Only connections from configured IP address ranges will be allowed to access the Administration pages - allows the administrator to allow only certain IP addresses to accessing the Administration web interface.
IP addresses allowed to access the Administration pages - the administrator enters the IP addresses that can access the Administration page. They can be comma-separated IPs, subnets or IP ranges.
e.g. 10.1.2.3, 10.4.*, 10.10.1.1-10.10.1.99
Note: Administrator access from localhost cannot be restricted.
Note: This feature does not work for servers that are using the Gateway Server to proxy requests for the Files Advanced server.
Provisioned LDAP Administrator Groups
This section allows you to manage your administrative groups. Users in these groups will automatically receive the group's administrative privileges. All of the rights are shown in a table, the ones that are currently enabled have a green mark.
Using the Actions button you can delete or edit the group. You can edit the group's administrative rights.
To add a provisioned LDAP administrator group:
Press the Add Provisioned Group.
Mark if the group should have Sync & Share functionality.
Mark all of the administrative rights you want your group users to have.
Find the group.
Click on the group name.
Press Save.
Administrative Users
This section lists all your Users with administrative rights, their authentication type (Ad-Hoc or LDAP), whether they have Sync & Share rights and their status (Disabled or Enabled).
You can invite a new user with full or partial administrative rights using the Add Administrator button. Using the Actions button you can delete or edit the user. You can edit his administrative rights, status, email address and password.
Inviting a single administrator
Open the Files Advanced Web Interface.
Log in with an administator account.
Expand the General Settings tab and open the Administrators page.
Press the Add Administrator button under Administrative Users.
Select either the Active Directory/LDAP or Invite by Email tab depending on what type of user you are inviting and what you want them to administer. LDAP users without emails cannot be given Sync & Share functionality.
To invite via Active Directory/LDAP do the following:
Search for the user you want to add in the Active Directory and then click on their Common Name to select a user.
Note: The LDAP User and Email fields will fill in automatically.
Enable/Disable the Sync & Share functionality.
Select which administrative rights the user should have.
Press Add.
To invite by Email do the following:
Enter the email address of the user you want to add as an administrator.
Note: Ad-hoc users invited by email will always have Sync & Share functionality.
Select whether this user should be licensed.
Select which administrative rights the user should have.
Select the language of the Invitation email.
Press Add.
Administrative rights
Full administrative rights - Gives the user full administrative rights.
Can manage users - Gives the user the right to manage users. This includes inviting new users, LDAP group provisioning, sending Files Advanced enrollment invitations and managing the connected mobile devices.
Can manage mobile Data Sources - Gives the user the right to manage the mobile Data Sources. This includes adding new Gateway Servers and Data Sources, managing the assigned sources, gateways visible on clients and legacy Data Sources.
Can manage mobile policies - Gives the user the right to manage the mobile policies. This includes managing user and group policies, allowed apps and default access restrictions.
Can view audit log - Gives the user the right to view the audit log.
Note: New users who are in both a LDAP provisioned administrators group and a LDAP provisioned sync & share group will get the combined permissions.
To give a user administrative rights:
Open the Sync & Share tab
Open theUsers tab
Press the Actions button for the User you want to edit.
Press Edit.
Mark all of the administrative rights you want your user to have.
Press Save.
To give an administrator specific rights:
Press the Actions button for the User you want to edit.
Press Edit.
Mark all of the administrative rights you want your user to have.