Global Settings

The following settings apply to all users and all files uploaded via MetaDefender Vault. Changing any of these settings will only affect files uploaded after the setting has been changed.

You can configure the default settings by going to SettingsGlobal Settings. Please note that you will need administrator privileges.

Guest Settings

Disable guest creation

This option disables the guest creation for all users, including administrators. If this option is turned on, the Users → Guests page on the left menu will disappear for all users.

This option is useful when you don't want your users to create temporary accounts and share files with people outside your organization or when the Single Sign-On enforced authentication option is active.

The options below will be inactive when this option is active.

In case there are any existing guests created they will not be able to login after this option is enabled.

Disable guest creation by users

Specifies if users can create guest accounts or not. Please note that administrators are still able to create guest accounts. If this option is turned on, users will not see the Users → Guests page on the left menu.

This option is useful when you don't want your users to create temporary accounts and share files with people outside your organization.

Disable editing guest expiration date by users

Use this setting if you wish to control the expiration time of guest accounts created by your users. For example, the following configuration ensures that your users can't create guest accounts that are valid for more than a day.

Default guest expiration period

The default period after which a guest account is permanently removed from the system.

External User Settings

Disable external user creation

This option disables external user creation for all users, including administrators. If this option is turned on, the Users → External Users page on the left menu will disappear for all users.

This option is useful when you don't want your users to create temporary accounts and share files with people outside your organization.

The options below will be inactive when this option is active.

Disable external user creation by users

Specifies if users can create external user accounts or not. Please note that administrators are still able to create external user accounts. If this option is turned on, users will not see the Users → External Users page on the left menu.

This option is useful when you don't want your users to create temporary accounts and share files with people outside your organization.

Disable external user expiration

This option controls whether external user accounts should have an expiration date or not. When enabled, the external user accounts creation dialog will no longer require users to select an expiration date for the new account. Also the system will disallow editing the expiration date for existing external users.

Disable editing external user expiration date by users

Use this setting if you wish to control the expiration time of external user accounts created by your users. For example, the above configuration ensures that your users can't create external user accounts that are valid for more than a day. Users will also be unable to edit the expiration date for owned external user accounts.

Default external user expiration period

In case there are any existing guests created they will not be able to login after this option is enabled.

The default period after which a external user account is permanently removed from the system.

Session Settings

Absolute session timeout period

This option defines an absolute timeout for a session. A session is automatically extended while a user interacts with the web application, however, it will not be increased any longer than the absolute timeout.

For example, with default values, a user who logs in at 9 AM would be able to stay signed in until 10 AM. If a file uploaded happens before 10 AM (i.e at 9:45 AM) the session is automatically extended until 10:45 AM.

This can happen over and over again until the user signs out (at which point the session is terminated) or a day has passed (1 day is the default absolute timeout).

Please note that a very small value (i.e one hour) may lead to interrupted uploads while large values can negatively impact security.

File Settings

Download authentication required

This setting specifies if the files uploaded using MetaDefender Vault can be downloaded with or without requiring the user to login before downloading.

Sharing

This option specifies if file sharing between users is allowed or not.

Advanced sanitization

Allows users to skip sanitization: data sanitization can be skipped when uploading a file if the users wishes so.

Block files without sanitization: this option will ensure that files that were not sanitized are not available for download and will reach "Blocked: No Sanitization" state.

In order for this feature to work Supervisor Approval must be enabled and Multi-scanning and Data Sanitization must be configured.

The Blocked: No Sanitization state can only be changed by administrators by approving the file on Processing History page. Also, make a note of the fact that supervisors cannot allow a file in Blocked: No Sanitization state even by approving it.

Limit maximum file size

Enable this option if you wish to set a maximum size limit when a file is uploaded.

User quota (limit total files size)

Enable this option to limit user storage. When this setting is active

  • All users will not be allowed to upload any files that would exceed the quota
  • Current storage status will be shown at the information dropdown list area

Expiration date

Every file has its own expiration date. A default value can be configured with this option. Once a file expires it is permanently removed.

Allow editing file expiration date by users

Upon disable this option, the user is unable to change the file expiration time at uploading time, the value is set by default as the Expiration date.

Authentication Settings

Single Sign-On

Enforcing Single Sign-On will disable plain authentication (using username and password) for all users.

The option can be activated only if Single Sign-on is enabled.

Active Directory

Enforcing Active Directory will disable Single Sign-On Login in case it is active and regular users will no longer be able to log in.

The option can be activated if at least one Active Directory is enabled and fully configured.

In case the "Single Sign-On" or "Active Directory" option is enabled the login will not be available, even for administrator users. To troubleshoot Single Sign-On in case the service is down or there is a misconfiguration an administrator needs to access MetaDefender Vault interface directly from the server on which Vault is installed and click on the "Are you having trouble with AD/SSO login?" button that appears on the login screen.

In case the "Enforce Single Sign-On" option is enabled, it will prevent the administrator from disabling the Single Sign-On. The same behavior applies to enforcing Active Directory.

Transient user roles (guests and external users) are not affected by the authentication enforcement. You can disable guest and external user roles individually.
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Storage
On This Page
Global SettingsGuest SettingsDisable guest creationDisable guest creation by usersDisable editing guest expiration date by usersDefault guest expiration periodExternal User SettingsDisable external user creationDisable external user creation by usersDisable external user expirationDisable editing external user expiration date by usersDefault external user expiration periodSession SettingsAbsolute session timeout periodFile SettingsDownload authentication requiredSharingAdvanced sanitizationLimit maximum file sizeUser quota (limit total files size)Expiration dateAllow editing file expiration date by usersAuthentication SettingsSingle Sign-OnActive Directory