Generate/VShellIcon.gif  Virtual Root Path Dialog


This dialog allows you to add or edit virtual root paths and to configure the users and groups assigned to them. Both a path and an alias must be specified.

Note: If you are not using a client that has implemented VanDyke Software's SFTP Root extension, your client may not display the root in the tree. However, even though the client may not be able to display the root, you can still use the "Change Directory" command to access the defined root (e.g., Change Directory MyRoot:).

Virtual Root

Enter the path that you want to include in your Virtual Root List. Users will not be allowed to access any folder above the specified root folder.

VShell supports the following substitution variables within an virtual root path:
 

Variable

Description

%USER%

Specifies a username as part of the Virtual Root path. For example, a virtual root with the path set to C:\Users\%USER%\Sftp for a user with a username of Jonesdev would resolve to C:\Users\Jonesdev\Sftp when Jonesdev makes an SFTP connection to VShell.

When a user makes an SFTP connection to VShell, each virtual root containing an allow entry for that user (or for a group to which the user belongs) will be available to the user.

%HOME%

Defines a user's home folder as the SFTP Root path. For example, a virtual root with the path set to %HOME% would resolve to the path set as the HOME environment variable for the user making the SFTP connection to VShell.

Note: In order for the %HOME% variable to work, the Load the user's environment option in the Virtual Root category must be checked.

%MYDOCUMENTS%

Exposed the user's My Documents folder as one of the virtual roots for that user. Typically (under Windows 2000, XP, and 2003), this folder is located at C:\Documents and Settings\<username>\My Documents.

%DESKTOP%

Exposed the user's Desktop folder as one of the virtual roots for that user. Typically (under Windows 2000, XP, and 2003), this folder is located at C:\Documents and Settings\<username>\Desktop.

%MYMUSIC%

Exposed the user's My Music folder as one of the virtual roots for that user.

%MYPICTURES%

Exposed the user's My Pictures folder as one of the virtual roots for that user.

%PROGRAMFILES%

Exposed the user's Program Files folder as one of the virtual roots for that user. Typically (under Windows 2000, XP, and 2003), this folder is located at C:\Program Files.

 

Alias

Enter the alias you want to use for the Virtual Root.

User/Group List

This list displays the users and groups assigned to the Virtual Root and lets you allow or deny access to the specific root.

Precedence of Deny vs. Allow Entries:

When a user makes an SFTP connection, VShell looks through the list of virtual roots. For each virtual root, VShell determines if the connecting user has access by performing the following actions (in the order listed):

1.   VShell tries to find the user within all of the user/group entries set to Deny. If a match is found for the user within the denied user/group entries for an virtual root, the user will not be able to access the root.

2.   VShell then tries to find the user within all of the user/group entries set to Allow. If a match is found for the user within the allowed user/group entries for an virtual root, the user will be able to access the root.

3.   If a match for the user is not found in any of the denied or allowed entries, the user will not be able to access the root.

Add Window User/Group...

Opens the Select User or Group dialog allowing you to add Windows users or groups to the list of those with virtual root access.

Add User From Database...

Opens a dialog allowing you to add users from the VShell user database to the list of those with virtual root access.

Toggle Access

Toggles the access of the selected user or group between allow and deny.

Remove

Removes the selected user or group from the list of those with virtual root access.

The Files and Directories groups described below allow you to configure virtual roots with read-only, write-only, or read/write access. Permissions can be set on a per user/group (system and internal database users) per root basis.

Files group

Read

Check this box to grant file read (download) permissions to the selected user or group.

Write

Check this box to grant file write (upload) permissions to the selected user or group.

Delete

Check this box to grant file delete permissions to the selected user or group.

Directories group

List

Check this box to grant directory list permissions to the selected user or group.

Create

Check this box to grant directory create permissions to the selected user or group.

Delete

Check this box to grant directory delete permissions to the selected user or group.