Map point policy
A policy can be created to define permissions for users connected to the map point. Further policies can be defined to set different permissions for individual users, Organizational Units (OU), membership of AD groups and user groups.
In this section:
Edit map point access
Support for file sharing was withdrawn from File Director 2020.3.
If required, refer to archived Link Based Sharing.
- From the File Director Admin console, click Policy > Map Point Access.
- Click Edit next to the map point required.
The Map Point Access dialog opens. A new map point will adopt the default settings - it will apply to All Users, and Policies and Platform Access will be set to Off.
The Map Point Access dialog can also be accessed directly from the map point: click Configuration > Map Points > Set policy for this map point.
- To apply the map point policy to only a selection of users click Add adjacent to the user group required:
- Organizational Units - Select the OU container you want to add, and click OK.
- User Groups - Select the group name required and click OK.
- Individual Users - Select a user name and click OK. If required, click Add to include other individual user names.
- In the panel on the right configure the settings for users of this map point:
- Force read-only - Users cannot modify or upload File Director files.
- Platform Access - Set which devices can be used with this map point.
Platform access can also be set globally which may result in policy setting conflicts. Refer to the table below for examples.
Platform | Global | Map Point | Effect |
---|---|---|---|
Windows | On | On | Users for that map point can access the File Director server through Windows. |
Mac | On | Off | Users for that map point cannot access your server on a Mac as the Global setting is overridden. |
iOS | Off | Off | Users cannot access your server on an iOS device regardless of their map point. |
Android | Off | On | Users cannot access your server on an Android device regardless of their map point as the map point setting is overridden. |
Earlier versions of File Director may have file sharing configured for use. If so, you will be able to select the type of access internal and external users can have - either read-only or collaborative.
To enable file sharing click the link in Configure SMTP server before setting policies for sharing.
File sharing can also be disabled. Refer to Link Based Sharing for more information.
The Map Point Access settings are applied to users connected to the File Director server who and match the defined criteria.
Policy configuration examples
File Director allows you to configure Google Drive as the storage location for user's home map points. All file changes are synchronized with the File Director server so files are up-to-date, regardless of the client used to edit or view them. Note that native Google file types are excluded from listings within File Director.
In this example the steps describe how to assign individual users to Google Drive storage. Alternatively, you can apply the policy to all users or user groups.
Prerequisites for this example:
-
You have configured the Google Drive connector in the Cloud Connectors tab. See Google Drive for home map points.
-
You have decided which users require access to Google Drive. Note, this could be on a per user, user group or organizational unit (OU).
It is assumed that your user(s) already has alternative storage for their home map point assigned.
-
In the File Director Admin console, click Configuration > Map Points.
-
Click Add New.
The Add New Map Point dialog opens. -
In the Map Point Type list, click the drop-down arrow and select Private/Home - Use Google Drive storage.
-
The Name field is non-configurable for private map points using cloud based storage. Users will continue to see their private map point folder as Home and will be unaware of any change of map point name.
-
In the Sync Mode list click the drop-down arrow and select the option required.
-
To add your map point, click Save.
The map point is added to the list of Private Map Points:
Each user can have only one private (Home) map point assigned.
When you enable user access you must also disable access to any other private map point for that user.
If a policy conflict exists, the user’s Home map point is displayed as offline.
Prevent access to existing storage for selected users
In our example, we want to assign Google Drive storage for selected users only. Each user can only have one private map point so the next step will be to remove access to the current one.
-
Next to the user's existing map point click the link Set policy for this map point, and then click Edit. Alternatively, click Policy> Map Point Access, then click Edit next to the map point required.
-
The Map Point Access dialog opens for the private map point selected - in this example, the existing map point is AD Home.
-
Click Edit.
-
Next to the Individual Users option click Add.
-
In the Select User dialog enter the user name required and click Search.
To search in a particular domain click Browse and select the domain required.
-
Select the user name required, then click OK. The name is added to the map point policy.
-
To add other individual users to this map point, repeat steps 4 - 6 as required.
-
Click the Platform Access buttons to toggle them Off. This action excludes the selected user(s) from this policy and use of this map point storage location.
-
To confirm your policy changes click Save.
Assign policy and enable Google Drive storage
The next step is to enable Google Drive access for the selected user(s) using the Google Drive map point created earlier.
-
Click Configuration > Map Points. Next to the Google Drive Home map point click Set policy for this map point.
-
In the Map Point Access dialog click Edit.
-
Next to the Individual Users option click Add.
-
In the Select User dialog enter the user name required and click Search.
To search in a particular domain click Browse and select the domain required.
-
Select the user name required, then click OK. The name is added to the map point policy.
-
To add other individual users to this map point, repeat steps 3 - 5 as required. Ensure the correct user name(s) are displayed.
-
Click the Platform Access buttons as required to switch them to On.
-
To confirm your policy changes and assign the policy to the user(s) specified click Save.
Having followed these steps, when the selected user now logs in to their client and opens their Home folder they will link to the Google Drive storage location.
Administrators can specify home map point storage for users based upon AD group membership, user name or organizational unit (OU). In this example the steps describe how to selectively assign users to OneDrive storage based on AD user group.
Prerequisites for this example:
-
You have configured the OneDrive connector in the Cloud Connectors tab. See OneDrive Registration.
-
For selective access, you have decided which groups require access to OneDrive.
This example selects users based upon AD user group. It is assumed that your users already have SMB storage assigned via the home map point AD Home.
-
In the File Director Admin console, click Configuration > Map Points.
-
Click Add New. The Add New Map Point dialog opens.
-
In the Map Point type list, click the drop-down arrow and select Private/Home - Use MS OneDrive storage.
-
The Name field is non-configurable for private map points using cloud based storage. Users will continue to see their private map point folder as Home and will be unaware of any change of map point name.
-
In the Sync Mode list click the drop-down arrow and select the option required.
-
To add your map point, click Save. The map point is added to the list of Private Map Points:
Each user can have only one private (Home) map point assigned. When you enable user access you must also disable access to any other private map point for that user.
If a policy conflict exists, the user’s Home map point is displayed as offline.
Prevent access to existing storage for selected users
-
In our example, the existing map point is named AD Home. Click the link Set policy for this map point and then click Edit. Alternatively, click Policy > Map Point Access, then click Edit next to the AD Home map point.
-
In the Map Point Access dialog, click Edit. Next to the User Groups option click Add. The Select Group dialog is displayed.
-
In the Group Name field, enter the name required and click Search.
-
Select the AD group required, then click OK. The selected AD group is added to your map point policy.
-
Click the Platform Access buttons to switch them Off. This action excludes the selected user(s) from this policy and use of this map point storage location.
-
To confirm your policy changes click Save.
Assign policy and enable OneDrive storage
The next step is to enable OneDrive access for the selected AD group.
-
Click Configuration > Map Points. Next to the OneDrive Home map point click Set policy for this map point.
-
In the Map Point Access dialog click Edit.
-
Next to the User Groups option click Add.
-
In the Select Groups dialog enter the name of the AD group required and click Search.
-
Select the user name required, then click OK. The group is added to the map point policy.
-
Click the Platform Access buttons as required to switch them to On.
-
To confirm your configuration and assign the policy to your AD group click Save.
Having followed these steps, when a member of the selected AD group now logs in to their client and opens their Home folder, they will link to the OneDrive storage location.