Set restrictions on platform, IP address, timeout and login attempts that apply to all your users.
In the admin console, select Policy > Global and click Edit. When all required changes have been made, click Save.
In this section:
Specify which platforms can log on to File Director on your server. Set the policy for each platform to On or Off as required.
Platform restrictions can also be set for individually for each Map Point. Global restrictions take precedence over those set at Map Point level - if you disable a platform at the global level, it is disabled for all users regardless of the setting on their Map Point.
The table below illustrates this behavior.
|Windows||On||On||Users for that Map Point can access the File Director server through Windows.|
|Mac||On||Off||Users for that Map Point cannot access your server on a Mac as the Global setting is overridden.|
|iOS||Off||Off||Users cannot access your server on an iOS device regardless of their Map Point.|
|Android||Off||On||Users cannot access your server on an Android device regardless of their Map Point as the Map Point setting is overridden.|
Specify which IP addresses can access your File Director server using the following formats:
- Enter each IP address on a separate line in IPv4 format.
- Specify a range of values using a dash. For example, 126.96.36.199-255.
- Use an asterisk to specify denote a wildcard - any value between 0 and 255. For example, 222.12.144.*
Set the number of consecutive failed login attempts before a user is locked out for the specified time period.
You can also specify the number of consecutive failed login attempts before locally stored data is wiped from the desktop or device.
If an account is wiped in this way, the user is put on the Remote Wipe list for the web platform which prevents the user from all web login attempts.
It is therefore recommended that you do not set the failed login attempts before wiping data at a very low figure (less than five).
This policy works differently for mobile devices where the PIN check occurs on the local device, not the server. There is no lockout for PIN attempts but if the Remote Wipe setting does apply - if the number of PIN attempts exceeds the Remote Wipe Failed Login Attempts number, the local device is wiped of all data and stored login credentials, including the PIN.
Set the length of time, in days, that files are available to recipients when shared by a link. If you do not require a time limit for a share, set to Off.
When updating this setting, changes only apply to newly created shares - existing shares adhere to the setting which was applied when the share was created.
Note that the figure set here is also the number of days a share is extended by when an expiry date is extended.
Was this article useful?
Copyright © 2019, Ivanti. All rights reserved.