Manage user classes

Use the User Classes page to add, enable, disable, reorder, and delete user classes.

The following topics provide user class examples and how-to instructions for managing user classes:

Related topics:

Add a user class

Use the following procedure to add a user class.

  1. Select Access > User Classes.
  2. The User Classes page is displayed.
  3. Click New User Class. A new line is displayed in the User Classes List.
  4. In the Class Name field, enter the name for the user class to create.
  5. If the name is not unique, SecureTransport uses only the first user class with that name in the User Class List.
  6. In the User Type field, select the predefined user type for the user class.
  7. Note Because of the different ways SecureTransport treats the path name specification of the download or upload directory for real and virtual users when download or upload restrictions are defined, you should avoid selecting * to match all users.

  8. In the User Name field, enter one of the following:
    • The user name, such as the UNIX-based system login name, the Windows user name, virtual user name, LDAP user name, SiteMinder, or Single Sign-On (SSO) user name.
    • On Windows, type either a username, COMPUTERNAME\username, or DOMAIN\username.
    • A pattern using * and ? to include matching users. For example, * includes all users.
    • Only one pattern is allowed.
  9. In the User Group field, enter one of the following:
    • The name or numerical GID of the group assigned to the user. If all characters are numeric, the value is a GID. Otherwise, it is group name. On Windows, the value can be either the Windows security identifier (SID) of the group or the GID from the group file.
    • An asterisk (*) to include users in all groups.
  10. In the From Address field, enter a host name, a host name pattern, an IP address, or subnet specification. For valid values, see IP addresses and host names.
  11. Only one host name, an IP address, or subnet specification is allowed.
  12. To define the user class using other user attributes or LDAP attributes, enter a Custom expression. See Custom expressions.
  13. Click the Save icon (Save) in the Edit column.
  14. The status of a new user class is set to Disabled.
Note To cancel an add operation, select Access > User Classes again.

Enable or disable a user class

Use the following procedure to enable or disable a user class.

  1. Select Access > User Classes.
  2. The User Classes page is displayed.
  3. In the User Classes List, select the check box for each user class to modify.
  4. Click Enable or Disable.
  5. The icons in the Class Name column change to indicate the status of the classes.

Edit a user class

Use the following procedure to edit a user class.

  1. Select Access > User Classes.
  2. The User Classes page is displayed.
  3. In the User Classes List, click the Edit icon (Edit) in the Edit column for the user class entry to edit.
  4. Make the required changes to the fields in the row.
  5. Click the Save icon (Save) in the Edit column.
Note To cancel an edit operation, select Access > User Classes again.

Reorder user classes

If a user belongs to multiple classes, SecureTransport categorizes the user as belonging to the first matching class in the User Classes List.

If two or more user classes have the same name, SecureTransport processes only the first of those classes in the User Classes List.

  1. Select Access > User Classes.
  2. The User Classes page is displayed.
  3. In the User Classes List, click Reorder.
  4. Up and down arrows are displayed in a column before the Class Name column in the User Classes List.
  5. Drag the rows of the User Classes List to the required order.
  6. Click Save Order.
Note To cancel a reorder operation, select Access > User Classes again.

Delete a user class

Use the following procedure to delete a user class.

  1. Select Access > User Classes.
  2. The User Classes page is displayed.
  3. In the User Classes List, select the check box for each user class to delete.
  4. Click Delete.
  5. Click OK in the confirmation dialog box.
Note If you delete a user class, it is best to remove all references to that user class from all access rules. SecureTransport ignores access rules that reference an undefined user class.

User class examples

The following example illustrates some sample user class entries.

The following table summarizes the user classes and describes their functions.

User class Definition
Internal Includes users of any type, name, or group, who connect from IP address that start with 192.168.
Partner Includes users of real type with GID 3000 who do not connect from IP address that start with 192.168.
Employees1 Includes users of virtual type whose user name begins with A, are in the employees user group, have user ID greater than or equal to 500, and do not fall into the Internal class.
VirtClass Includes all virtual users who do not fall into the Internal or Employee1 classes.
RealClass Includes all real users who do not fall into the Partner class.

Because the default RealClass and VirtClass include all users, all SecureTransport users are in one of the four classes.

Related Links