Managing users
Along with the VFS section, the Users section is probably the most used section in the Admin UI. It allows you to manage all users (and, depending on the edition/license you own, also groups) for your Syncplify Server!
Syncplify Server! allows for very granular user profile configuration. There are many settings through which you can define the user’s home VFS, virtual folders, permissions (and permission override), as well as a plethora of other settings as detailed here below.
These user settings, for each user, are further grouped in sub-sections. When you click on a user’s username in the list, you will access the edit mode for that specific user profile. Here’s what you will find in each sub-section when you edit a user:
Main settings
This section allows you to configure the account status (along with auto-enable/disable) and - more importantly - the user’s home VFS, which is the virtual file system the user will start in when they connect to the server.
In this same section you can define the base set of permissions that will be applied to the user’s home VFS, as well as the protocol handlers this user is allowed to utilize.
Here’s a brief explanation of directory and file permissions found in this sub-section:
| Permission | Explanation |
|---|---|
| List | Permission to list a directory |
| Make | Permission to make/create a directory |
| Rename | Permission to rename a directory or a file |
| Delete | Permission to delete a directory or a file |
| Edit_Metadata | Permission to edit a directory or a file metadata (like ACL, chmod, chown, etc…) |
| Get | Permission to download a file from the server to a client |
| Put | Permission to upload a file from a client to the server |
| Modify | Permission to modify a file (ex: upload a file, or portions of it, from a client to the server, over an existing file) |
| Symlink | Permission to create and resolve symlinks (symbolic links) |
And here’s a brief explanation of the protocols:
| Protocol | Explanation |
|---|---|
| SSH2_Shell | Allows the user to run a remote shell on the server in the context of the system service (or systemd) with unlimited/unrestricted administration privileges |
| SSH2_Command | Similar to SSH2_Shell but allows to run individual commands without opening a full-blown shell |
| SFTP | The official SSH2-based secure file transfer subsystem, allows file transfer and management without giving shell access to the client |
| SCP | Alternative SSH2-based file transfer subsystem, more lightweight and limited than SFTP |
| FTP | Acronym for File Transfer Protocol, probably the most well-known (yet unencrypted/insecure) file transfer protocol |
| FTPS | Same as FTP but implicitly encrypted via SSL/TLS (encryption layer is negotiated upon connection) |
| FTPES | Same as FTP but explicitly encrypted via SSL/TLS (encryption layer is negotiated after a plain connection has already been established, and when the client sends the StartTLS command to the server) |
| HTTPS | Enables the WebClient! subsystem (a full-featured, web-based file transfer and sharing UI) of your Syncplify Server! |
Authentication
This sub-section includes all the settings necessary for user authentication. Please bear in mind that Authentication Phases and PKI Authentication only apply to SSH2 and its subsystems (SFTP, SCP, …) while all other protocol handlers (FTP, HTTPS, …) only support Password authentication.
Virtual folders
This section allows you to mount other virtual file systems (VFS) as virtual folders/directories under a user’s home. Each of these virtual folders can use a different VFS as its back-end, and can define its own permissions and visibility rules on it.
Permission override
This section allows you to configure specific permissions on actual sub-folders (sub-directories) that exist under the user’s home VFS.
Do not use this section to override permissions on Virtual Folders, as they already come with their own set of permissions. Use this section only to modify permissions on actual folders that exist inside of the home VFS.
Speed limits
Intuitively, this section allows you to define speed limits that apply when this particular user account connects from certain pre-defined IP addresses or networks (CIDR).
Event handlers
Depending on the edition (license) of Syncplify Server! you’re running, you may or may not have this section. If this section is there, then you can write your own scripts to customize your Server!’s behavior, and trigger them when certain events occur during a session from the individual user account you’re editing.
For example, you can trigger the execution of a script when this user connects, or uploads a file, and such script may then send a notification email to an administrator, or perform more complex operations.
Network access limits
Syncplify Server! allows you to define (optional) specific network access limits for each user account. When defined, these limits only allow this particular user profile to connect to your Syncplify Server! from these specific network sources.
