Configuring DS within Shares

Setting up your DS groups and DS users within Shares.

Print this page

After adding your directory service to Shares, you can configure specific settings for your DS user(s) and group(s).

Tab Description
Detail

Update the information that you inputted for the DS account when you first set it up.
Groups

View and edit your DS group permissions. Your DS groups will be listed on this page, along with Edit buttons.

To set specific permissions for an individual DS group, click the corresponding Edit button. For further instruction on editing a DS group, please refer to the section "Setting Permissions for Individual DS Groups."
Users

View and edit your DS users' permissions. Your DS users will be listed on this page (unless the number of records exceeds Shares' limit for displaying a list), along with Edit buttons. If no list appears, you can search for users by name (where you must input a minimum of one character to perform a search).

To set specific permissions for an individual DS user, click the corresponding Edit button. For further instruction on editing a DS user, please refer to the section "Setting Permissions for Individual DS Users."
Security

This tab allows you to configure specific security settings for the entire directory.

  • If you select (checkmark) Disabled, then no users from this directory can log into Shares. This also prevents you from giving individual DS users and DS groups access to log in.
  • If you select (checkmark) Login, then all users from this directory can log into Shares. If left unchecked, you may give individual DS users and DS groups access to log in.
  • If you select (checkmark) Admin, then all users in this directory have Administrative permissions. If left unchecked, you may give individual DS users and DS groups administrative access.

To configure DS users' security settings from their individual account pages, please refer to the section "Setting Permissions for Individual DS Users."

Shares

Click the Add Share link to authorize specific shares for this directory.

Upon doing so, you will be provided a list of nodes and shares that are currently configured in your Shares application, along with an Authorize link.

After authorizing a share, you can modify the directory's permissions for browsing, transferring and performing file operations within it. Note that the default permission is browse only. To edit these permissions or de-authorize the directory's access to the share, click the edit link.

From here, select (checkmark) permissions that directory users have for the authorized share. For example, everyone in this directory is allowed to browse the company's event photos; however, they cannot download, upload, or perform any file operations within the share. After modifying your settings, click the Update button. You may de-authorize access to this share by clicking Delete.

IMPORTANT NOTE: If you authorize a share for an entire directory, then any group within that directory will inherit the same access permissions.
Activity

View and search for activity within this directory.

Setting Permissions for Individual DS Groups

You may configure your DS groups with unique settings (rather than defaulting to the directory settings). You will arrive at the tabs below after clicking the Edit button for a corresponding DS group.

Tab Description
Detail

View the DS group's name, modify the directory, or delete the directory from the Shares application.
Member Of

If this group is a member of another group, then that will be indicated under this tab.
Members

Displays this group's DS members and allows you to edit corresponding DS user settings. Please refer to the section "Setting Permissions for Individual DS Users" for details on editing DS user settings.
Security

This tab allows you to configure specific security settings for all members of the DS group, including whether or not all members of the group can log into Shares, as well as if all members of the group are administrators. If you select (checkmark) Login, then all users in this group can log into Shares. If you select (checkmark) Admin, then all users in this group have Administrative permissions. If you leave these boxes unselected, then you can configure each local users' security settings from their individual account pages. Please refer to the topic Configuring Local Users for details.

Shares

Click the Add Share link to authorize specific shares for the members of this DS group to access.

Upon doing so, you will be provided a list of nodes and shares that are currently configured in your Shares application, along with an Authorize link.

IMPORTANT NOTE: If you authorized a share for this DS group's entire directory, then this group will inherit the same access permissions for that share.

After authorizing a share, you can modify the DS group's permissions for browsing, transferring and performing file operations within it. Note that the default permission is browse only. To edit these permissions or de-authorize the DS group's access to the share, click the edit link.

IMPORTANT NOTE: If the share had been authorized for this DS group's entire directory, then the Inherited? column will be populated with the text "Inherited."

From here, select (checkmark) permissions that group members have for the authorized share. For example, our accounting department is allowed to browse, download and upload spreadsheets, as well as perform all file operations within the "Spreadsheets" share.

After modifying your settings, click the Update button. You may de-authorize access to this share by clicking Delete.
Transfer Settings

Implement transfer settings/restrictions specifically for members of this group. In doing so, you will be overriding Share's app-wide transfer settings just for this group. To configure transfer settings just for this group, start by clicking the Override these settings button (which will enable the input boxes).

Now, you can configure your own transfer settings for this group.

Transfer settings include the following:

  • Upload target rate: For example, 1.5 Gbps, 500Mbps, 10 K, 3000. Leave blank to use the node's settings.
  • Upload target rate cap: For example, 1.5 Gbps, 500Mbps, 10 K, 3000. Leave blank to use the node's settings.
  • Download target rate: For example, 1.5 Gbps, 500Mbps, 10 K, 3000. Leave blank to use the node's settings.
  • Download target rate cap: For example, 1.5 Gbps, 500Mbps, 10 K, 3000. Leave blank to use the node's settings.
  • Starting policy: Select the policy that will be enforced when the transfer starts, where policies include fixed, high, fair and low. You can also select Inherit from node to use the node's settings. If fixed, the transfer will utilize a fixed rate policy. Under this policy, the transfer will transmit data at a rate equal to the target rate (although this may impact the performance of other traffic present on the network). If fair, the transfer will utilize a fair rate policy. Under this policy, the transfer will attempt to transmit data at a rate equal to the target rate. If network conditions do not permit that to be achieved, it will transfer at a rate lower than the target rate, but not less than the minimum rate.
  • Allowed policy: Select the policies that are available to the user during the transfer. You can also select Inherit from node to use the node's settings. For example, if the starting policy is fair, then you may allow them to change between fair and low by selecting the fair and low option from the drop-down list.
  • Encryption: Select from optional or AES-128. You can also select Inherit from node to use the node's settings.
  • Encryption at rest: Required or optional. You can also select Inherit from node to use the node's settings. If required, uploaded files must be encrypted during a transfer for the purpose of protecting them while stored on a remote server. The uploader sets a password before uploading the file, and then the downloader is required to enter that same password to decrypt the protected file.

Click the Save button to keep your new settings. You may also click the Use Inherited Settings button to return to the app-wide transfer configuration.
Activity

View and search for activity by members of this DS group.

Setting Permissions for Individual DS Users

You may configure your DS users with unique settings (rather than defaulting to the directory or group settings). You will arrive at the tabs below after clicking the Edit button for a corresponding DS user.

Tab Description
Detail

View the DS user's name, modify the directory, or delete the user from the Shares application.
Member of

Add this user to a DS group by selecting one from the drop-down list. You will only see DS groups that have been added to Shares (i.e. Setting Permissions for Individual DS Groups through the Shares UI).

IMPORTANT NOTE: You will not be able to add DS users to a local group; only DS groups. For instructions on configuring local users, see the topic Configuring Local Users.

After adding a DS user to a DS group, you may click the Edit link to modify the group's settings or Remove to delete them from the group (but not from the Shares application).

When you click the Edit link, you will be taken to DS group's configuration page. Please refer to the topic Setting Permissions for Individual DS Groups for details on modifying a DS group's settings.
Security Under the Security tab, you can update the following settings:
  • Disable the user's account. Note that if you disable this user's account on this screen, then the user will not be able to log into Shares even if he or she belongs to a group or directory that has access permissions.
  • Explicitly allow the user to log into the Shares application.
  • Explicitly make this user an Administrator.
  • Allow the user to log into the API (which means that even if the user does not have BROWSE permissions, he or she can still perform transfer and file operations).
  • Set an account expiration date.
Shares

Click the Add Share link to authorize specific shares for the DS user to access. Note that if this user belongs to a DS group, and the group has access to a share, then that share will be listed here (i.e., permission to access the share is "inherited" from the group). The same is true if the entire directory has access to this share.

Upon doing so, you will be provided a list of nodes and shares that are currently configured in your Shares application, along with an Authorize link.

After authorizing a share, you can modify the DS user's permissions for browsing, transferring and performing file operations within it. Note that the default permission is browse only. If browse is not selected, the DS user will only be able to access functions if he or she has been made an API User (see Security tab description above). To edit these permissions or de-authorize the DS user's access to the share, click the edit link.

From here, select (checkmark) permissions that the DS user has for the authorized share. For example, the user in our office example is only allowed to download and browse the marketing share; however, he cannot upload content or perform any file operations within the share.

After modifying your settings, click the Update button. You may de-authorize access to this share by clicking Delete.
Preferences

Select a timezone and input any comments.
Transfer Settings

Implement transfer settings/restrictions specifically for this DS user. In doing so, you will be overriding Share's app-wide transfer settings and DS group and/or directory settings.

Transfer settings include the following:

  • Upload target rate: For example, 1.5 Gbps, 500Mbps, 10 K, 3000. Leave blank to use the node's settings.
  • Upload target rate cap: For example, 1.5 Gbps, 500Mbps, 10 K, 3000. Leave blank to use the node's settings.
  • Download target rate: For example, 1.5 Gbps, 500Mbps, 10 K, 3000. Leave blank to use the node's settings.
  • Download target rate cap: For example, 1.5 Gbps, 500Mbps, 10 K, 3000. Leave blank to use the node's settings.
  • Starting policy: Select the policy that will be enforced when the transfer starts, where policies include fixed, high, fair and low. You can also select Inherit from node to use the node's settings. If fixed, the transfer will utilize a fixed rate policy. Under this policy, the transfer will transmit data at a rate equal to the target rate (although this may impact the performance of other traffic present on the network). If fair, the transfer will utilize a fair rate policy. Under this policy, the transfer will attempt to transmit data at a rate equal to the target rate. If network conditions do not permit that to be achieved, it will transfer at a rate lower than the target rate, but not less than the minimum rate.
  • Allowed policy: Select the policies that are available to the user during the transfer. You can also select Inherit from node to use the node's settings. For example, if the starting policy is fair, then you may allow them to change between fair and low by selecting the fair and low option from the drop-down list.
  • Encryption: Select from optional or AES-128. You can also select Inherit from node to use the node's settings.
  • Encryption at rest: Required or optional. You can also select Inherit from node to use the node's settings. If required, uploaded files must be encrypted during a transfer for the purpose of protecting them while stored on a remote server. The uploader sets a password before uploading the file, and then the downloader is required to enter that same password to decrypt the protected file.
Activity

View and search for Shares activity by this user.