Operation: Add User / Add Admin User / Update Admin User / Update User
Description: To Add/Update Users. 

Sample Configuration
<User> <Username>username</Username> <Name>name</Name> <Password>password</Password> <PasswordHash>$2a$10$Y358hQyvWzsGVHEs6xevAurMhs6IuJinkTdMJpoTQkyvaAQz834mi</PasswordHash> <UserType>Administrator/User</UserType> <!-- For adminstrator Type --> <Profile>profile</Profile> <EmailList> <EmailID>email</EmailID> </EmailList> <Group>select</Group> <Description>Text</Description> <!-- Below policy if not defined fetch from group --> <SurfingQuotaPolicy>SurfingQuota</SurfingQuotaPolicy> <AccessTimePolicy>AccessTime</AccessTimePolicy> <DataTransferPolicy>DataTransfer</DataTransferPolicy> <QoSPolicy>Bandwidth</QoSPolicy> <SSLVPNPolicy>SSLVPN</SSLVPNPolicy> <ClientlessPolicy>ClientlessPolicy</ClientlessPolicy> <L2TP>Enable/Disable</L2TP> <L2TPIp>ip address</L2TPIp> <PPTP>Enable/Disable</PPTP> <PPTPIp>ip address</PPTPIp> <IsEncryptCert>Enable/Disable</IsEncryptCert><!-- this tag is only applicable when PerUserCertificate is Enable in SSLTunnelAccessSettings --> <CISCO>Enable/Disable</CISCO> <CISCOIP>ipaddress</CISCOIP> <QuarantineDigest>Enable/Disable</QuarantineDigest> <SimultaneousLoginsGlobal>Enable/Disable</SimultaneousLoginsGlobal> <SimultaneousLogins>Unlimited/{count}</SimultaneousLogins> <MACBinding>Enable/Disable</MACBinding> <MACAddressList> <MACAddress>MACAddress</MACAddress> <MACAddress>MACAddress</MACAddress> <MACAddress>MACAddress</MACAddress> </MACAddressList> <LoginRestriction>AnyNode/UserGroupNode/SelectedNodes/NodeRange</LoginRestriction> <!-- For SelectedNodes --> <NodeList> <IPAddress>IPAddress</IPAddress> : </NodeList> <!-- For Node Range --> <FromIP>ip</FromIP> <ToIP>ip</ToIP> <ScheduleForApplianceAccess>All The Time</ScheduleForApplianceAccess> <LoginRestrictionForAppliance>AnyNode/</LoginRestrictionForAppliance> <AdminAccessNodeList> <IPAddress>IPAddress</IPAddress> : </AdminAccessNodeList> <!-- For Node Range --> <AdminAccessFromIP>ip</AdminAccessFromIP> <AdminAccessToIP>ip</AdminAccessToIP> <Status>active or deactive</Status><!-- this tag is only read purpose --> </User>



Parameter Mandatory Default Description
UsernameYes  
Specify Username to uniquely identify the user.
Username confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 50.
NameYes  
Specify the name of the user.
Name confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 50.
UserTypeNo User 
Select the type of user from the available options: User or Administrator.
UserType confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
ProfileYes  
Select Profile.
Profile confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
Note:
This option is available only 'Administrator' User Type.
EmailIDNo  
Specify Email Address of the user.
EmailID confines to:
  • Type is 'ARRAY'.
  • Datatype is 'EMAIL'.
  • Multiple values are allowed.
GroupNo  
Select group to which the user is to be added.
Group confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
SurfingQuotaPolicyNo  
Select the Surfing Quota Policy from the list.
SurfingQuotaPolicy confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
AccessTimePolicyNo  
Select the Access Time Policy from the list.
AccessTimePolicy confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
DataTransferPolicyNo  
Select the Data Transfer Policy from the list.
DataTransferPolicy confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
QoSPolicyNo  
Select the QoS Policy from the list.
QoSPolicy confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
ClientlessPolicyNo  
Select clientlesspolicy policy from the list.
ClientlessPolicy confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
L2TPNo Enable 
Enable to allow user to get access through L2TP connection.
L2TP confines to:
  • Type is 'SCALAR'.
  • Only 'Disable', 'Enable' are allowed.
L2TPIpNo  
Specify the IP Address to be leased to the user for L2TP access.
L2TPIp confines to:
  • Type is 'SCALAR'.
  • Datatype is 'IPADDRESS'.
  • Maximum characters allowed are 15.
PPTPNo Disable 
Enable to allow user to get access through PPTP connection.
PPTP confines to:
  • Type is 'SCALAR'.
  • Only 'Enable', 'Disable' are allowed.
PPTPIpNo  
Specify the IP Address to be leased to the user for PPTP access.
PPTPIp confines to:
  • Type is 'SCALAR'.
  • Datatype is 'IPADDRESS'.
  • Maximum characters allowed are 15.
QuarantineDigestNo Enable 
Enable to send Quarantine digest daily to the user which is an email containing a list of quarantined spam messages filtered by the appliance.
QuarantineDigest confines to:
  • Type is 'SCALAR'.
  • Only 'Disable', 'Enable' are allowed.
MACBindingNo Enable 
Enable to bind user with a group of MAC Addresses.
MACBinding confines to:
  • Type is 'SCALAR'.
  • Only 'Enable', 'Disable' are allowed.
MACAddressNo  
Specify MAC Addresses for MAC binding which will allow users to login only from the specified MAC Addresses.
FromIPYes  
If Node Range option is selected for Login Restriction, specify the starting IPv4 Address for the range between which the users will be allowed to login.
FromIP confines to:
  • Type is 'SCALAR'.
  • Datatype is 'IPADDRESS'.
ToIPYes  
If Node Range option is selected for Login Restriction, specify the ending IPv4 Address for the range between which the users will be allowed to login.
ToIP confines to:
  • Type is 'SCALAR'.
  • Datatype is 'IPADDRESS'.
ScheduleForApplianceAccessYes  
Select Schedule for appliance access.
ScheduleForApplianceAccess confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
Note:
This option is available only for Administrators.
LoginRestrictionForApplianceYes AnyNode 
Select appropriate option for administrator login restriction.
LoginRestrictionForAppliance confines to:
  • Type is 'SCALAR'.
  • Only 'AnyNode', 'SelectedNodes', 'NodeRange' are allowed.
IPAddressNo  
Specify the IPv4 Addresses of nodes from where the administrator will be allowed to login.
IPAddress confines to:
  • Type is 'ARRAY'.
  • Datatype is 'STRING'.
  • Multiple values are allowed.
AdminAccessFromIPYes  
Specify the starting IPv4 Address for the range between which the administrator will be allowed to login.
AdminAccessFromIP confines to:
  • Type is 'SCALAR'.
  • Datatype is 'IPADDRESS'.
AdminAccessToIPYes  
Specify the ending IPv4 Address for the range between which the administrator will be allowed to login.
AdminAccessToIP confines to:
  • Type is 'SCALAR'.
  • Datatype is 'IPADDRESS'.
CISCONo Disable 
Enable to allow user to get access through CISCO connection.
CISCO confines to:
  • Type is 'SCALAR'.
  • Only 'Enable', 'Disable' are allowed.
CISCOIPNo  
Specify the IP Address to be leased to the user for CISCO access.
CISCOIP confines to:
  • Type is 'SCALAR'.
  • Datatype is 'IPADDRESS'.
  • Maximum characters allowed are 15.
PasswordNo  
Specify Password.
Password confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 50.
SSLVPNPolicyNo  
Select SSL VPN policy from the list.
SSLVPNPolicy confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.



Operation   Status   Message
Add User200
Add User500
Add User502
Add User503
Add User510
Update Admin User200
Update Admin User500
Update Admin User502
Update Admin User503
Update Admin User510
Update Admin User541
Update Admin User542
Add Admin User200
Add Admin User500
Add Admin User502
Add Admin User503
Add Admin User510
Update User200
Update User500
Update User502
Update User503
Update User510
Update User541
Update User542

© Copyright 2019 Sophos Firewall Limited. All rights reserved.
Sophos Firewall is registered trademarks of Sophos Firewall Limited and Sophos Firewall Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.