Admin users can perform these tasks.
Click USERS > username. The Profile Page (User Name) opens. Locate the User Authentication section.
Date and time of the user's most recent successful sign-on
Select USERS > username > User Authentication > Account Status > Change Status. On the Change Account Status page, make a selection, add an optional remark, and click Change Account Status.
Options:
Accounts are automatically set to Inactive for reasons such as failure to change a password within an allotted time or too many incorrect password attempts. Admins can manually set an account to Inactive.
Admins can manually unlock inactive accounts, or in the case of too many bad password attempts, wait for a timer to unlock the account.
Accounts locked (set to Inactive) for security reasons are listed on an administrator's home. Email notifications are sent to Admins who have admin notifications set to on.
Template accounts are typically used as a parent account for user cloning, for manually created users and for users created automatically, such as by an External Authentication source. In these cases, the resulting user has the same expiration policy and other settings as the template account, and are subject to the expiration policy
The policy assigned to this user. User accounts can be assigned an expiration policy by class or individually.
Select USERS > username > User Authentication > Expiration Policy > Change Policy. Make a selection and click Change Expiration Policy.
Note: If an expired user account is deleted, the user's home folder is automatically deleted, unless another user has explicit permissions to that user home folder.
Expiration policy for the organization is set in SETTINGS > Security Policies > User Auth > Expiration.
Lists the source currently used by the user. See Source Options, below.
This link is available If the source for the organization is set to External then MOVEit. The admin can also change the user's external authentication source affinity, which determines the external authentication source with which the user primarily authenticates. For more information, see User Authentication.
Source Options:
Note: Users who are configured for External Only authentication cannot change their password on the Account Options page. All password changes must take place through the external authentication server.
The External then MOVEit option is available only when the organization is set to use external sources and the internal user database for authentication.
Users created through the MOVEit Transfer web interface use this authentication source by default, unless the Admin sets a different source for this user.
The MOVEit Only option is available only when the organization is set to use both external sources and the internal user database for authentication.
For users created automatically by an external authentication signon, the authentication method and authentication source affinity are set automatically. To configure the authentication method applied to users who are created in this manner, configure the authentication method for each external authentication source in the organization. (SETTINGS > Security Policies > User Auth > Auth Method) The authentication source affinity is automatically set to the authentication source that the user was created from.
Note: By changing the authentication method to an external server, you place the responsibility of user security on that server. If your authentication server is compromised, the data contained within MOVEit Automation might also be compromised. If you switch authentication methods to External Only, users must be configured on the external server in order to be able to sign on to MOVEit Transfer.
You can exempt, reset, and clear the trusted device lists of specific users. Users > username > User Authentication - Multi-Factor Authentication: Change
If password aging is enabled, the Password row shows the number of days until password expires, and number of days until an expiration warning is sent to the user.
Select USERS > username > User Authentication section > Change Password. The Change Password page opens. Make your selections and click Change Password.
Options:
Tip: Consider exempting automated users from password changes, especially any FileAdmin users used by MOVEit Automation to connect to MOVEit Transfer.
Notes: Password delivery method and permissions are set for the organization in SETTINGS > Security Policies > Password > Permissions. Password aging policy is set for the organization in SETTINGS > Security Policies > Password > Aging & History.
This section lists the interfaces the user can use to access the MOVEit Transfer server, and the credentials that are required to authenticate.
The username is required for all authentication methods
Select USERS > username. On the user profile page, go to the User Authentication section. In the Credentials Required for Access row, click Policy for the interface type
Your selections override, for this user, the organization's default interface policy. Your selections are not preserved if you change the default organization policy and apply changes to all existing users.
Selections:
Select USERS > username. On the user profile page, go to the User Authentication section. In the Remote Access Policy row, make a selection.
(Default rules are defined in SETTINGS > Security Policies > Remote Access > Default Rules)
When multiple signons are prohibited, a user cannot sign on from more than one IP address to the same interface. For example, a browser session for the jsmith user would be allowed from 192.168.1.1, but a second concurrent jsmith browser session from 192.168.2.2 would be refused. At the same time, however, "jsmith" could sign on using an FTP client from 192.168.2.2, because the web and FTP are two different interfaces.
Sections on a User Profile (User Name) page: