In EFT Administrator, connect to EFT Server and click the Server tab.
Do one of the following:
Click Configuration > Create New User from the menu.
Right-click a Site or any node below it.
Click the New User
icon
on the bottom toolbar in the right pane.
The New User Creation wizard appears.
In the Site drop-down list, click the down arrow to select the Site to which you want to add a user.
Do one of the following:
Type the new user's First Name and Last Name. EFT Server creates a Username in the format of [First_Initial_Last_Name]. You can provide a different username.
Leave the First Name and Last Name boxes blank and type a username. (All characters are supported except the asterisk (*) and the plus sign (+).)
Do one of the following:
Type and confirm the User Password.
Click Generate. A complex password is automatically created and appears in the User password and Confirm password boxes so that you can copy it to the clipboard.
|
|
On HS-PCI-enabled Sites, to facilitate compliance with PCI DSS requirement 8.5.3 only the Generate feature is available (that is, you cannot manually create a password). |
In the Password Type drop-down list, click one of the following:
Standard - A plain text password is required.
Anonymous - Any password, including nothing, allows an anonymous connection.
Anonymous (Force e-mail) - Any well formed e-mail address is the password.
OTP (One-Time Password; intended to make it more difficult to gain unauthorized access. By constantly altering the password, as is done with a one-time password, this risk can be greatly reduced) S/KEY MD4 - Used for logging in to an OTP-enabled server.
OTP S/KEY MD5 - Used for logging in to an OTP-enabled server.
|
|
PCI DSS (multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design, and other critical protective measures) requirement 8.5.8 states that you should not use group, shared, or generic accounts and passwords. To address this requirement, EFT Server hides the Anonymous password type for HS-PCI-enabled Sites anywhere that the password type is selectable. |
(Optional) In the Description box, type descriptive details of the user (e.g., Paris Office). By default "Account for" and the first and last name appear here.
(Optional) In the E-mail box, type the user's e-mail address, then select the E-mail login credentials after creating user check box. See E-mailing User Passwords for details.
|
|
PCI DSS requirement 8.5.7 states that you should communicate password procedures and policies to all users who have access. You can edit the default text of the e-mail that is sent when you create a new user (CredentialsTemplate.txt) to include your organization's password policies and procedures. This file is stored in the EFT Server installation folder (by default, C:\Program Files\GlobalSCAPE\EFT.) |
Click Next.
All new users are automatically members of the Default Settings User Setting Level. Click the Settings Level drop-down list and click the User Setting Level to apply to the new user. You can move the user to a different User Setting Level later, if necessary.
Clear the Create user home folder check box if you do not want the user to have a home folder.
Select the Grant FULL permissions to user in this folder check box if you want the user to have full permissions to their home folder.
|
|
If you do not grant users full permissions to their home folders, they will inherit their Group's permissions. You will specify the user's group on the next page of the wizard, and can configure Group permissions at any time. |
In the Allowed Protocols area, clear or check the allowed protocols that this user is allowed to use to connect to the Server. Only the protocols enabled at the Site and/or User Setting Level are available.
Allow access using SSL over FTP/HTTP protocols
Allow access using SFTP
Allow access using HTTP
Enable AS2 protocol (Only available if the AS2 module is activated)
Click Next. The Groups page appears.
Double-click a Group in the Member of or Not a member of lists, or click a Group and click the left- or right-facing arrows to add/remove the new user to/from Groups.
|
|
After a user is defined, you can change the user's Group assignments on the Group node. |
Click Finish to create the new user account.
If the AS2 protocol was enabled, the AS2 Configuration Wizard appears.