Serv-U Remote Administration - KB Article #1101Related Articles --
Enabling Remote Administration In Serv-U
Serv-U MFT Server allows individual users to be configured as administrators and perform system updates from anywhere they have access to a web browser. To enable remote administration, first create an HTTP/HTTPS listener if you have not already (Domain Details | Domain Listeners, then "Add" a new listener, selecting HTTP or HTTPS) follow the steps below:
- Select the user account you wish to gain administrative privileges, and select "Edit"
- In the "User Information" tab, change the "Administrative Privilege" option to "Domain Administrator", "Group Administrator, "System Administrator", or one of the read-only equivalents depending on the privileges that should be assigned (see below)
- Save the account
- That user account will now be directed to the Serv-U Management Console when logging in using the HTTP Listener
- Domain Administrator - A Domain Administrator can only perform administrative duties for the Domain to which their account belongs. A Domain Administrator is also restricted from performing Domain-related activities that may affect other Domains. The Domain-related activities that may not be performed by Domain Administrators consists of configuring their Domain listeners or configuring ODBC database access for the Domain.
- System Administrator - A System Administrator has the ability to perform any File Server administration activity including creating and deleting Domains, User accounts, or even updating the File Server's license. A User account with System Administrator privileges that is logged in through HTTP remote administration can essentially administer the server as they had physical access to the machine.
- Group Administrator - A Group Administrator can add, edit, and remove users who are members of the first Group that the Group Administrator is a member of. This allows the Group Administrator to modify users who are in the same scope - for example, a Group Administrator of the "Accounting" group can add, remove, and edit users who are in the Accounting group but is not able to grant permissions to files outside of the Accounting group, and cannot edit or access users outside of that Group. Group Administration is designed to be used by department leads and junior administrators with the need to modify certain user accounts, without making changes to the Domain or Server.
NOTE: When configuring a User account with administrative privileges, take care in specifying their home directory. Oftentimes, a Domain Administrator should not be able to grant access to directories outside of the root of their domain (such as D:\ftproot\examplesite1\) - in cases like these, enable the "Lock user in home directory option" to prevent an administrator from granting access to directories beyond what they are permitted to access. Server Administrators should typically be granted access to "/", also known as root, so that they can properly perform system-wide administration.