Users

To access user accounts:

1. Sign in as Admin.
2. In the navigation pane, click USERS.

   The Users page opens, showing all users sorted by username.

   

   A user account allows a single person, organization, or device to authenticate to MOVEit Transfer. Admins, SysAdmins, and some GroupAdmins can add, delete, and edit users.

   Every account has a username and a password. Accounts can also include IP/hostname restrictions, interface/protocol restrictions, or an SSH key or SSL certificate.

   By default, MOVEit Transfer associates a username's uniqueness at the MOVEit Transfer organization ("Org") level. So a particular username (let's say "anyuser") can be created for more than one organization. The SysAdmin user can change this default setting so that an individual username can only be used once system-wide. (In other words, only one Org in the system can have the username.

   User list columns contain the following information:

   • Username. The unique username of the user. Users sign on to MOVEit Transfer with their username and password. To open a User Profile, click a username.
   • Full Name. The full name of the user.
   • Last Sign-on. When this user last signed on.
   • Organization. The name of the organization to which this user belongs. (This column appears when you sign on as SysAdmin.)
   • Permissions. This user's base permission set (TempUser, User, AuditUser, FileAdmin, GroupAdmin, Admin, SysAdmin).
   • Actions.
   • Clone. Clones the user account. The settings, group memberships, folder permissions, and home folder structures are copied to the new account. This action is useful in conjunction with "template" users for creating new accounts based on a pre-defined set of user parameters. Temporary users cannot be cloned.
   • Delete. Deletes this user (after confirmation)

Best Practices and Tips for Cloning

Do not clone existing or legacy user objects

It is best practice not to clone an existing or legacy user and treating the user as template for future user accounts. Rather than cloning, create a fresh user and assign group permissions to determine the range and scope of the user's access. (This ensures forward compatibility.)

Cloning users creates a deep copy

Cloning a user () performs a deep copy of a user. Cloning a user with policy overrides applied (such as explicit folder permissions) means the newer (cloned) version of the user will also possess these overrides.

Cloning uses a Home folder default path

MOVEit Transfer attempts to determine the best home folder path for the new user, based on the cloned user's existing home folder path, and provides that path as the default value. Administrators can change the home folder path as desired.

To find a user:

1. Sign on as Admin.
2. Select USERS. In the Filter Users section, make selections in any combination of the following fields: Permission, Status, In Group.
3. Select Sort by to sort the filter results by username, full name, or last sign-on. Optionally add Where Value Like to specify a value for the Sort By selection.

   - OR -

   Pick a Letter. If the user list spans multiple pages, click a letter to open the page containing the username that begins with that letter.

To add a user:

1. Sign on as Admin and click USERS.
2. On the Users page, click Add User.

   The Add a New User page opens.

   Provide the following information:

   General Information Section

   Username. Required. Cannot begin with characters @ or !. Can contain any character in the ISO-Latin-1 (ISO/IEC 8859-1) character set, except for the slash character (\). By default, username must be unique in the organization (which means that the same username can be used in multiple organizations). The SysAdmin can change this setting so that a username must be unique in the MOVEit Transfer system.

   Full Name. The full name of this account. Cannot begin with characters @ or !. Can contain any character in the ISO-Latin-1 (ISO/IEC 8859-1) character set.

   Email Address(es). Address where notifications from the system are sent. Leaving this field blank sets Notifications to Off.

   Email Notifications.

   If you select On or On+Admin, you must also provide a valid email address.

   • Off. Send no notifications to this user.
   • On. Send user email notifications of events such as arrival of new files or packages.
   • On + Admin. Pertains to Admin or GroupAdmin users. This user receives notifications when events occur for other users, such as when other users are locked out or their accounts expire.

   Permissions. Choose a user role. (See the Permissions topic for more information.)

   Language. Choose a target language for the WebUI and for notifications.

   User Authentication Section

   • Authentication method. This field appears when the current organization operates in a mixed authentication mode (RADIUS then MOVEit or LDAP then MOVEit). Select the authentication method for this user. Options: MOVEit Only, External Only, Both. For more information, see User Profile - User Authentication.
   • Password Delivery, Suggested Password, Password Creation.
     Tip: Password delivery method and permissions are set for the organization in SETTINGS > Security Policies > Password > Permissions. Password aging policy is set for the organization in SETTINGS > Security Policies > Password > Aging & History.
     Note: For more information about authentication when creating a user, and the password fields, see the User Profile - User Authentication help topic, Password section.
   • Force user to change password on first login
   • Email new password to user. This option appears if the organization allows sending passwords by email (SETTINGS > Security Policies > Password > Permissions).

   Home Folder Section

   Home Folder.

   Specify the home folder for the user. For example:

   • In the /Home folder. (default path for the organization is set in SETTINGS > Appearance > Folders > Default Home Folder Path).
   • /Home/[FULLNAME]
   • /Home/[USERNAME]
   • /Home/[USER ID]. The USER ID is automatically generated, cannot be changed, and remains the same for the life of the account
   • In a different folder in place of the /Home folder. If the folder does not exist, it will be created.
   • In any folder, provided it is not a restricted type.
   • In the MOVEit Transfer organization, set up a shared home folder for multiple users
   • Not setting a home folder for a user.
     Note: If an expired user account is deleted, the user's home folder will also be automatically deleted unless someone else has explicit permissions to that user's home folder. For more information, see the User Account Expiration topic.

Miscellaneous Section

• Notes. Optional field for admin use. Content that you type in this field does not have any effect on user settings.
• Group Membership. Select groups to add the user as a member. Use Ctrl + click to select more than one group.

  Groups that appear in the list were previously created in GROUPS

User Permission Role Levels

If you interact with MOVEit Transfer using the WebUI or the REST API, permission role labels (for example sysadmin, orgadmin, tempuser, and so on) display as their normalized, human-readable names.

If you are browsing the database in read-only mode (using MSSQL Management Studio or a visual ODBC connector for MySQL), the permission role levels display as a numerical constant value.