used only if Lock user to home folder is selected. If this option is selected, the user's home folder will be displayed to the user as the root of the FTP directory's path. (For instance, if the user chooses the following directory: /Users/ThisUsersHome/OneOfMyFolders, if this option is selected, the user will only see /OneOfMyFolders.)

§     Account creation date. Today's date is displayed.

§     Account expiration option. This option is used to specify when and how a user account should expire.

§     Never expire. Select this option if you do not want the user account to expire.

§     Expire on the expiration date. This option expires the account on the specified date.

§     Expire account on. If you have selected Expire on the expiration date, a date field appears here. Using the calendar (), select the date after which you want this account to expire.

4. Click Save.

 

Setting users' home folders (Back to top)

Users have full permissions to their home folders. Even if users do not log in to their home folders, you can specify a home folder for the user.

To set a user's home folder:

1. From the top menu, select Host > Users. The Users page opens.

2. In the list of users, select a user by clicking on the linked Username. The Edit User page opens.

3. In Home folder, enter the full path to a user's home folder (relative from the file server root) or click Browse to locate one.

4. Click Save.

 

Configuring user settings (Back to top)

To select user settings:

1.     From the top menu, select Host > Host Details. The Host Details page opens.

2.     Set the appropriate options.

§         Login location. Select the folder that should be displayed to users after successfully logging in.

§         Home folder. Users are shown their home folder after successfully logging in.

§         Root folder. Users are shown the root folder after successfully logging in.

§         Home folder. Enter the path of the user's home folder.

§         Auto-create users' home folders (selected by default). If selected, user folders are automatically created when a new user is added to this host.

§         List all folders in /users folder. If selected, all users can view all folders in the /users folder. If cleared, all folders except the user's home folder are hidden.

§         Grant full home folder permissions when creating user (selected by default). When selected, new users are granted full permissions to their user home folders when they are created.

3.     Click Save.

 

Renaming a user account (Back to top)

To rename a user:

1. From the home page, select Hosts. The Hosts page opens.

2. Click the Host name of the host you want to open. The Host Settings page opens.

3. From the left navigation menu on the left, select Users. The Users page opens.

4. In the list of users, select a user by clicking on the linked Username. The Edit User page opens.

5. In Username, enter new name for the user.  

6. Click Save.

 

Deleting user accounts (Back to top)

When you delete a user, the user is removed from all groups and rules, and you can optionally choose to delete the files and folders in the user's home folder.

To delete a user from the current host:

1. From the top menu, select Host > Users. The Users page opens.

2. Select the checkbox next to the name of the user you want to delete.

3. Click Delete. The Delete Confirmation page opens.

4. If you want to remove the user's home folder (and all files and folders contained within it), select Delete the home folder and all sub folders for the following user(s).

5. To delete the user, click Delete. The user is deleted from the server.

 

Disabling user accounts (Back to top)

You can disable a user account without deleting the account, so that the account can be easily re-enabled without creating a new account for the user.

To disable a user account:

1. From the top menu, select Host > Users. The Users page opens.

2. In the Username list, click the user you want to disable. The Edit User page opens.

3. Click Disable login.

4. Click Save.

Changing user passwords (Back to top)

Host administrators can change the password of any user on their host.

To change a user's password:

1. From the home page, select Hosts. The Hosts page opens.

2. Click the Host name of the host you want to open. The Host Details page opens.

3. From the left navigation menu, select Users. The Users page opens.

4. In the list of users, select a user by clicking on the linked Username. The Edit User page opens.

5. Click Change Password. The Change Password page opens.

6. Enter and confirm a new password for the user, then click Save.

 

Resetting a user's failed login count (Back to top)

If you have failed login rules configured to disable an account after a certain number of failed attempts to authenticate, you may need to reset a user account's failed login count to reactive the account.

To reset a user's failed login count:

1. From the top menu, select Server > Hosts. The Hosts page opens.

2. Select a host from the list by clicking on the hyper linked host name. The Host Details page opens.

3. Select Users from the left navigation menu. The Users page opens.

4. Select a user from the list by clicking on the hyper linked username. The Edit User page opens.

5. Click the Reset button next to Failed login count.

How user groups work (Back to top)

You can create custom user groups for the current host. For example, you may want to create groups for Marketing, Accounting, Product Development, and others so that users only have access to specified files and folders based on the group permissions.

Once you create a user group, you can manage permissions to folders, rules and SITE commands for the entire group as easily as you manage permissions for a single user.

Creating user groups (Back to top)

To create a user group:

1. From the top menu, select Host > User Groups. The User Groups page opens.

2. Select Create. The Create User Group page opens.

3. Set the appropriate options.

§     Name. Enter or modify the name assigned to the user group.

§     Description. Enter or modify the description. This description is for your reference only.

§     Users. This list shows all of the users who are members of this group. To add another user to the group, click Add. To remove a user or users from the group, select the checkbox next to the user's name, then click Remove.

4. Click Save.

Adding Users to a User Group (Back to top)

If you decide you do not want a user to be part of a group, you can remove that user from the group.

To remove a user from a user group:

1. From the top menu, select Host > User Groups. The User Groups page opens.

2. Select the name of the user group you want to edit. The Edit User Group page opens.

3. Select the checkbox next to the name of the user you want to remove from the group, then click Remove. The user is removed from the group.

4. Click Save.

Deleting user groups (Back to top)

You can delete a user group from the current host. When you delete a user group, all permissions assigned to that user group are lost; if a user has permission to a folder by virtue of membership in a user group that is deleted, the user can no longer access that folder.

To delete a user from the current host:

1. From the top menu, select Host > User Groups. The User Groups page opens.

2. Select the checkbox next to the name of the user group you want to delete.

3. Click Delete. The Delete Confirmation page opens.

4. To delete the user group, click Delete. The user group is deleted from the server.

About user home folders (Back to top)

Each user has a designated home folder, which usually resides in the your host's top directory, under /users.

When a user logs in using an FTP client, the client shows the home folder as the current directory, for example: /users/wsansbury

File Watchdogs FTP Server offers several options for setting up the user home folder, setting access, and determining how the home folder is displayed by the FTP client.

Host-level options, which apply to all users on the host, are set on the Host Details page (from the top menu, select Host > Host Details).

User-level options, which apply to an individual user, are set on the Edit Users page (from the top menu, select Host > Users and either select an existing user or create a new user). 

Creating, editing, and deleting folders (Back to top)

For the most part, folder management (adding, deleting, etc.) for the remote (FTP or SSH) file system is done through an FTP client program or through the File Watchdogs Web Transfer Client. You can manage virtual folders and folder permissions for all folders via File Watchdogs FTP Server Manager.

Creating, editing, and deleting virtual folders (Back to top)

Virtual folders are folders that you create in the FTP or SFTP file system that can point to any folder within your host’s physical file system. After you create a virtual folder, you can edit the folder to change most of the settings selected when you created the folder.

To create or edit a virtual folder:

1. From the top menu, select Host > Folders. The Folders page opens.

2. Click Create Virtual Folder. The Create Virtual Folder page opens.

- OR -

Click a hyper inked folder name. The Edit Folder page opens.

3. Set the appropriate options.

§     Folder name. Enter a name for the virtual folder. This name will identify the folder to users who log in to the server.

§     Full path. Select the physical location on the folder. You may either enter the path manually or select it by clicking Browse.

§     Virtual display location.  Select where you want this virtual folder to display.

§     Not displayed. Select this option to exclude this virtual folder from folder listings. Users who know virtual folder name can still access it by providing the folder name manually.

§     Display at root. Select this option to display this virtual folder as a sub folder of the server root folder.

§     Display in user. Select this option to display this virtual folder as a sub folder of each user's home folder.

4. Under Permissions, modify user permissions to the folder as needed.

5. Click Save.

Permissions

This section of the page displays and lets you manage user permissions for this folder. By default, users do not have permissions to new folders. To view or grant permissions to the folder, use the Permissions options.

You can perform the following tasks related to user permissions on a folder:

§     Add permissions to this folder. To add a permission to this folder, click Add.

§     View or modify permissions to this folder. Click a user or user group name to open the Edit Permissions page. From there, you can view or modify the permission.

§     Remove permissions from this folder. Select a permission by selecting the checkbox beside the user's or group's name.  Select multiple permission by selecting multiple checkboxes.  Once you have made your selection, click Remove to remove the selected permissions from this folder.

 

Understanding limitations of virtual folders (Back to top)

A virtual folder can be created as a sub folder of the root folder

- OR -

as a sub folder of every user's home folder

§     If a user's home folder is set to a custom location (outside of the /users folder under the top folder of the host), then virtual folders configured to display in a users' home folders are not displayed.

§     A virtual folder cannot contain another virtual folder. If a file structure is created where one virtual folder could conceivably contain another, the second virtual folder is not displayed.

§     If the physical folder the virtual folder references is changed or deleted, the virtual folder is still displayed to users, but it cannot be accessed. Users attempting to access a virtual folder that points to a nonexistent physical folder receive the following error message: 550 CWD virtual: access denied.

 

Understanding folder permissions (Back to top)

Folder permissions govern which users and group can perform various actions on a folder or its contents.

There are two main types of permissions:

§     Permit. Permit permissions grant users or groups access to the folder on which the permission is applied.

§     Deny. Deny permissions are used when you want to specifically deny a user or group permission to a folder. Deny permissions take precedence over all other permissions, so a deny permission guarantees that a user cannot perform the action indicated in the permission.

For each permission, you can also indicate which actions you want to permit or deny:

§     Read. This option refers to downloading files from the server.

§     List. This option refers to retrieving a folder listing, which shows the files in the folder, from the server.

§     Write. This option refers to uploading files to the server.

§     Delete. This option refers to deleting files or folders from the server.

§     Rename. This option refers to changing the name of a file or folder already on the server.

§     Create folder. This option refers to creating a new folder under the folder where the permission is set.

Finally, you can also choose to have a permission apply only to files that match a specified file mask. To match all files, enter *.

For each permission, you can choose to have the option propagate down to all sub folders of the folder where the permission is set by selecting Include sub folders.

User and group permissions are aggregated. File Watchdogs FTP Server evaluates permit permissions first, then deny permissions to determine the actual permissions granted.

For example, if a user has the following permissions set

§     Permit Read and List permission propagated from a parent folder

§     Permit Write permission set on the current folder

§     Deny Read permission set on the current folder

he or she can List and Write on the current folder.

Permissions and administrators

Host administrators are granted full permissions to all folders on the host to which they belong. However, host administrators are bound by deny permissions. It is possible to deny them access to any folder by creating a deny permission on that folder.

Permissions and users' home folders

When a user is created, File Watchdogs FTP Server automatically generates a permit permission granting the user full permissions to his or her home folder.

Permissions and virtual folders

Permissions set to include sub folders on a parent folder of a virtual folder are not applied to the virtual folder or any folders underneath it. Virtual folders do not inherit permissions from parent folders.

How to stop a propagated permission

When a permission set on a parent folder is propagated to a child folder and you want to remove or change the permission on the child folder, you can add another permission with the same mask at that level. For example, if the parent folder grants a user Read, List and Write permissions, and you want to remove Write permissions on the child folder, you can enter another permission on the child that specifies only Read and List for the User. This removes the Write permission.

 

 

Setting Folder Permissions (Back to top)

You can manage user/group folder permissions from the Folder Permission page.

To grant or change permissions to a folder for a user or group:

1. From the top menu, select Host > Folders. The Folders page opens.

2. Click the hyper linked name of the folder you want to open. The Edit Folder page opens.

3. In the User/Group list, click the hyper linked name of the user or group for which you want to change permissions. The Folder Permission page opens.

4. Set the appropriate options.

§     User or Group. The user or group to which this permission applies is listed here.

§     File mask. Enter a file mask. Permissions are granted only to files that match the file mask.

§     Permission Type:

§     Allow. Select this option to permit access to the following permission options.

§     Deny. Select this option to not permit access to the following permission options.

§     Select/Deselect All. Select to grant full permissions. Clear to remove all permissions.

§     Read. Select this option to grant permissions to read files.

§     List. Select this option to grant permission to list the files in the folder.

§     Write. Select this option to grant permission to add files or modify files to the folder.

§     Delete. Select this option to grant permission to delete files from the folder.

§     Rename. Select this option to grant permission to rename files or folders in the folder.

§     Create folder. Select this option to grant permission to create sub folders in the folder.

§     Include sub folders. Select this option to extend the permissions assigned to this folder to all folders beneath it.

5. Click Save.

 

Checking file integrity (Back to top)

File Watchdogs FTP Server includes support for file integrity checking. File integrity checking works by using an algorithm to calculate a unique number based on the contents of a file. When the same algorithm is run on the client computer before transferring the file and on the server computer after transferring the file, the results of the algorithm's computation can be compared to detect any corruption that may have occurred during the transfer. If the transfer succeeded without corruption, the two values are identical.

The table below indicates the algorithms supported during FTP and SSH/SFTP connections as well as the command the client must issue to check the integrity of a file using one of the supported algorithms.

Algorithm	Client command	FTP	SSH/SFTP
SHA512	XSHA512
SHA256	XSHA256
SHA1	XSHA1
CRC32	XCRC
MD5	XMD5

An algorithm must be supported by both the server and the client to be used in file transfer checking. To determine which algorithms are supported by your file transfer client, consult its user documentation.