Can I restrict a user to be allowed only sftp transfers? And disallow any other login (ie shell, Windows)?
With UCs 4.3 Univention has changed account types.
- Normal accounts containing all features
These users can login through all configured ways (Windows, sftp, …).
- Simple authentication accounts
These can only connect to LDAP servers, but have no possibility to log in elsewhere.
- Address book entries for maintaining contact information
No logon is possible at all.
To enable a user for sftp transfer you have to create a “normal account” which can not be restricted to dedicated services.