Login Account Properties
You can create a login account in M-Files Admin when you right-click Login Accounts in the left-side tree view and select New Login Account. For a step-by-step guide, see Creating a Login Account.
The new login account creation dialog.
Windows authentication
Windows authentication can be used for authentication on M-Files Server. In this case, the user logs in to the vault with the same login information used to log in to Windows or the domain of the organization.
Domain login is the quickest and easiest authentication method. This means that new passwords and logins are not necessary, which makes this a user-friendly method. For more information, see Differences between the various user authentication methods.
M-Files authentication
With the M-Files authentication method, the user can log in to M-Files only. If the organization does not have a Windows domain or the user must not have access to it, it is a good idea to use M-Files authentication for the vault.
Personal information
Enter an email address and a full name for the login account. This information is used for sending notifications. For more information about notifications, see Editing Notification Settings in M-Files Admin. If the authentication method used is Windows authentication, you can retrieve the personal information from the domain when you click Update Information from Domain.
License type
Select a license type for the login account.
Named user license
Named user licenses are assigned to individual login accounts. This license allows the login account to use M-Files any time, independent of other users.
Concurrent user license
When a login account entitled to a concurrent user license logs in, one license of this type is taken up. When the login account logs out, the license becomes available for use by other login accounts that use this same license type.
Read-only license
Read-only licenses are assigned to individual login accounts. This license allows the login account to use M-Files at any time, independent of other users. With the license the user is only able to read the documents, not create or modify them.
External Connector license
External Connector licenses enable third-party systems to anonymously read M-Files database. The license type is necessary for example when M-Files data is published programmatically in an intranet or extranet environment to an unrestricted number of users.
Account is disabled
This function provides an easy way to specify whether the user can log in to the server or not. This function is useful if you do not want to remove the login account altogether, but to disable it for the time being.
Server roles: System administrator
With this role, the user can make any changes on the server level. The user can change the server logins and create and delete vaults. In other words, a system administrator can do any operation on a vault.
For a system administrator to log in to a vault on the server, a user account in that vault is not necessary. However, you can set the system administrator to not have access to vaults and rights to create users in vaults where they do not have a user account. To do this, a specific license is necessary. For more information, contact [email protected].
See the table for a comparison between the permissions of a system administrator and a user with the Full control of vault administrative rights. For a description of the administrator permissions in the Advanced Vault Settings section of the M-Files Admin configurations editor, see Configuring Advanced Vault Settings.
| Operation | System administrator | Vault administrator |
|---|---|---|
| Create a vault | Allowed | Not allowed |
| Attach a vault | Allowed | Not allowed |
| Restore a vault | Allowed | Not allowed |
| Detach a vault | Allowed | Not allowed |
| Back up a vault | Allowed | Not allowed |
| Copy a vault | Allowed | Not allowed |
| Destroy a vault | Allowed | Not allowed |
| Optimize the database | Allowed | Not allowed |
| Back up the master database | Allowed | Not allowed |
| Restore the master database | Allowed | Not allowed |
| Take a vault offline | Allowed | Not allowed |
| Rebuild the full-text search index | Allowed | Allowed |
| Reset thumbnail images in a vault | Allowed | Allowed |
| Verify and repair a vault | Allowed | Not allowed |
| Migrate to Microsoft SQL Server | Allowed | Not allowed |
| Manage content replication and archiving settings | Allowed | Allowed to manage cloud storage based replication jobs |
| Create or import a login account | Allowed | Not allowed |
| Create a scheduled job | Allowed | Not allowed |
| Change M-Files Server notification settings | Allowed | Not allowed |
| Manage M-Files licenses | Allowed | Not allowed |
| Configure web and mobile access | Allowed | Not allowed |
| Shut down M-Files Server | Allowed | Not allowed |
| Log in to any vault | Allowed | Not allowed |
| Create and import users | Allowed | Not allowed |
| Import user groups | Allowed | Not allowed |
| Create user groups | Allowed | Allowed |
| See and read all vault content (including deleted objects) | Allowed | Allowed |
| See and undelete deleted objects | Allowed | Allowed |
| Destroy objects | Allowed | Allowed |
| Force undo checkout | Allowed | Allowed |
| Change permissions for all objects | Allowed | Allowed |
| Change metadata structure | Allowed | Allowed |
| Manage workflows | Allowed | Allowed |
| Manage login accounts | Allowed | Allowed |
| Manage common views and notification rules | Allowed | Allowed |
| Manage vault applications | Allowed | Not allowed |
| Edit scripts (for example related to event handlers, workflow states, and automatic property values) | Allowed | Not allowed |
| Manage connections to external sources | Allowed | Not allowed |
| Disable or enable vault event logging | Allowed | Not allowed |
| See and manage scheduled jobs | Allowed | Not allowed |
| Restart vault | Allowed | Allowed |