Managing Users and Templates
Configure user profile restrictions by using pre-defined or customized template settings.
Configure user profile restrictions by using pre-defined or customized template settings.
Users can connect to listeners exposed in IBM webMethods Managed File Transfer to do file operations in Virtual Folders. After you create a user, the user needs to be added to the Virtual Folder with the right access privileges.
Administrators and users within your organization must create a user profile on IBM webMethods iPaaS. IBM webMethods iPaaS users have the ability to access and collaborate on IBM webMethods Managed File Transfer using their designated permissions.
A partner user is an entity authorized to send and receive files in IBM webMethods Managed File Transfer.
This topic provides information about specific features that can be configured for users and templates in IBM webMethods Managed File Transfer.
Define the following restrictions for a user:
Specify the maximum number of users who can log in simultaneously, the maximum login and idle times per session, public key and password requirements, and the paths to trusted public SSH key files.
Restrict particular actions for files that match a specified pattern. For example, restrict users from uploading files that end with .exe
. Also restrict access to subfolders in the file system that match a specified pattern.
Specify the default character encoding for the connection between the user and IBM webMethods Managed File Transfer.
Specify the days of the week and the time during which users can connect to IBM webMethods Managed File Transfer.
Define specific file-based encryption and decryption PGP keys for users. These settings override any encryption assignments set in the template associated with the user.
When encrypted, files are stored on the user’s drive. Encrypted files are decrypted only if they are transferred back through IBM webMethods Managed File Transfer using the same key that was used to encrypt them. When encryption and decryption keys are configured at multiple levels (user, server, and folder), IBM webMethods Managed File Transfer enforces the following order of preference:
Users
Folders
Servers
For example, if user A accesses port 10 and uploads a file in VFS TestFolder123, then IBM webMethods Managed File Transfer checks if the encryption or decryption key is available for user A. If no key is available at the virtual folder level, then IBM webMethods Managed File Transfer checks for the user settings for the key. If no key is present at the user settings level, then IBM webMethods Managed File Transfer checks the server level settings for the key. If no key is present at the server level settings, then files are not encrypted or decrypted during upload or download.
Define specific file-based encryption and decryption PGP keys for users assigned to a template. When files are encrypted, they are stored on a user’s drive in a format that cannot be read outside of IBM webMethods Managed File Transfer. Encrypted files are decrypted only if they are transferred back through IBM webMethods Managed File Transfer using the same key that was used to encrypt them.
Override the template-level encryption and decryption options for a specific user.
To create a new user
Go to Users > Users.
On the Users page, click and in the Create new user dialog box, type the User ID, First name, Last name, and Email address. Ensure that the partner user names are not identical to your IBM webMethods iPaaS user names.
To change the user’s password, do one of the following:
Click Add to User List. This button is enabled only when you provide the user information. Continue to add more users to the selected users’ list.
Click Create.
To configure advanced settings
Go to Users > Users.
Select the user to configure additional settings and specify the following details:
Field | Description |
---|---|
Basic | Update the user’s First name, Last name, Email address, and the default Template associated with the user. |
Disable login | Select this option if you want to disable a user’s ID and prevent the user from logging on to the server. |
Associated partner | |
No partner | Select this option if you do not want to associate the user with either a partner or your enterprise. |
Enterprise | Select this option if you want to associate the user with your enterprise. |
Partner | Select this option if you want to associate the user with a partner, and either select a partner from the list or type a new partner name and click Create. |
Upload preferences | These settings override any throttling options set in the template associated with the user. |
Maximum speed (Kb/sec) | Type the maximum permissible speed in kilobytes per second for an upload operation. |
Maximum individual file size (MB) | Type the maximum permissible size in megabytes for an uploaded file. |
Maximum amount per session (MB) | Type the maximum amount of data in megabytes that can be uploaded per session. |
Maximum amount per day (MB) | Type the maximum amount of data in megabytes that can be uploaded per day. |
Maximum amount per month (MB) | Type the maximum amount of data in megabytes that can be uploaded per month. |
Download preferences | These settings override any throttling options set in the template associated with the user. |
Maximum speed (Kb/sec) | Type the maximum permissible speed in kilobytes per second for n download operation. |
Maximum amount per session (MB) | Type the maximum amount of data in megabytes that can be downloaded per session. |
Maximum amount per day (MB) | Type the maximum amount of data in megabytes that can be downloaded per day. |
Maximum amount per month (MB) | Type the maximum amount of data in megabytes that can be downloaded per month. |
Active time window |
|
File name filters | Configure the file name filters to allow or deny commands (Upload, Download, List, Rename) for files that match a specified pattern. For example, restrict a user from uploading files that end with “.exe”.
|
Patterns | Click to add one or more patterns to restrict actions to particular files, and specify the following details:
Note: Any characters except wildcard characters and regular expressions are permitted. IBM webMethods Managed File Transfer treats those characters as part of the file name. |
Block paths matching these patterns | Click to restrict a user’s access to specific folders in the file system, and specify the folder path you want to block in Pattern. Tip: Use simple pattern matching by preceding the pattern with the tilde (~) character. For example, to deny user access to the folder /system/bin, you must type: ~/system/bin/* |
Authentication and login | Configure maximum limits for user authentication and login. |
Maximum simultaneous logins | Type the maximum number of simultaneous logins allowed for the same user. |
Require public key and password (For SFTP listeners) | Select this option if you want IBM webMethods Managed File Transfer to require the user to provide a public key and password. |
Maximum login time per session (min) | Type the maximum number of minutes a user can remain logged in per session. |
Maximum idle time per session (min) | Type the maximum number of minutes a user session can remain idle. |
Trusted Public SSH key alias | |
Public SSH key alias | Click and specify certificate alias for the trusted public SSH key files. |
Connection | |
Allowed protocols | Select the protocols for which you want to allow connections for from the list. |
Default character encoding | Select the appropriate default character encoding from the list. The default is UTF-8. |
File-based encryption | |
Public PGP key alias | Type or browse the certificate alias for the public PGP key. |
File-based decryption | |
Private PGP key alias | Type or browse the certificate alias for the private PGP key. |
Click Save or Save & Close.
The user is updated with the additional settings.
To modify a user
Go to Users > Users, and select the user that you want to edit.
Modify the required configuration settings for the user respectively.
Click Save or Save & Close.
The user is updated with the modified settings.
Administrators of IBM webMethods Managed File Transfer can change or set new passwords.
To set or change a password
Go to Users > Users, and select the user to configure additional settings.
If you want to change the user’s password, click Change Password.
In the Change Password dialog box, do one of the following:
IBM webMethods Managed File Transfer partner users can now set or change their password from the login page of IBM webMethods Managed File Transfer Webclient.
To set or change a password (By IBM webMethods Managed File Transfer partner users)
Click Forgot password on the login page.
Type the username and click Get an email with instructions. A password reset link will be sent to the user’s linked email ID.
Click the password reset link in your email. You will be redirected to the Change password page after clicking on the link.
Type a password that matches the minimum requirements in both the Password and Confirm Password boxes. See Password Complexity for Partner Users for more information.
Click Proceed. You will receive a password reset confirmation on both email and also on your current screen.
Proceed to login by providing your username and the recently reset password. Click Login.
To search for users
Go to Users > Users, and specify all or one of the following search criteria:
Field | Description |
---|---|
User ID | Type the user ID associated with the user. |
First name | Type the first name of the user. |
Last name | Type the last name of the user. |
Click Apply for the changes to take effect and Reset to reset the values.
The user list is populated with the users matching your search criteria.
IBM webMethods Managed File Transfer applies the settings of a template to all the users associated with it. These settings include predefined limits for upload and download file sizes, server connection restrictions, encryption and decryption settings, as well as settings to optimize file transfers for faster speeds.
The default template in IBM webMethods Managed File Transfer provides settings that can be customized to fit specific requirements. Additionally, users can create additional templates and assign any template as the default for new users.
To add templates in IBM webMethods Managed File Transfer, users can utilize the quick add feature to configure basic settings such as name and description. To configure additional settings for templates, see Configuring Additional Settings for a Template.
To add a template
Go to Users > Templates.
Click and in the Add template dialog box, specify the following details:
Field | Description |
---|---|
Name | Type a unique name for the template. |
Description | Type a description for the template. |
Click Add. The new template appears in the templates list.
To configure additional settings
Go to Users > Templates.
Select the template for which you want to configure additional settings. Specify the following details and click Save or Save & Close.
Basic options
Field | Description |
---|---|
Name | Type a unique name for the template. |
Description | Type a description. |
Default template for new user | Select this option if you want to set this template as the default template for new users. Note: Only one template can be set as the default template. To specify a different default template, save your edits to the current template and switch to the template you want to configure as the default. |
Upload preferences
Field | Description |
---|---|
Maximum speed (Kb/sec) | Type the maximum permissible speed in kilobytes per second for an upload operation. |
Maximum individual file size (MB) | Type the maximum permissible size in megabytes for an uploaded file. |
Maximum amount per session (MB) | Type the maximum amount of data in megabytes that can be uploaded per session |
Maximum amount per day (MB) | Type the maximum amount of data in megabytes that can be uploaded per day. |
Maximum amount per month (MB) | Type the maximum amount of data in megabytes that can be uploaded per month. |
Download preferences
Field | Description |
---|---|
Maximum speed (Kb/sec) | Type the maximum permissible speed in kilobytes per second for an download operation. |
Maximum amount per session (MB) | Type the maximum amount of data in megabytes that can be downloaded per session. |
Maximum amount per day (MB) | Type the maximum amount of data in megabytes that can be downloaded per day. |
Maximum amount per month (MB) | Type the maximum amount of data in megabytes that can be downloaded per month. |
Active time window | Do one of the following: - If you want to restrict access to particular days of a week, then under Days, select the required days you want the server to be available to the user. - If you want to restrict access to particular time slots, then under Time selector, click . Select the From Time and To Time from the lists, respectively. |
File name filters | Configure the file name filters to allow or deny commands (Upload, Download, List, Rename) for files that match a specified pattern. For example, restrict a user from uploading files that end with “.exe”. - When you configure the file name filters for Listener Preferences and Users, the User file name filer configuration overrides the Listener Preferences configuration. - The file name filter is applied on the filename received by the server. For example, if a .pdf file is uploaded after changing the file extension to .txt, then IBM webMethods Managed File Transfer considers it as a .txt file when applying the filters. |
Patterns | Click to add one or more patterns to restrict particular actions for certain files, and specify the following details: - Command. Select a command ( List, Download, Upload or Rename) from the list. - Filter type, Select a filter type (Starts with, Ends with, or Contains) from the list. - File name. Type a portion of the file name that the Filter type criterion should evaluate (for example, “exe”). Note: Any characters except wildcard characters and regular expressions are permitted. IBM webMethods Managed File Transfer Server treats those characters as part of the file name. |
Block paths matching these patterns | Click to restrict access to specific folders in the file system, and specify the details for:
Tip: Use simple pattern matching by preceding the pattern with the tilde (~) character. For example, to deny user access to the folder /system/bin, you must type: ~/system/bin/* |
Authentication and login options
Field | Description |
---|---|
Maximum simultaneous logins | Type the maximum number of simultaneous logins allowed for the same user. |
Require public key and password | Select this option if you want IBM webMethods Managed File Transfer Server to require the user to provide a public key and password. |
Maximum login time per session (min) | Type the maximum number of minutes a user can remain logged in per session. |
Maximum idle time per session (min) | Type the maximum number of minutes a user session can remain idle. |
Trusted Public SSH key alias | |
Public SSH key alias | Click and specify certificate alias for the trusted public SSH key files. |
Connection options
Field | Description |
---|---|
Connection protocols | Select the protocols for which you want to allow connections for, from the list. |
Default character encoding | Select the appropriate default character encoding from the list. The default is UTF-8. |
File-based encryption options
Field | Description |
---|---|
Public PGP key alias | Type or browse the certificate alias for the public PGP key. |
File-based decryption options
Field | Description |
---|---|
Private PGP key alias | Type or browse the certificate alias for the private PGP key. |
The template is updated with the additional settings.
To modify a template
Go to Users > Templates, and click the template that you want to edit.
Modify the required configuration settings for the template.
Click Save or Save & Close.
The template is updated with the modified settings.