Skip to end of metadata
Go to start of metadata

Quick help on NTFS setup network share

This guide explains  "Prerequisites and Basic steps " to set up NTFS  on your network files.

Common doubts regarding NTFS FileCloud integration are also addressed in this page.


FileCloud Network Folders 

Windows based Network Folders that are shared with the team are managed effectively by setting permissions on them.   Network Folders are further managed using NTFS rights, setup for various AD users and groups.  

Please refer to network folder creation here: FileCloud Network Folders

FileCloud can inherit the NTFS permissions on the Network Folders, for user authorization and access to these resources.


Pre-Requisites for NTFS setup

When Network Folders are added to FileCloud, Permission needs to be set as NTFS.  This will use all the NTFS permissions already set on the Network Share. 

Please refer to network folder creation here: FileCloud Network Folders

Please note:  If Web Server is running as a service, please make sure to have this running with a user account that has "Full control" permissions over the Network Share in NTFS.


    1. NTFS is Applicable Only on network Folder with "NTFS permissions set" during network folder creation





    2. FileCloud Helper service  (optional) 

      Helper Optional

      If you are running FileCloud on a Windows Server, you do not need the Helper Service for NTFS permission checks as the Web Server itself can perform access checks.
      If you are running FileCloud on a Linux Server, you do need the Helper Service to perform NTFS permission checks


      The FileCloud Helper service performs: 


      • NTFS Permission checks for Network Folders configured with NTFS permissions on a Linux Server

      • Indexed search of Network Folders  in Windows and Linux Server

      • Content search of Documents for Network Folders in Windows and Linux Server


      For more information on FileCloud Helper service refer to: FileCloud Helper Service


    3. Assign users (AD Users)

      The permissions on these Network Folders are managed using NTFS rights setup for various users and groups (usually from Active Directory).  

      To set up AD users, Please refer to: Active Directory Authentication

      Steps to give permissions:  

  1. From admin dashboard -→ Network folders ;  click on  icon of the network folder with NTFS permission .  
  2. Use "manage users" or "manage groups"  button in the network folder details screen.  
  3. Select users or groups  to which permissions need to be given for this network folder. 
      Only the AD users in the group,  will be able to have access to contents. 

 

        

Helpful information

1. Does the Server where FileCloud runs have to be part of the domain?

  •  If you run the FileCloud Web Server as a service, yes, the server has to be part of the machine,  and  the Web Server service has to be running as an AD user with "Total control" permissions on the Network Share. 

2.  Are there any restrictions or limitations on network folders?

  •   Yes,  Please note that the path and file names together cannot be longer than 255 characters, this is a Windows restriction that the Server cannot override.  Please refer to article, the "Limits" section:  File System Functionality Comparison  

    Note:

    Full path includes the name of the file to, for example: "C:\Users\Default\Downloads\sample.docx"

    If you want to find out if you have files with a path greater than 255 you can use a 3rd party tool like Path Length Checker, which will read all the files from a specific location and show you which files are passing this restriction, you can visit the following link and download the tool: Path Length Checker

3. Can a regular user be given access to NTFS Network folder?

Yes,   the regular users can be given access,  but they will not be able to see the sub folders of the network share. 

ONLY, AD users ,  will be able to use the network folder information.   

4. When using Network Folders with NTFS permissions, is it  possible to automatically hide folders that users don't have access?

Yes,   by enabling Access Based Enumeration (ABE) settings on the Network folders.

For more info please refer to: Network Folders with NTFS permissions

5. What happens when a user permission is changed in AD ?

When user membership in a AD group is modified, that change is not propagated immediately and is cached by Windows. For more information, please check the following article: Microsoft help
As a result, if you change a user group membership, it might not be picked up NTFS helper immediately. It might take some time ranging from 10 minutes to several hours before the change is picked up. If you need the changes to be picked up immediately, you can restart the helper service.

6. How does NTFS and share permission work together ?

When sharing a network folder, it is important that the Share Permissions for the network share are setup with the right permissions for all the users. If you are setting up NTFS permissions in the folders, make sure to allow full control in the Share Permissions dialog.

From Microsoft's Documentation at (http://windows.microsoft.com/en-us/windows-vista/share-files-and-folders-over-the-network-from-windows-vista-inside-out)

The implementation of share permissions and NTFS permissions is confusingly similar, but it’s important to recognize that these are two separate levels of access control. Only connections that successfully pass through both gates are granted access.Share permissions control network access to a particular resource. Share permissions do not affect users who log on locally. You set share permissions in the Advanced Sharing dialog box, which you access from the Sharing tab of a folder’s properties dialog box.NTFS permissions apply to folders and files on an NTFS-formatted drive. For each user to whom you want to grant access, you can specify exactly what they’re allowed to do: run programs, view folder contents, create new files, change existing files, and so on. You set NTFS permissions on the Security tab of the properties dialog box for a folder or file.It’s important to recognize that the two types of permissions are combined in the "most restrictive" way.   If, for example, a user is granted Read permission on the network share, it doesn’t matter whether or not the account has Full Control NTFS permissions on the same folder; the user gets only Read access when connecting over the network.

7. Is FileCloud Helper service compulsory ?

If you are running FileCloud on a Windows Server, you do not need the Helper Service for NTFS permission checks as the Web Server itself can perform access checks.
If you are running FileCloud on a Linux Server, you will still need the Helper Service to perform NTFS permission checks.

For your reference

The FileCloud Helper service performs: 

    • NTFS Permission checks for Network Folders configured with NTFS permissions on a Linux Server

    • Indexed search of Network Folders  in Windows and Linux Server

    • Content search of Documents for Network Folders in Windows and Linux Server

For more information on FileCloud Helper service refer to: FileCloud Helper Service




  • No labels