Users
Understanding user management is one of the first essential steps in designing a secure and productive work environment on Files.com.
When you combine a well-designed user schema with a thoughtful folder hierarchy, the result is a powerful and secure digital organization ready to scale to meet any enterprise needs.
Globally Unique Usernames
Files.com is a multi-tenant platform that, by default, requires that all user names across all sites be unique.
If you need to use a user naming convention or have other requirements that mean you need to create user names that may exist in other sites on the platform, you can set up a custom user namespace by setting up a custom domain for your site and toggling the sitewide setting for Globally Unique Usernames to No, this site is using a custom namespace.
Note that if you have disabled Globally Unique Usernames (either through the setting or by setting up a custom domain for your site) and you are using a single-sign on provider, you must first disable your SSO integration before you can enable Globally Unique Usernames. This means you must edit every username associated with an SSO provider to change the authentication method first.
After you have disabled Globally Unique Usernames for your account, your users must connect to an address which resolves to your account's dedicated IP addresses. If you provided your own SSL certificate while configuring the custom domain, users must connect via your custom domain or your dedicated IP addresses.
Reserved Usernames
Certain usernames frequently associated with brute force attacks are reserved by the system and cannot be used. Attempts to name a user with one of these reserved usernames will result in the "Username is reserved" error.
If you receive the "Username is reserved" error, you cannot use that username and must choose another one.
Requiring That Groups be Used for All Permission Assignment
To ensure consistency in how your site is applying permissions, it is possible to require all Permissions to be assigned only to Groups, and not to individual users.
With this feature enabled, you can ensure that a group permission framework is followed, and no one - whether accidentally or purposely - grants users individual permissions.
Site administrators can enable this feature via a site-wide setting. To locate the setting, type "Manage all permissions via groups" in the search bar at the top of every page and choose the matching result. This setting requires the Power or Premier plan.
Enabling this setting will not remove permissions previously granted to individual users.
Listing Users
User accounts are listed on the Users page of your Files.com site web portal.
Site administrators are listed at the top, and have the "Site administrator" icon on their avatar. Bot/shared users have the "Bot/shared" icon on their avatar.
To download the entire list, we recommend using the Files.com Command Line App (CLI) to export and save the list in CSV format.
User Activity
The user list includes date and time information about user activity and user logins which can be used to audit or track users last activity on the Files.com platform.
When using the web portal, the user list includes the following columns:
Column Name | Details |
---|---|
Last Login At | Most recent login time using any protocol. |
Last Active At | Most recent activity time, which is the latest of most recent login, most recent API use, account enablement, or account creation. Includes activity performed using any connection method. |
Last Web Login At | Most recent login time using a web browser. |
Last FTP Login At | Most recent login time using the FTP or FTPS protocols. |
Last SFTP Login At | Most recent login time using the SFTP or SCP protocols. |
Last WebDAV Login At | Most recent login time using the WebDAV or WebDAVS protocols. |
Last Desktop App Login At | Most recent login time using the Files.com Desktop App. |
Last REST API Login At | Most recent login time using the Files.com REST API. |
Last API Usage At | Most recent API use time, regardless of whether a session login or an API Key was used. |
Session logins include those where the user credentials are held in an external Identity Provider systems, such as Active Directory or LDAP systems.
Use of an API Key will only update the Last Active At and Last API Usage At fields. Use of an SSH/SFTP Key is identical to a session login and will update the Last Login At, Last Active At, and Last SFTP Login At fields.