Configure
To change the options described in this topic, select the cog icon.
Disable users
By default, the User Management Tool retains ShareFile/Citrix Content Collaboration user accounts that are not created by the current rules. This prevents the automatic deletion of user accounts that were created outside of the User Management Tool. Select the Automatically disable users not part of domain rules option only if you want to remove user accounts that do not meet the current rules for account creation.
Continue or stop scheduled jobs after an error
You can choose whether to continue scheduled jobs when the User Management Tool cannot process a rule due to a problem such as a missing last name or email address in an Active Directory (AD) record. By default, scheduled jobs continue to the next rule after an error occurs.
After the User Management Tool skips a rule due to an error, it also skips any subsequent rules that are based on the same AD object. For example, if the action to create users for a particular AD group fails, the tool also skips an action to create a distribution group for the same AD group. This avoids creating a distribution group with members that are not yet created as ShareFile/Citrix Content Collaboration users.
For rules that are run directly from the User Management Tool Rules tab, the User Management Tool always skips a rule that causes an error and continues to the next rule.
Log Active Directory operations
Automatically disable users not part of domain rules: This option is only used in rare cases in which the following are true.
- All membership in ShareFile/Citrix Content Collaboration is strictly managed by a single set of all-encompassing rules.
- All of the groups and users in those rules are members of the same domain.
When enabled, the User Management Tool finds any users who are not part of the active rules being run and disables the users. For security, the master administrator is not disabled even when you select this option. A best practice is to keep this item cleared.
Configure a proxy server
To specify a proxy server for the User Management Tool, you must be signed in as an administrative user. As a result, scheduled jobs that are run under a Windows service account cannot use the proxy server until you configure the job to use the proxy settings. The following steps describe how to specify a proxy server, export the settings, and then configure a scheduled job to use those settings.
-
Log on to Windows as an administrative user.
-
Click the cog icon to open the Options page, click Configure Proxy, and then specify the proxy settings. If you run scheduled jobs as administrator, you have completed the proxy setup.
-
If scheduled jobs are run as another user, such as a Windows service account, export the proxy settings: In the Options page, click Export Proxy Settings.
The proxy settings are exported to
C:\\ProgramData\\Citrix\\ShareFile\\User Management Tool\\proxy.config. The file is encrypted using Windows Data Protect API (DPAPI) machine-level encryption, plus a key that is unique to your User Management Tool installation. Use this file for all of the jobs scheduled from the computer where you are logged on.
Configure each scheduled job to use the exported proxy settings.
-
Open the Windows Scheduled Tasks management console, right-click the job you need to configure with the proxy settings, and then select Properties.
-
Click the Actions tab, select the Start a program action, and then click Edit.
-
Add the following to the end of the Add arguments entry: A space followed by /importproxy.
Make sure that you enter the argument after the existing entry and a space.
-
After you click OK, the Task Scheduler might ask you if you want it to run C:\Program with some arguments. Click No.
After the scheduled job successfully uses the proxy settings, the umt.log file includes the following entries:
ImportedProxy_Get
Found exported proxy settings at: C:\ProgramData\Citrix\ShareFile\User Management Tool\proxy.config
Retrieved proxy settings from file.
<!--NeedCopy-->