Syncplify.me Server v8

Appearance

Users

The Users section manages the accounts and groups that can connect to this virtual site. It has three surfaces: the user list, the read only user detail, and the user editor.

The Users list

The user list

The list shows every account with its username, type, allowed protocols, status, and email. A search box filters by username, email, or description.

Account types are:

  • Local: a normal account that authenticates against the server.
  • LDAP user and LDAP group: accounts backed by an LDAP directory.
  • OIDC: accounts that authenticate through an OIDC identity provider.

LDAP and OIDC account types are license gated. When the license does not cover them, those types cannot be selected when creating an account.

Select Create user to add an account. Right click a row (or use the actions menu) for per user actions:

  • View opens the read only detail.
  • Edit opens the editor.
  • Clone creates a new account that copies every setting from the original; only the username differs. You provide a new username, which must differ from the source.
  • Enable or Disable toggles the account. Disabled accounts cannot connect.
  • Delete removes the account. This cannot be undone.

The per user actions menu

User detail

The detail page is a read only summary of an account, available to anyone who can view users. It opens with the username, the account type, and an enabled or disabled status tag.

The user detail page

It presents:

  • Activity statistics: successful and failed logins, data uploaded and downloaded, files uploaded and downloaded, the last login IP, and the last failed login. These are shown even to administrators who cannot edit the user.
  • Overview: email, home folder, multi factor status, and description.
  • Access summary: the allowed protocols and the accepted authentication methods.
  • Virtual folders: any additional virtual file systems mounted into the account.
  • App passwords: for OIDC accounts, the app passwords with their active or revoked status.

An Edit configuration button opens the editor (only for administrators with edit permission on users).

The user editor

The editor creates and edits accounts. It is organized into tabs along the top. The available tabs depend on the account type. Saving an existing account sends only the fields that actually changed.

The user editor

Main

The Main tab holds the core identity and account settings:

  • Username: the login name. It cannot be changed after the account is created.
  • Account type: Local, OIDC, LDAP user, or LDAP group. The type can only be chosen at creation, and license gated types are disabled when unlicensed.
  • Email and Description.
  • Home folder (VFS): the virtual file system mounted at the account root.
  • Allowed protocols: which protocols and subsystems the account may use.
  • Account enabled and May change own password.
  • Automatically enable on a date and Automatically disable on a date: schedule the account to switch state at a chosen date and time.

For LDAP accounts, the Main tab also asks for the LDAP server. For OIDC accounts it asks for the SSO provider, the SSO subject (the external subject claim that maps to this account; leave empty to match by email), and an option to Require local MFA after SSO login.

Authentication

The Authentication tab applies to Local accounts only. LDAP accounts authenticate against their directory and OIDC accounts through SSO, so the tab is hidden for those types.

The Authentication tab of the user editor

It covers:

  • Authentication methods: the accepted methods (at least one must be selected), plus Require more than one method over SSH for multi factor over SSH.
  • Multi factor authentication: the authenticator type (None or an authenticator app using TOTP) and Force MFA enrollment.
  • Password: when a password is already set, a marker says so and a button lets you set a new one. When setting a new password you can also force a change at next login.
  • SSH public keys: add and remove public keys, each with a name and the key value.

Virtual folders

Mount additional virtual file systems at custom paths inside the account. Each entry has a mount path, the virtual file system to mount, its permissions, and whether it is visible in listings.

The Virtual folders tab of the user editor

Permission overrides

Override the default permissions on specific sub paths. Each override has a path and a permission set.

The Permission overrides tab of the user editor

Speed limits

y Bandwidth caps per source address or network, with upload and download limits in KB/s. A value of 0 means unlimited.

The Speed limits tab of the user editor

Event handlers

Run scripts in response to events for this account. Each handler binds an event to a script and carries a priority, a timeout in seconds, an enabled flag, and an option to run asynchronously.

The Event handlers tab of the user editor

Network access

Restrict connections to specific source addresses or networks. Each entry accepts an IP address or CIDR network and optional notes. An empty list means any source is allowed.

The Network access tab of the user editor

App passwords

The App passwords tab appears only for OIDC accounts that already exist (at edit time, not at creation time). App passwords let OIDC accounts authenticate over the file transfer protocols, which cannot perform an interactive SSO flow. Each app password lists its name, protocols, created and last used dates, use count, expiry, and status, and can be revoked. App passwords are license gated.

The App passwords tab of the user editor