TT User Setup Documentation
- Getting Started
- User Administration Basics
-
User Administration: Administrative Users
- Creating and Editing Administrative Users
- Creating a Super Administrator
- Creating a Broker Administrator - X_TRADER ASP
- Allowing Buy-side Administrators to Manage Product Limits (X_TRADER ASP)
- Creating a Group Administrator (non-X_TRADER ASP only)
- Creating a Gateway Login Administrator (non-X_TRADER ASP only)
- Creating a Password Administrator (non-X_TRADER ASP only)
- Creating a View Only User
- Creating a Collect Log Files Only User
- Configuring the Outgoing Email Settings
-
User Administration: X TRADER® Or X RISK® Users
- Creating and Editing X_TRADER or X_RISK Users
- Applying Basic User Properties
- Customizing Billing Data for a User - X_TRADER ASP only
- Configuring User Risk Settings for a User
- Setting Application Permissions
- SettingTrade Permissions
- Creating and Managing X_TRADER Customer Defaults
- Customer Defaults and Algo Defaults MiFID II
- Allowingor Blocking Product Groups for Specific Markets
- Applying X_RISK Permissions
- Creating a New Gateway Login through the Users Window
- Generating a Gateway Login for all Gateways
- Assigning Gateway Logins to a User Through the Users Window
- Setting Account Permissions
-
User Administration: FIX Adapter
- TT FIX Adapter and TT User Setup Overview
- Setting Up a TT FIX Adapter Server (non-X_TRADER ASP)
- SettingUp a FIX Adapter Client User
- Setting Up an AccountDefault
- FIX Adapter Account Defaults MiFID II
- Assigning TT FIX Adapter Client(s) to a FIX Adapter Server
- Allowing or Blocking Product Groups for a FIX Adapter User
- User Maintenance
- Gateway Login Administration Basics
-
Creating Gateway Logins
- Creating a New Gateway Login
- Assigning the MemberGroupTrader ID
- Disabling Start-of-Day Records
- Assigning Gateways to Gateway Logins
- Mapping a TTORD to an Exchange Trader
- Adding Gateways to Existing TTORDs
- Assigning Accounts
- Configuring Risk
- AssigningUsers to a Gateway Login
- Editing a User's Gateway Login Attributes
- Assigning Gateways to Multiple Gateway Logins
- Account Group Administration
- Account Administration
- Order Passing Group Administration (X_TRADER ASP)
- Gateway Login Risk Administration
-
Account And Account Group Risk Administration
- Adding Account-Level Risk Checking
- Adding Account Group-Level Risk Checking
- Creating Product Limits for Accounts and Account Groups
- Enabling Duplicate Order Check for Accounts and Account Groups
- Creating Contract Level Overrides
- Contract Limits Overview
- Creating Margin Limits for Accounts and Account Groups
- Applying Account-BasedRisk to Wholesale Trades
- Configuring Wholesale Order Overrides
- Copying Product Limits to Additional Accounts or Account Groups
- Copying Account-Based Product Limits to Additional Gateways
- Copying MGT-based Product Limits to Account-Based Product Limits
- User Level Risk Checking
- User Group Administration
- Publishing To Guardian
-
Server Administration
- Disabling Trading for a Trading Environment
- Collecting Log Files
- Using Version Control Rules
- Resetting the Guardian Exchange Tree (non-X_TRADER ASP only)
- Editing the Currency Exchange Rates
- Adding and Deleting Currencies
- Editing Product Margins
- Viewing and Clearing Product Margin Conflicts
- Viewing and Publishing Licenses
- Migrating Users to a New Gateway
- Understanding Server Messages
- System Settings
- Enabling Two-factor Authentication
- Reports
-
Tutorials
- How to Setup a New User Who Will Trade Using a TTORD Gateway Login
- How to Map an Additional Gateway Login to an Existing TTORD User
- How to Set Up an Administrator Who Uses Both X_RISK and TT User Setup
- How to Set Up a Third-party Risk Administrator
- How to Create a New User by Copying an Existing User
- How to Assign Existing Product Limits to Other Gateway Login IDs Simultaneously
- How to Change Multiple Product Limit Values Simultaneously
- How to Set Up Customer Defaults
- How to Update Customer Defaults Across Multiple Users Simultaneously
- How to Change the Message Users Receive When Their Logins Fail
- How to Use Wildcard Characters in Filters
- How to Set Up a Tiered Administrator
- How to Set Up a Drop Copy TT FIX Adapter Server and Corresponding FIX Adapter Clients
- How to Set Up an Order Routing TT FIX Adapter Server and Corresponding FIX Adapter Clients
- How to Set up a User for Autospreader SE or Synthetic SE
- Creating TT SIM Credit Limits and Product Limits
- Appendix
System Settings
Introducing System Settings
Use the System Settings window to configure server properties like:
- Concurrent Logins: Limits the number of times a single username can be logged in concurrently.
- Password Locking: Prevents users from logging in after certain limits are surpassed (i.e., incorrect login attempts or days of inactivity). An administrator can configure a message for a user whose login attempt fails for any reason.
- Password Rules: Defines the level of password complexity required for all users changing their password, the number of unique passwords required before reusing a prior password, and the length of time a password is valid.
- Automatic Diagnostics: Determines which potential problems TT User Setup Diagnostic Checks automatically searches for.
- X_STUDY and FMDS Settings: Allows an administrator to enable or disable X_STUDY and its related FMDS settings.
Note: Only Super Administrators have access to the System Settings because these properties apply to all users. In a X_TRADER® ASP environment, only TT Administrators can edit the System Settings.
Configuring Concurrent Login Rules
Administrators can limit the number of times a single user can be logged in concurrently (based on the number of IP addresses from which a user has logged in). If a user attempts to log in with a username that has already reached the assigned maximum number of logins, the login fails until that user ID closes a client connection and releases a license. TT SIM logins do not affect concurrent license counts.
Note: The concurrent login feature works for users logged in using Universal Login only.
Warning: To correctly control time delays, you must synchronize the machine times for each TT User Setup server.
To limit the number of concurrent logins...
- From the Server Admin menu,
select System Settings.
The System Settings window appears and defaults to the General tab.
- Check the Enforce maximum concurrent logins per user option.
- Click Save.
You have successfully limited the number of concurrent logins.
Configuring Password Locking Rules
Use the password locking feature to prevent users from logging in after defined limits are surpassed. As an administrator, you may not lock out a user. However, you can configure users to be locked out when either of the following conditions occurs:
- A user enters an incorrect password too many times.
- A user does not attempt a login within a certain number of days.
TT User Setup provides the user with a notification whenever the user's status has changed to "locked". You can unlock users from the Edit User window.
Note: The Locked Out column on the Users window lists all the locked out users in your trading environment.
To set password locking rules...
- From the Server Admin menu,
select System Settings.
The System Settings window appears and defaults to the General tab.
- Check the Automatically lock out users due to failed attempts or inactivity option.
- In the Number of failed login attempts
before user status is set to LOCKED field, select a number
between 1 and 100 to designate how many incorrect passwords a user
can enter before the user's status is set to "locked".
Note: The default value is 3.
- In the Days of inactivity allowed before
user status is set to LOCKED field, select a number between
1 and 100 to designate the number of days of inactivity before a
user's status is set to "locked".
Note: The default value is 30.
- Click Save.
You have successfully set password locking rules.
Customizing the Failed Login Attempt Message
If a user login fails, TT User setup prompts the user with a standard message. From the Failed Login Rules section in the System Settings window, you can configure a custom message that appears after the standard message.
To activate and customize the failed login attempt message...
- From the Server Admin menu, select System Settings.
- On the System Settings window, click the General tab.
- In the Failed
Login Rules section, check the Apply an additional failed
login message to users option.
- In the text box, edit the default message or create a new message.
- Click Save.
Note: The message in the text box appears after a failed login attempt.
Configuring Password Rules
Use the Password Rules to configure password complexity, password reuse, and password expiration rules.
-
The Password Complexity section defines the level of password complexity required for all users changing their password. In addition, you may incorporate password reuse restrictions.
Note: Password complexity changes are enforced the next time the user changes their password.TT User Setup initiates a password change when password expiration rules take effect, when a user manually changes their password, or when the administrator manually resets the user's password.
-
The Password Reuse section defines the number of unique passwords required before allowing a login to reuse a password.
Note: Password reuse restrictions are calculated from the last n times a user's password was changed, not from when password reuse restrictions were enabled or edited.
-
The Password Expiration properties define the length of time a password is valid.
As an administrator you can require a user's password to expire after a fixed number of days. However, if you want to prevent a specific user's password from expiring, check the Password never expires option on the Create New User or Edit User window.
Note: Password expiration is calculated from the last time a user's password was changed, not from when password expiration rules were enabled or edited.
- The Two-factor Authentication properties
defines the two-factor authentication’s behavior. Enabling two-factor
authentication requires setting the server settings on the Password Rules
tab and setting the configuration in each user’s User Settings.
For more information, refer to Enabling Two-factor Authentication.
Note: Two-factor authentication requires TT User Setup 7.17.30 and X_TRADER 7.17.40 or higher.
- X_TRADER ASP and non-X_TRADER ASP users hosted in TTNET can request a more or less restrictive Days until password expires setting. By default, passwords expire every 90 days and after 5 days users that are required to use two-factor authentication must re-authenticate. To request a different default for your firm, please contact TT Support.
To set password rules...
- From the Server Admin menu,
select System Settings.
The System Settings window appears and defaults to the Password Rules tab.
- Check the Enforce password complexity rules option to enable related fields.
- Specify values in the Minimum length (6-20) and Maximum length (6-20) fields
to set minimum and maximum password lengths.
Note: The default values are 6 and 20.
- Check any or all of the following options:
- Passwords must contain at least one lowercase letter
- Passwords must contain at least one uppercase letter
- Passwords must contain at least one digit
- Passwords must contain at least one non-alphanumeric character
-
To configure the system to enforce password reuse restrictions, select the check box next to Enforce password reuse restrictions and then select the Number of unique passwords required before reusing a prior password.
-
To configure the system to enforce password expiration rules, select the check box next to Enforce password expiration rules , and then select the number of days until the password expires and the number of days prior to password expiration that the system will begin issuing expiration warnings. This setting does not apply to users with passwords that never expire.
- If users must change their initial password after login or after an administrator updates the password, check the Require user to change initial password option. This setting does not apply to users with passwords that never expire.
- Click Save.
You have successfully set password expiration rules.
Automatic Diagnostics
TT User Setup allows you to run diagnostic checks that list potential set up issues based on the information available in the TT User Setup database. For example, Gateway Logins missing Accounts and Missing Product Limits.
The Automatic Diagnostics window allows you to select the diagnostics checks that all clients will automatically run. When the TT User Setup Server detects one of the automatically configured errors, it opens the Server Messages window and displays an Automatic diagnostics checks error.
To configure Automatic Diagnostics...
- From the Server Admin menu, select System Settings.
- Select the Automatic Diagnostics tab.
- Select the diagnostics that TT User Setup will automatically detect and report.
- Click Save.
Enabling and Configuring X_STUDY and FMDS System Settings
X_STUDY uses the FMDS server to obtain historical data to display in a chart for a given contract. The X_STUDY/FMDS settings available in TT User Setup allow you to designate or change the FMDS server to which one or more user's X_STUDY(s) connects. In addition, you can set up a secondary FMDS server to which X_STUDY connects if the primary server is down.
X_STUDY and FMDS must be enabled and configured at a system level before it can be enabled and configured at a user level. To enable and configure X_STUDY and FMDS for a user, refer to the Setting Application Permissions topic in the User Administration section.
Note: This option is only available for X_TRADER version 7.7.3 or later and X_STUDY 7.0.3 or later.
To enable X_STUDY/FMDS functionality for this TT User Setup system...
- From the Server Admin menu, select System Settings.
- On the System
Settings window, click the X_STUDY/FMDS
Settings tab.
- Ensure the X_STUDY/FMDS Allowed option is checked.
- For the Primary
FMDS Server section, enter the IP address and Port of
the FMDS Server.
You cannot save X_STUDY/FMDS settings unless the IP address field is populated.
- In the Service field,
type the service number.
The Service field is an additional qualifier used to differentiate multiple FMDS machines within a network. This value must match the X_STUDY workstations’ Communications setting. The default setting is 250.
- In the Timeout (secs) field,
type the number of seconds to wait to connect to each FMDS server.
Note: Typically the default value can be used in the Port, Service, and Timeout fields.
- To set up a secondary FMDS server, repeat steps 4-6 in the Secondary FMDS Server section.
- Click Save.
You have successfully configured your FMDS server(s).