Domains
A Domain is a logical unit that organizes and isolates various Configuration Items (e.g., Users, Accounts, Endpoints, etc.) in UDMG. This separation can be based on organizational structure, geographical regions, specific responsibilities, or configuration requirements. Domains are helpful for managing access, security, compliance, and scalability in complex systems.
Configuration separation allows for multiple product instances to be hosted on the same application server and database infrastructure.
Before You Begin
UDMG must have at least one Domain (the Primary Domain), which is created automatically upon installation. After setting up the Primary Domain, you may want to create additional (Secondary) Domains, depending on your organization's needs. For example, you can use different Domains for development and production environments, or for each business unit.
If you need to use multiple Domains, we recommend incorporating them into your configuration plan from the beginning.
The purpose of this document is to give a general overview of Domains, and to explain administrative actions that apply to all Domains. For information specific to Primary and Secondary Domains, see the Primary Domain and Secondary Domains documentation.
If you decide to create multiple Domains, it is important to keep in mind that Domains are semi-independent. Users and Accounts within each Domain (besides System Administrators) are not able to view, and may not even know about, other Domains. If someone needs access to multiple Domains, they must create multiple Users/Accounts.
The server file system and allowable IP/Port combinations are shared across all Domains. Make sure to set the correct Endpoint Root File Paths and IP/Port combinations.
Managing Domains
Domain-specific settings are configured via the System > General > Settings section within the left sidebar. Select the "card" of the feature you want to configure. The allowable Domain-specific settings are as follows:
Branding (Banner Customization)
Domain Administrators can customize the UDMG Admin UI branding within a Domain. Each Domain can have different branding settings. To edit Domain branding, follow these steps:
- From the Sidebar, click General > Settings.
- Click Banner Customization.
- Click the Edit button above the Banner details.
- Edit details for the Banner, using the Field Descriptions table below as a guide.
- Click Update.
The following table describes the fields you can configure:
| Name | Description | Specifications | Required |
|---|---|---|---|
| Banner Label | The top Banner text is defined as follows: UDMG [Banner Label] - [Domain Name] [System Identifier Label] You can set the Banner Label to customize the text shown before the Domain Name. We recommend setting the Banner Label to the name of your company. | No | |
| System Identifier Label | The top Banner text is defined as follows: UDMG [Banner Label] - [Domain Name] [System Identifier Label] You can set the System Identifier Label to customize the text shown after the Domain Name. We recommend setting the System Identifier Label to the name of your environment (e.g., "Development"). | No | |
| Logo | The image file for your company logo. |
| No |
| Banner Color | The color of the top Banner, chosen via a color picker. | Default value: Blue. | Yes |
LDAP Authentication Configuration
Domain Admins can configure an LDAP provider to enable external authentication for Users and Accounts within their Domain.
Each Domain supports one active LDAP provider for Users and one for Accounts per Domain. If you want to use multiple LDAP providers, you need multiple Domains.
For setup instructions, see LDAP Authentication.
Single Sign-On Configuration
Domain Admins can configure a Single Sign-On (SSO) provider to enable external authentication for Users and Accounts within their Domain.
Each Domain supports one active SSO provider for Users and one for Accounts per Domain. If your organization requires multiple SSO providers (e.g., Okta and Azure AD), you must configure them in separate Domains.
SSO login options appear on the UDMG Admin UI and Web Transfer Client login screens as soon as a provider is configured and enabled. UDMG supports both SAML and OIDC protocols, allowing integration with most major Identity Providers (IdPs).
For setup instructions, see Single Sign-On (SSO).
ICAP Scanner
Domain Admins can configure inbound file scanning for viruses and content threats using the Internet Content Adaptation Protocol (ICAP) before files reach their destination. Each Domain can customize scanning settings according to specific business needs.
For setup instructions, see ICAP Scanner.
IP Filtering - Endpoints
Domain Admins can configure IP Filtering for Endpoints, which allows you to control which network addresses are permitted to access UDMG Server Endpoints.
Each Domain supports unlimited IP allowlists and blocklists of IPv4 or IPv6 addresses (including CIDR ranges) to restrict access to trusted networks and prevent connections from unauthorized or potentially risky locations.
For setup instructions, see IP Filtering - Endpoints
Deleting Domains
The Primary Domain cannot be deleted. For instructions on deleting Secondary Domains, see Deleting a Secondary Domain.
If a Domain is deleted, all Configuration Items within the Domain, including Users, Accounts, Endpoints, and Pipelines, are deleted. Deletion cannot be undone.