View Categories

Virtual Users

4 min read

Overview #

Have ProVide integrate with any system for user authentication and configuration! With virtual script-based integration ProVide can connect to just about any data source (e.g. databases, management information systems, flat-files, …) to verify and configure accounts. All you have to do is setup two access points; one for verifying that a user will be allowed access, and one that tells ProVide the user configuration (home directory structure, limitations, security settings, etc.).

Tip 1: An easy way to learn the format of the different settings you can add to your virtual users is by creating a user with your choice of settings already applied via the adminstration interface, then open the username.uac file found in inside “accounts” in the ProVide installation directory with Notepad or similar.

Tip 2: Use groups to define basic functionalities and then simply return which groups a user should get its configuration from.

A basic example #

The example presented below display the basics with virtual user integration; two virtual accounts with different passwords and different home directory configuration.

Verification script in ProVide:

C:\Scripts\login.cmd “%IP%” “%USERNAME%” “%PASSWORD%”

Contents of file “C:\Scripts\login.cmd”:

@echo off
rem Extract IP and remove quotes
set IP=%1
for /f “useback tokens=*” %%a in (‘%IP%’) do set IP=%%~a
rem Extract Username and remove quotes
set USER=%2
for /f “useback tokens=*” %%a in (‘%USER%’) do set USER=%%~a rem Extract Password and remove quotes
set PASS=%3 for /f “useback tokens=*” %%a in (‘%PASS%’) do set PASS=%%~a
rem Check for valid logins
if /I “%USER%” == “testuser1” (
if “%PASS%” == “pass pass” (
exit 0
)
)
if /I “%USER%” == “testuser2” (
if “%PASS%” == “password” (
if “%IP%” == “127.0.0.1” (
exit 0
)
)
)
rem No valid login found – Deny access
exit 1

Configuration script in ProVide:

C:\Scripts\userconfig.cmd “%USERNAME%”

Contents of file “C:\Scripts\userconfig.cmd”:

@echo off
rem Extract username and remove quotes
set USER=%1
for /f “useback tokens=*” %%a in (‘%USER%’) do set USER=%%~a rem Configure accounts
if /I “%USER%” == “testuser1” (
echo !Restriction – VirtualAccount
echo /Virtual folder for testuser1^|^|
echo /^|C:\^|RF,LD,RR
)
if /I “%USER%” == “testuser2” (
echo !Restriction – VirtualAccount
echo /a virtual folder^|^|
echo /^|C:\^|RF,LD,RR
)

Requiring public/private key authentication and SFTP with virtual users #

The example presented below shows how to require public/private key authentication. When using virtual users the two scripts “verification” and “configuration” are actually called separately; “verification” is only called once the user supplies a password to be verified, and “configuration” is called as soon as the server needs the complete setup of an account.

Thus, if the “configuration” script is to return a requirement that the user needs public key authentication then that will be required.

Note: The line containing the public key (“!Security – PubKey: […]”) must be on one long line.

Verification script in ProVide:

C:\Scripts\login.cmd “%IP%” “%USERNAME%” “%PASSWORD%”

Contents of file “C:\Scripts\login.cmd”:

@echo off
rem Extract IP and remove quotes
set IP=%1
for /f “useback tokens=*” %%a in (‘%IP%’) do set IP=%%~a
rem Extract Username and remove quotes
set USER=%2
for /f “useback tokens=*” %%a in (‘%USER%’) do set USER=%%~a rem Extract Password and remove quotes
set PASS=%3
for /f “useback tokens=*” %%a in (‘%PASS%’) do set PASS=%%~a rem We do not allow any password verifications for virtual users – Deny all access
exit 1

Configuration script in ProVide:

C:\Scripts\userconfig.cmd “%USERNAME%”

Contents of file “C:\Scripts\userconfig.cmd”:

@echo off
rem Extract username and remove quotes
set USER=%1
for /f “useback tokens=*” %%a in (‘%USER%’) do set USER=%%~a rem Configure accounts
if /I “%USER%” == “testuser1” (
echo !Restriction – VirtualAccount
echo /Virtual folder for testuser1^|^|
echo /^|C:\^|RF,LD,RR
echo !Security – AllowFTP: False
echo !Security – AllowFTPS: False
echo !Security – AllowSFTP: True
echo !Security – AllowTFTP: False
echo !Security – AllowPubKey: False
echo !Security – RequirePasswordIfNoPubKey: False
echo !Security – RequirePubKey: True
echo !Security – PubKey: —- BEGIN SSH2 PUBLIC KEY —-\nComment: “rsa-key-20120316″\nAAAAB3Nza[…]\n—- END SSH2 PUBLIC KEY —-\n )
if /I “%USER%” == “testuser2” (
echo !Restriction – VirtualAccount
echo /a virtual folder^|^|
echo /^|C:\^|RF,LD,RR
echo !Security – AllowFTP: False
echo !Security – AllowFTPS: False
echo !Security – AllowSFTP: True
echo !Security – AllowTFTP: False
echo !Security – AllowPubKey: False
echo !Security – RequirePasswordIfNoPubKey: False
echo !Security – RequirePubKey: True
echo !Security – PubKey: —- BEGIN SSH2 PUBLIC KEY —-\nComment: “rsa-key-20120316″\nn0N9zoHof[…]\n—- END SSH2 PUBLIC KEY —-\n
)

Thank you for downloading ProVide Server

For the ultimate experience of ProVide’s features and functions,
we recommend choosing the MAXI License.

Follow the 3 easy steps below to install ProVide Server

Your Cart

Header test Qty Price
display quantity price
Product Name Qty Price

Thank you for showing interest in trying ProVide Server

Follow the 3 easy steps below to install ProVide Server

Subtotal: Total
Total (inc. VAT): Total
Tax: Total
You save: Total

Medi trial

Thank you for showing interest in trying ProVide Server

Follow the 3 easy steps below to install ProVide Server

Maxi trial

Thank you for showing interest in trying ProVide Server

Follow the 3 easy steps below to install ProVide Server

Free Trial

Get
ProVide Software