Users
Understanding user management is one of the first essential steps in designing a secure and productive work environment on Files.com.
When you combine a well-designed user schema with a thoughtful folder hierarchy, the result is a powerful and secure digital organization ready to scale to meet any enterprise needs.
Custom Username Namespace
Files.com is a multi-tenant platform that, by default, requires that all user names across all sites be unique. This means that if someone has assigned the username "audie.yose" on another Files.com site, you cannot also create that username in your site.
You can change this default behavior for your site if necessary, such as if your usernames must use a specific naming system. To do this, set up a custom domain for your site and then change the sitewide user setting for Custom username namespace to Usernames must be unique only within this site.
When your Custom username namespace is set to Usernames must be unique only within this site, all your users must connect to an address which resolves to your account's dedicated IP addresses. If you provided your own SSL certificate while configuring the custom domain, users must connect via your custom domain or your dedicated IP addresses.
Changing to Globally Unique Usernames
If your site is configured for Usernames must be unique only within this site, and you are using a single-sign on provider, you must first disable your SSO integration before you can change the setting back to the default option Usernames must be globally unique across all of Files.com. This means you must edit every username associated with an SSO provider to change the authentication method first.
Reserved Usernames
Certain usernames frequently associated with brute force attacks are reserved by the system and cannot be used. Attempts to name a user with one of these reserved usernames will result in the "Username is reserved" error.
When you receive the "Username is reserved" error, you cannot use that username and must choose another one.
Requiring That Groups be Used for All Permission Assignment
To ensure consistency in how your site is applying permissions, it is possible to require all Permissions to be assigned only to Groups, and not to individual users.
With this feature enabled, you can ensure that a group permission framework is followed, and no one - whether accidentally or purposely - grants users individual permissions.
Site administrators can enable this feature via the Manage all permissions via groups site-wide setting. This setting requires the Power or Premier plan.
Enabling this setting will not remove permissions previously granted to individual users.
Listing Users
User accounts are listed on the Users page of your Files.com site web portal.
Site administrators are listed at the top, and have the "Site administrator" icon on their avatar. Bot/shared users have the "Bot/shared" icon on their avatar.
Just as with other data tables in the web interface, you can use the Export feature to download a CSV report of all your users.
User Activity
The user list includes date and time information about user activity and user logins which can be used to audit or track users last activity on the Files.com platform.
When using the web portal, the user list includes the following columns:
| Column Name | Details |
|---|---|
| Last Login At | Most recent login time using any protocol. |
| Last Active At | Most recent activity time, which is the latest of most recent login, most recent API use, account enablement, or account creation. Includes activity performed using any connection method. |
| Last Web Login At | Most recent login time using a web browser. |
| Last FTP Login At | Most recent login time using the FTP or FTPS protocols. |
| Last SFTP Login At | Most recent login time using the SFTP or SCP protocols. |
| Last WebDAV Login At | Most recent login time using the WebDAV or WebDAVS protocols. |
| Last Desktop App Login At | Most recent login time using the Files.com Desktop App. |
| Last REST API Login At | Most recent login time using the Files.com REST API. |
| Last API Usage At | Most recent API use time, regardless of whether a session login or an API Key was used. |
Session logins include those where the user credentials are held in an external Identity Provider systems, such as Active Directory or LDAP systems.
Use of an API Key will only update the Last Active At and Last API Usage At fields. Use of an SSH/SFTP Key is identical to a session login and will update the Last Login At, Last Active At, and Last SFTP Login At fields.