VanDyke Software

Tips

Index

Configuring the VShell® Server User Database for File-Transfer-Only Access

Introduction

Beginning with VShell 3.5 for Windows, users can be defined in a database that is specific to the VShell server. This virtually eliminates the need to create Windows users when there is only a need to grant file transfer access to the machine. In this scenario, the VShell server uses a single Windows system user to obtain a security token and determine file system access for users. All VShell database users are treated as the system user when interacting with the file system. VShell database users are only allowed access to VShell file transfer services.

Configuring the User Database

To begin configuring the user database, go to the Advanced page in the VShell Control Panel and select the Enable user database option. This option activates the User Database page in the Control Panel and allows the administrator to specify the system user information. Enter the username and password of the Windows system user that will be used by the database. The system user can be a local machine user or a domain user.

VShell Control Panel - enable user base option

Creating VShell Database Users

The next step is to create the VShell database users. Open the User Database page in the VShell Control Panel and click on the Add button. Enter the username, optional full name, and password for each file transfer user needed. The Full Name field is useful for adding administrative notes relating to that particular user. All user information can be edited at any time. Deleting a user from the database immediately disables all access for that user.

Defining VShell user database accounts

Configuring User Access to the VShell Server

After adding users, the next step is to grant them access to the server. Open the Access Control page in the VShell Control Panel, click on the Add User From Database... button, select any user and press OK. Now, enable or deny the appropriate permissions for the file transfer user. Click on the Log on control to enable the user to access the VShell server. The user can then be allowed access to one or more of the file transfer options, which include SFTP, SCP, and FTPS (if you are running the VShell with FTPS edition). VShell database users are only allowed access to VShell file transfer services.

Configure File Transfer Access Permissions

Virtual root directories can also be configured for the VShell database users. Add or edit a root directory from the Virtual Roots page in the VShell Control Panel, then select the Add User From Database... button to connect users to the virtual root.

Define a virtual root directory for database users

It is also possible to add, edit, and delete users from the database using the VShellConfig command-line utility. This utility allows remote configuration of the user database, access control, and the virtual root settings. Please see the VShellConfig topic in the VShell Server Help for more information.