This page allows an administrator to configure, for the organization, the policy for sending packages to unregistered users.

To configure the policy for sending packages to unregistered users:

Click SETTINGS > Ad Hoc Transfer > Access > Unregistered Recipients. In each section, make your selections and click Save.

Unregistered Recipients section

Anmerkung: Settings on this page are not used if the SETTINGS > Ad Hoc Transfer > Access > Registered Senders page has the field Which users may send packages to recipients who are not currently registered users? set to None, because no one can send to unregistered recipients.

However,

  • If the SETTINGS > Ad Hoc Transfer > Access > Unregistered Senders page has Can unregistered users send packages to registered users? set to Yes so that unregistered users can self-register to send packages,
  • Then the following setting on the current page can be used to determine how unregistered senders are handled:
    • SETTINGS > Ad Hoc Transfer > Access > Unregistered Recipients the setting If Permitted, how should access be granted to recipients or senders who are not currently registered users?
Anmerkung: Even if you have not allowed users to send packages to unregistered recipients, the first prompt under Unregistered Recipients could be used, to determine how unregistered senders are handled. This will occur if you allow unregistered users to self-register to send packages (in the first prompt of the Unregistered Senders page).

If permitted, how should access be granted to recipients or senders who are not currently registered users?

Anmerkung: This setting determines how to handle both unregistered recipients and self-registering senders, if applicable.

This setting specifies whether to treat unregistered users as Temporary Users (with their registration expiring after several days) or Guest Users (just for the one-time sending of an individual package).

  • Temporary Users: (Default). Creates a temporary user for each unregistered recipient. See the Temporary User Password and Permitted Email Domains sections below to determine how the temporary user account is handled.
  • Package Passwords: Allows the unregistered recipient to have access the package as a Guest User. A temporary user is not created. See the Package Password and Permitted Email Domains sections below to determine how the guest user account is handled.

Lookup email in LDAP sources...

This section appears if the organization uses an LDAP authentication method. These settings enable MOVEit Transfer to check if the email address of an unregistered user matches an LDAP entry. In other words, it checks to see if an unregistered recipient has an LDAP account.

  • Ignore for all except: By default, MOVEit Transfer will not do an LDAP lookup for unregistered recipients. You can add email domains to the ... these domains: text box, in which case MOVEit Transfer will do the LDAP lookup for email addresses that match a specified domain.
  • Lookup for all except: Select this option to enable looking up emails in LDAP lookup+auth sources. When enabled, any potential unregistered recipients for packages (i.e. email address recipients that don't match any internal user) will be looked up in LDAP sources to see if there is a matching LDAP user that currently is not in the MOVEit Transfer system. If a match is found, MOVEit Transfer attempts to add that user to the system, and then updates the package recipient list to send the package to that new user, INSTEAD of creating a temporary user or sending to an unregistered recipient. You can add email domains to the ... these domains: text box, in which case MOVEit Transfer will not do the LDAP lookup for email addresses that match a specified domain.

Temporary User Password section

Anmerkung: This section appears only if you select Temporary Users for the prompt If Permitted, how should access be granted to recipients of senders who are not currently registered users? (the first prompt on this page).

A temporary user is created when a registered user sends a package to an email address of someone who is not a registered user of MOVEit Transfer.

The default settings (shown below) allow the sender to add an email address when sending a package, and MOVEit Transfer then automatically creates the temporary user, generates a password, and sends it to the user. This means that when a user sends a package to an unregistered recipient, the recipient receives two separate emails, the autogenerated message that contains the user password, and the package. All recipients of a package are sent the same password, and they are required to change their password on first sign-on.

Additional information can be added to the user profile at a later time.

Anmerkung: If you have users that access Ad Hoc Transfer using the Outlook plugin, you must select Do not ask the sender for a password, instead: and Send an automatically generated password to each temporary user.

Anmerkung: For Ad Hoc Plug-in for Outlook 2.2 and later, the setting for automatic delivery of the password does not apply if you have set the Content - Package Notifications setting for Send notifications directly to Yes. In this case, credentials will always be sent separately.

For creating a password, you can have MOVEit Transfer handle the communication with the temporary user by sending an autogenerated password, or sending a set password link, which allows the recipient to create their own password.

You can also assign responsibility for creating a password to the sender, and then auto-send the password, or let the sender deliver the passwords to the temporary users.

If you have selected to have MOVEit Transfer send passwords, you can choose whether to send the password to a recipient in a separate email, or to include the password in the package notification.

Anmerkung: While this delivery option will always apply for packages sent through the MOVEit web interface, the Ad Hoc Plug-in for Outlook will ignore this option when it is responsible for sending notifications to package recipients. This behavior is controlled in the Package Notifications settings page: when the plug-in is allowed to send the package notification itself, it will always send credentials separately, in a second email. The credentials must be separate from the notification due to the way that the email thread is maintained in plug-in version 2.2 and later: if there are multiple recipients on the thread, the credentials cannot be sent in the same email thread as the package notification, because everyone on the thread would be able to see each other’s password. Instead, the plug-in always sends the same package link to all recipients within an email thread, then sends a second, individual email to each recipient that contains the recipient's credentials to access the package.

Package Password section

Anmerkung: This section appears only if you select Package Password for If Permitted, how should access be granted to recipients of senders who are not currently registered users? (the first prompt on this page).

This section sets options for using a package password. A package password is sent to a guest user who is the recipient of a package. The password is used only for access to that package. A guest user is different from a temporary user in that a MOVEit Transfer user profile is not created for the guest user. Note: Security settings for Remote Access and IP Lockouts apply to guest users.

For creating a password, you can have MOVEit Transfer handle the communication with the guest user by sending an autogenerated password.

You can also assign responsibility for creating a password to the sender, and then auto-send the password, or let the sender deliver the passwords to the guest users.

If you have selected to have MOVEit Transfer send passwords, you can choose whether to send the password to a recipient in a separate email, or to include the password in the package notification.

Permitted Email Domains section

This section allows administrators to limit the domains for the unregistered recipient email addresses. This helps prevent users from adding certain users as either temporary or guest should not be added as such. The domain list is a comma-delimited list of domains to match against. The rule settings determine whether matched domains will be allowed or denied. For example, a list of yahoo.com, msn.com, gmail.com, ipswitch.com will keep people from defining temporary users from some common free email domains and from Ipswitch domain.

Upload/Download Wizard Access

Anmerkung: This section appears only if you select Package Password for If Permitted, how should access be granted to recipients of senders who are not currently registered users? (the first prompt on this page).

This section allows administrators to enable or disable access to the Upload/Download Wizard by Guest users (whether recipient or sender).By default, the option Allow Guest users to take advantage of the Upload/Download Wizard is selected.

Clear the checkbox and click Save to disable access to the Wizard for Guest users.

Advanced Options

Allow temporary users to send packages to themselves: Temp users can send themselves a package, which is a possible security issue. This allows the Org admin to control access.

Hide the "Options" section from temporary users on the "Send a new Package" page: Ability to hide Options from Temp Users composing packages. This allows the Org admin to control access.

Reactivate expired temporary users when they receive a package: Allows expired but not deleted temp user accounts to be reactivated when they receive a new package.