For both file transfer and terminal sessions, access to remote directories (any location specified using a UNC path) can be affected by the user authentication method and the credential used for accessing that drive. This is summarized in the table below.
CAUTION:Be careful when configuring access with any credential other than the client user's own credential. When you configure an alternate credential to provide access to any folder on a server, Windows will allow access to other folders on the same server that are accessible to the alternate credential. For more information about this risk and how to handle it securely, see Best Practices for Using Cached Credentials.
NOTE:
User access to directories for file transfers (sftp connections) is configured from . ( settings also apply to scp connections made using SCP2 A file transfer implementation that uses the SFTP subsystem. SCP2 is useful for scripted file transfer. . Depending on your configuration these directories may also apply to SCP1 An early implementation of the SCP protocol used by OpenSSH. This protocol does not use the SFTP subsystem; it executes an rcp command through the secure channel. connections.)
User access to remote directories for ssh terminal sessions is configured using .
Access described here for password authentication also applies to sessions configured to use GSSAPI authentication. Access describe here for public key authentication also applies to other authentication methods (certificate, SecurID, RADIUS) for which the user doesn't provide Windows credentials during login.
Reflection for Secure IT Gateway supports access by Reflection Gateway users. When this feature is enabled, access is determined by the configured . Terminal access is disabled by default for these users and this is recommended, so users will see only those directories configured from