|
|
|
|
|
This page allows an administrator to configure, for the organization, the policy for sending packages to unregistered users.
Click SETTINGS > Ad Hoc Transfer > Access > Unregistered Recipients. In each section, make your selections and click Save.
Note: Settings on this page are not used if the SETTINGS > Ad Hoc Transfer > Access > Registered Senders page has the field Which users may send packages to recipients who are not currently registered users? set to None, because no one can send to unregistered recipients.
However,
Tip: Even if you have not allowed users to send packages to unregistered recipients, the first prompt under Unregistered Recipients could be used, to determine how unregistered senders are handled. This will occur if you allow unregistered users to self-register to send packages (in the first prompt of the Unregistered Senders page).
Note: This setting determines how to handle both unregistered recipients and self-registering senders, if applicable.
This setting specifies whether to treat unregistered users as Temporary Users (with their registration expiring after several days) or Guest Users (just for the one-time sending of an individual package).
This section appears if the organization uses an LDAP authentication method. These settings enable MOVEit Transfer to check if the email address of an unregistered user matches an LDAP entry. In other words, it checks to see if an unregistered recipient has an LDAP account.
Note: This section appears only if you select Temporary Users for the prompt If Permitted, how should access be granted to recipients of senders who are not currently registered users? (the first prompt on this page).
A temporary user is created when a registered user sends a package to an email address of someone who is not a registered user of MOVEit Transfer.
The default settings (shown below) allow the sender to add an email address when sending a package, and MOVEit Transfer then automatically creates the temporary user, generates a password, and sends it to the user. This means that when a user sends a package to an unregistered recipient, the recipient receives two separate emails, the autogenerated message that contains the user password, and the package. All recipients of a package are sent the same password, and they are required to change their password on first sign-on.
Additional information can be added to the user profile at a later time.
Note: If you have users that access Ad Hoc Transfer using the Outlook plugin, you must select Do not ask the sender for a password, instead: and Send an automatically generated password to each temporary user.
Note: For Ad Hoc Plug-in for Outlook 2.2 and later, the setting for automatic delivery of the password does not apply if you have set the Content - Package Notifications setting for Send notifications directly to Yes. In this case, credentials will always be sent separately.
For creating a password, you can have MOVEit Transfer handle the communication with the temporary user by sending an autogenerated password, or sending a set password link, which allows the recipient to create their own password.
You can also assign responsibility for creating a password to the sender, and then auto-send the password, or let the sender deliver the passwords to the temporary users.
If you have selected to have MOVEit Transfer send passwords, you can choose whether to send the password to a recipient in a separate email, or to include the password in the package notification.
Note: While this delivery option will always apply for packages sent through the MOVEit web interface, the Ad Hoc Plug-in for Outlook will ignore this option when it is responsible for sending notifications to package recipients. This behavior is controlled in the Package Notifications settings page: when the plug-in is allowed to send the package notification itself, it will always send credentials separately, in a second email.
The credentials must be separate from the notification due to the way that the email thread is maintained in plug-in version 2.2 and later: if there are multiple recipients on the thread, the credentials cannot be sent in the same email thread as the package notification, because everyone on the thread would be able to see each other’s password. Instead, the plug-in always sends the same package link to all recipients within an email thread, then sends a second, individual email to each recipient that contains the recipient's credentials to access the package.
Note: This section appears only if you select Package Password for If Permitted, how should access be granted to recipients of senders who are not currently registered users? (the first prompt on this page).
This section sets options for using a package password. A package password is sent to a guest user who is the recipient of a package. The password is used only for access to that package. A guest user is different from a temporary user in that a MOVEit Transfer user profile is not created for the guest user. Note: Security settings for Remote Access and IP Lockouts apply to guest users.
For creating a password, you can have MOVEit Transfer handle the communication with the guest user by sending an autogenerated password.
You can also assign responsibility for creating a password to the sender, and then auto-send the password, or let the sender deliver the passwords to the guest users.
If you have selected to have MOVEit Transfer send passwords, you can choose whether to send the password to a recipient in a separate email, or to include the password in the package notification.
This section allows administrators to limit the domains for the unregistered recipient email addresses. This helps prevent users from adding certain users as either temporary or guest should not be added as such. The domain list is a comma-delimited list of domains to match against. The rule settings determine whether matched domains will be allowed or denied. For example, a list of yahoo.com, msn.com, gmail.com, ipswitch.com will keep people from defining temporary users from some common free email domains and from Ipswitch domain.
Note: This section appears only if you select Package Password for If Permitted, how should access be granted to recipients of senders who are not currently registered users? (the first prompt on this page).
This section allows administrators to enable or disable access to the Upload/Download Wizard by Guest users (whether recipient or sender).
By default, the option Allow Guest users to take advantage of the Upload/Download Wizard is selected.
Clear the checkbox and click Save to disable access to the Wizard for Guest users.
Allow temporary users to send packages to themselves: TempUsers can send themselves a package, which is a possible security issue. This allows the Org admin to control access.
Hide the "Options" section from temporary users on the "Send a new Package" page: Ability to hide Options from Temp Users composing packages. This allows the Org admin to control access.
The Reactivate expired temporary users when they receive a package selection was moved to another page. You can now set it from SETTINGS > Security Policies - User Auth - Expiration. (This setting allows expired but not deleted TempUser accounts to be reactivated when they receive a new package.)