You can use cached credentials to manage access to network resources. Credentials are stored in an encrypted file in the Reflection for Secure IT data folder The default data folder location is: C:\ProgramData\Micro Focus\RSecureServer .
To add credentials to the cache you can:
Configure the server to record Windows credentials when users log in.
Manually add user credentials to the cache.
You can use cached credentials for any or all of the following:
Use cached passwords to give users access to domain resources using their own Windows credentials. This option is needed only when users log into the server without using their Windows credentials (for example using public key authentication). Without cached credentials, users who log in with public key authentication have access to folders on local drives, but don't have access to network resources. For more information, see Record and Use Cached Credentials.
Use a specified account to connect to SFTP-accessible network resources or mapped drives. This option allows you to provide access that wouldn't be available to a user based on that user's own Windows account privileges.
Use a specified account to give the server access to Active Directory. The server uses this account when it queries Windows Active Directory for user attributes and group membership. For more information, see Active Directory Access Pane.
Use a specified account to provide access to Reflection for Secure IT Gateway users. Reflection Gateway users run under the privileges of the specified account. This option is relevant only if you have installed and configured Reflection for Secure IT Gateway and have enabled connections from Reflection Gateway Users Pane.
on theThe options are:
|
When this item is selected: |
|
|
|
|
|
When this item is selected, users who authenticate using public keys (or any other authentication method that doesn't require entering Windows credentials) have access to domain resources using their own cached credentials. NOTE:If is disabled when a user’s password changes, this setting must be enabled to record the updated password the next time the user connects or the password must be updated manually in the server console. |
Cache contents