Creating External Users

This procedure describes how to create MFT Enterprise B2B external users, which enables them to transfer and receive files via the File Exchange website or a third party FTP client.

Before you begin

Begin

  1. From the Managed File Transfer domain, select MFT Enterprise Configuration.

    If the button is disabled, you need to install Control-M MFT B2B, as described in Control-M MFT Enterprise Installation.

  2. Log in with the same username and password that you used to log in to Control-M Web.

    The MFT B2B window appears.

  3. From the Users tab, click .

  4. For each field, type the required value, as described in External User Parameters.
  5. Click Save.

External User Parameters

The following table describes external user parameters that are defined in the Hub.

Parameter

Description

User Name

 Defines the name of the new external user

Password

Defines the password of the user.

The password must be at least 8 characters, which contains at least one uppercase letter, one lowercase letter, and one digit or symbol.

Generate Password

 Generates a one time password that is sent to the user by email with a request to change it within a defined time period, as described in Policies Settings.

User must log in to File Exchange and change password

 Determines whether the user must log in to the File Exchange website and change the password.

Password never expires

 Determines whether the user password expires with a defined period, as described in Policies Settings

Email

 Defines the email address of this user that receives notifications about password expiration and user lockout

Phone Number

 Defines the phone number of the user.

Company Name

Determines the name of the company that this user belongs to.

Description

Provides a description of this user.

Default Folder

Determines whether the home folder for the external user to upload and download files is B2B Home or one of the virtual folders.

Default: B2B Home

  • If the required virtual folder doesn't exist, you can create a new virtual home folder for this user by clicking New Virtual Folder and adding it.

  • The user is automatically authorized to the selected folder.

  • If the user is authorized to more than one virtual folder, and the default folder is set to a specific folder (not B2B Home), the user can still access the other folders using SFTP/FTPS by adding the B2B Home folder name to the beginning of the virtual folder path.

    A user is authorized to vfolder1 and vfolder2. The default folder is vfolder2.

    After the user logs in, the home directory / shows the content of vfolder2.

    To access vfolder1, the user must type the following:

    cd /b2bhome/vfolder1/

SSH Public Key

Defines the external user public key.

Valid key types:

  • ssh-rsa

  • ecdsa-sha2-nistp256

  • ecdsa-sha2-nistp384

  • ecdsa-sha2-nistp521

  • ssh-ed25519

AS2 Setting

Defines the AS2 parameters, as follows:

  • AS2 ID: Defines the logical name of the trading partner.

  • Partners Certificate Alias: the alias of the partner certificate that is stored in the AS2 keystore.

  • AS2 Destination Folder: Determines the authorized virtual folder where the uploaded file must be saved.

    If the virtual folder doesn't exist, the AS2 messages is stored in /cm/AFT/as2/server/inbox.