The User Manager

About Cerberus FTP Server Authentication

Cerberus FTP Server can manage user accounts from three different sources. The first is the default Cerberus FTP Server user database. The Cerberus default user database is displayed in the User List box on the General page of the User Manager. The accounts within the default database are users created just for Cerberus FTP Server. The directions on this page are for adding a user to this default database.

You may also use Cerberus FTP Server to authenticate Active Directory users when the machine hosting Cerberus is part of a domain (or the local NT account database), even if the computer Cerberus FTP Server is installed on is not the domain controller. See the page Active Directory Authentication for more information on how to configure Cerberus to allow authentication of Active Directory domain users.

Finally, users can also be authenticated against an LDAP service. See the section on configuring Cerberus for LDAP authentication.

NOTE: Active Directory and LDAP authentication are only available in the Professional version of Cerberus FTP Server.

Adding a new user

Users can be added and modified in the Cerberus FTP Server user database by opening up the User Manager and selecting the Users tab. To add a user, select "New" from the button to the right of the Cerberus User Accounts group box. A new user will appear under the user list box. The newly created user will already be in rename mode, so simply type in the new name of the user. All user names must be unique and are case insensitive. Once you have entered the new user name, press enter to commit the change. The user can then be configured by clicking on the user's name in the user list box.

The Cerberus FTP Server User Manager- Users page

A list of configurable properties for that user will appear in the list box to the right of the user. Those properties are:

Group: A Cerberus FTP Server Group that this user belongs to.
Is Anonymous: If checked, the user password is ignored and the user can be logged in using any password.
Password: The password for the user. Note, The Password always displays as 7 (*) characters, regardless of the length of the actual password.
Simultaneous Logins: The maximum number of connections this user can make to the server at the same time.
Simple Directories: See below for an explanation of this setting
Account is Disabled: Determines whether the account can login or not. A disabled account cannot login into the server.
Require Secure Control: If enabled, this user can only login to the server using a secure connection (TLS/SSL encrypted session).
Require Secure Data: If enabled, file transfers will only be allowed if the connection is secure.
Disable After Date: If a date is set here then the account will become disabled after that date.
SSH Authentication: Determines the authentication requirements for logging into an SFTP interface. Valid options are:

Password Only: Require only a password for authentication.
Public Key Only: Require only a valid public key for authentication
Public Key and Password: Require both a valid public key and a valid password for authenticating a user

The SSH Authentication Method dialog under the User Manager

The Virtual Directory System

The virtual directory (VD) system allows the administrator to attach any directory or drive to the root. When a client requests the root directory from the server, the VDs you specify are sent to the client. The client can also navigate to any of the VD directories' subdirectories. The VD system takes care of all path translation.

Security settings can be specified for each virtual directory. All subdirectories under the VD inherit the security settings of the VD.

There are 2 modes that a user account can operate in with respect to the virtual file system. The two modes are simple and standard mode.

Simple Virtual Directory mode

When a user account uses simple directory mode, the administrator can only assign one directory to represent the virtual directory for that user. Instead of that directory being seen as a subdirectory off of the root, the virtual directory selected will be the directory the user is placed in when they first log into the server. In other words, the directory selected as the virtual root directory will be the root directory.

Standard Virtual Directory mode

In standard mode (the Simple Directories option is un-checked), the administrator may add as many directories as virtual directories to a user account as desired. The directories selected will appear as subdirectories off of the root when the designated user logs into the server.

Adding a virtual directory to a user account

Each user can be assigned different virtual directories. A virtual directory is added to a user account by using the User Manager, pictured above. To add a virtual directory to a user, first:

Select the user in the "User List."
Next, click on the button labeled "...". This button is located below the "User List" list box, in the "Virtual Directory" group. Once you have clicked on the "..." button, a "Browse for Folder" dialog will appear.
Navigate to the directory you wish to add and press the "OK" button on the dialog box. The directory you selected should appear in the edit box to the right of the "..." button.
Finally, select the "Add to Root" (this button will be labeled "Assign as Root" in simple mode) button located to the right of the "..." button.

Virtual Directory Permissions

Each virtual directory that you add for a user can have a separate and distinct set of access permissions. The settings applied to a top level virtual directory filter down to all of that root directory's subdirectories.

Permissions can only be assigned at the top, root level.

Support