Multi-Tenancy with FileCloud
It is possible with FileCloud to have a single install but still have many different independent FileCloud sites available.
- You must have a fully working FileCloud installation before you proceed with Multi-Tenancy. Make sure all the install checks pass and all the checks in Admin portal are without errors.
- Only a single SSL certificate can be installed for all the sites, so therefore, it is recommended that you use a wildcard SSL certificate for a main domain say: https://*.xyzcompany.com and then setup each site as a subdomain of the main site, say site1.xyzcompany.com and site2.xyzcompany.com
- After adding a new site, you need to add an entry in your DNS configuration for the new site to point to the server on which FileCloud is installed.
- When removing a site added previously, only the site is removed from the list, however any data associated with the site or the database is not removed. We recommend you remove this separately to avoid data loss.
- Each configured site needs its own license file, you cannot use a single license with different sites.
Enabling Multi-Tenancy Support
To enable multi-tenancy support, edit the file "config/multi.php" under the FileCloud WEBROOT folder and ensure that the configuration is set as follows:
A sample multi-sample.php file is provided in your filecloud installation. You can rename the sample file to "multi.php" if you need to.
Multi-Tenancy Admin Portal
To login into the special multi-tenancy admin portal, you need to open the Admin portal login screen and login as the "superadmin" user. The password for the superadmin user would be specified in the "multi.php" file.
|Password||The password for the superadmin user would be specified in the "multi.php" file.|
If two factor authentication for super admin access is enabled, then you will need to provide additional code to continue
Managing Different Sites
Once you login as superadmin you will see the multiple site management screen.
Storage Quota column indicates the current storage quota and the maximum allowed storage quota limit in GB for that site.
Users column indicates the current users and maximum allowed user limit for that site.
Please note that in order for the current storage quota and current users to be calculated the Cron job must be set up by the admin.
Adding a New Site
To add a new site, click on the "Add Site" button to bring up the Site Detail dialog.
- Provide a site name, you cannot change the site name later. The site name has to be alphanumeric only and is used to prefix database names for this site.
- Provide the site hostname (example: site1.xyzcompany.com). Do not provide any http or https prefixes.
- Make sure to add a DNS entry for the Domain Name to point to the server running filecloud
- You can duplicate the site settings by checking the "Duplicate Site Settings" check box. This will create the new site with the settings from the site to be duplicated.
- Notes is optional.
From version 9.0, Site Settings can be used to enforce limits on the total number of users and total storage quota in GB per site.
When the maximum number of users are specified for a site, FileCloud will limit the users added to that site and will not allow additional users to be added when the limit is reached. 0 implies there is no limit to the number of users that can be added.
When the maximum quota in GB per site is specified for a site, FileCloud will limit the number of files added to ensure that total size of all files added will not be more than the quota specified. 0 implies unlimited quota.
When the expiration date is specified, users cannot login to site after the expiration date is passed.
Starting with the 17.3 version it is possible to set up site admin password directly in the Site Settings Dialog.
Select the site entry and click on "Delete" to remove the site entry. Note that you have to manually remove the sites database and data. These are not removed automatically.
Note that the default site is the fallback site when a user tries to access FileCloud without using any of the domains specified and therefore cannot be edited or removed.
Accessing the newly added site
To access the newly added site, you need to use the domain name setup for the site. for example : https://site1.xyzcompany.com to access the user site and https://site1.xyzcompany.com/ui/admin/index.html to access the admin site.
Make sure to setup the site using the admin portal before opening up the site to new users.
All operations like, use of s3 backend , Add files and enable encryption and disable encryption ,Create reports, Create workflows can be done in multisite.
Task Scheduler/Cron Job in Multi-Tenancy
If a Task Scheduler/Cron Job is not setup for a multi-tenancy site with a SPLA license, license renewal/reporting will not happen automatically.
The site will not acquire license automatically after every month and can only be acquired by the admin logging in. If the monthly report is not completed, then users will get a license error when they login.
If site licensing expires every month and doesn't get renewed automatically when using the SPLA license, please follow the following steps to troubleshoot.
- Open the Admin Portal for the specific site ; click on "checks" and verify that the cron job was run recently
If the cron job was not run recently, it is critical that a Task Scheduler or Cron Job is setup to run properly when running a multi-tenant system. See instructions on how to setup this up. When running cron jobs with multi-tenant scenarios, make sure all sites are accessible by their domain names from the local system that is running the cron job.
The cron job uses the Server URL setting specified in the Admin->Settings page to access the site. Make sure the Server URL works on the local system correctly.
If you are using a HTTPS site, ensure that the Server URL has the correct prefix (https instead of http). After making the Server URL change, you can wait for some time to see if the cron job is now reported as working correctly.Note: If your DNS doesn't resolve the site URL inside the FileCloud server, you can workaround it by adding an entry to the domain name to the local Windows HOSTS file in the server.