User Provisioning and Management
User provisioning (or onboarding) is a critical administrative function for managing both internal employees and external users like partners, vendors or customers to ensure they are able to access your Files.com account. It involves creating user accounts, controlling how they authenticate, defining roles, group memberships and granting specific permissions to ensure users have the appropriate access to resources. Additionally, the platform provides user management features for managing user information, security settings, and permissions as this information can change over time.
User creation and provisioning as well as deprovisioning can be automated or performed in bulk, it can even be achieved by integrating with your existing User Directory system.
|Individual User Creation||On the web platform, site administrators can create users one at a time. Simply type "Users" in the search box at the top of the screen, select the matching result, and click the "New User" button.|
|Bulk User Provisioning||If you need to provision users in bulk, we offer a bulk import option.|
|User Cloning and User Requests||Users can be duplicated or created based on user requests.|
|Automation Options||User creation can be automated using our API/SDKs or CLI application.|
|Automate via LDAP Integration||Our LDAP integration enables automatic provisioning and deprovisioning of users and groups from your existing LDAP/Active Directory system.|
|Automate via SCIM Integration||SCIM provisioning and deprovisioning is supported through integration with your existing Directory system and Identity providers like Okta, Azure AD, OneLogin, and AuthO. This integration also allows for seamless Single Sign-on using your existing Identity providers.|
While provisioning users, a critical step is to decide the method which will be used to authenticate the provisioned users. Files.com supports a wide range of authentication methods including the most stringent of enterprise security requirements. Please refer to the various authentication methods supported in Files.com. You also have the option to implement Two-Factor Authentication (2FA) for your users, adding an extra layer of security to their Files.com accounts. This requires the use of two different factors for access, enhancing the protection of their account.
Managing users is an ongoing administrative function, ensuring that each user's settings align with their respective roles and responsibilities as well as securing access to the accounts. To manage users, simply type "Users" in the search box at the top of the screen, select the matching result, and click on the preferred Username.
Site administrators can modify user details like Name, Email address, and Company name or manage security settings, including authentication method or Two-Factor Authentication (2FA), password resets or setting password expiration dates, protocol access updates, adding or removing of SFTP/SSH keys or API keys, IP whitelist management, and revoking active desktop connections.
Furthermore, site administrators can also fine-tune folder or group permissions or modify the permission levels. They can establish access expiration dates, modify user roles or disabling the user. Additionally, site administrators have the capability to adjust user language, timezone, header text, or notification preferences, as well as review user activity.
When using LDAP and SCIM integrations with external Directory or Identity Providers, Files.com can automatically apply changes to user attributes, such as name and email address. Additionally, it can handle group attributes like group names and memberships.
In the context of user lifecycle management, Site Administrators have the ability to deprovision or offboard users. This process acts as a vital security measure, preventing unauthorized access and optimizing resource allocation. Files.com provides various methods to disable user accounts by site administrators.
Site Administrators can manually enable or disable user accounts or the system can automatically disable inactive users, and you can also specify exceptions to this rule.
When creating new users, you can set a date for automatic account disabling if the user hasn't logged in by a particular time after their creation. You can also set an access expiration date, after which the account will be disabled. There is also the option to permanently delete user accounts.
Users provisioned through LDAP or SCIM can be deprovisionined through the same LDAP or SCIM system used for provisioning. This allows for a seamless and automated process, ensuring that user accounts are managed efficiently throughout their lifecycle within the organization.
Get Instant Access to Files.com
The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.Start My Free Trial