AppNote: iFolder Features, Configuration, and Best Practices
Novell Cool Solutions: AppNote
By Jeff Fischer
Digg This -
Posted: 12 Nov 2003
Features of iFolder 2
iFolder 2 comes in two versions: Standard and Professional. The Standard version is the version that ships with the NetWare CD. The Professional is sold separately with a separate pricing model. There are several new features and improvements of iFolder 2 Professional that should be mentioned. These are:
- Features and Improvements
- Increased Scalability
- Cluster Support
- Cross Platform Support
- Increased LDAP Integration
- Flexible Home Directory Placement
- Recoverable Pass Phrases
- PDA Access
- Better Management and Monitoring
- iFolder Server Administration
One of the biggest improvements for this version of iFolder is the ability to scale from small businesses with tens or hundreds of users to large corporate networks with thousands of users and even to huge ISPs with millions of users. With iFolder 2.0, you can have a single-server system for smaller companies, or a multiple-server system for large corporate networks.
You can also span multiple directory trees seamlessly. This not only provides load balancing for synchronization traffic, but also enables you to deploy iFolder servers closer to their users to minimize the flow of synchronization traffic across expensive or slow WAN links.
To make things easier for users, iFolder 2.0 enables all users to log in to a single iFolder server, called the default server, regardless of the number of iFolder servers in your iFolder system. Administration is greatly simplified as well, as the new iFolder architecture enables you to manage multiple iFolder servers as a single iFolder system.
Novell estimates that you can include at least 100 servers in a Novell iFolder 2.0 system. If each of these 100 servers supports 10,000 users, the system would support 1,000,000 users. Granted, the majority of corporate customers will not need this type of support, but it does offer serious potential for large multinational corporations and especially ISPs.
Novell iFolder 2.0 can be configured to use a Storage Area Network (SAN). The advantage of using a SAN is that it separates the physical data storage device from the servers that access that storage. A SAN will provide a larger disk space capacity than the internal storage of a server so that users' iFolders can be larger as well.
If you choose to configure an iFolder server to use a SAN, you can easily increase the amount of storage available to that server by increasing the size of the iFolder volume on the SAN. You don't have to worry about physical drive space limitations of a server.
Of course, if an iFolder server fails, users will lose access to any personal iFolder contents that are stored on that server. This is absolutely unacceptable for a corporate network. To provide the ultimate in reliability and availability, Novell recommends that iFolder be deployed in a clustered environment with SAN storage. This will provide the necessary redundancy to maintain the iFolder service in case of server failure.
iFolder 2 Standard is a NetWare server storage service. iFolder 2 Professional is designed to be a cross platform storage solution. iFolder 2 Professional runs on the following operating system platforms.
- NetWare 5.x
- NetWare 6
- Windows NT
- Windows 2000
The iFolder client currently runs on Windows NT, 2000, and XP.
iFolder is tightly integrated into eDirectory through LDAP. In fact, settings for iFolder servers are stored in a Global LDAP Settings object in an LDAP v3 compliant Directory.
iFolder uses LDAP to authenticate a user. This allows for a flexible authentication scheme. It also allows the users' home directories to be stored on a server different than the LDAP server. The LDAP server can direct the iFolder client to the iFolder server based on user authentication.
This feature is different from iFolder 1.0 where you had to login to the iFolder server that hosted the users' home directories.
iFolder 2 Professional allows the user to select a location on their local file system where they want to place their iFolder home directory. The installation program prompts the user to enter in the location for the iFolder home directory. The default location on Windows 2000 is c:\documents and settings\(username)\my documents\iFolder\(username)\home.
This setting can be controlled from the iFolder administrative console also. The iFolder admins can control whether to allow the users to designate a location for their iFolder home directory or force the home directory to a specific location in the file system. This may be a good idea for users with strict security needs or non-technical users. Another example could be if users see a custom desktop with access to only a few applications. iFolder could be told where to place the iFolder home directory to accomodate this policy.
Pass phrases act just like a second password for iFolder. It is the pass phrase that encrypts files when they are transferred. I know how troublesome it can for users to remember their passwords and to have a second one to remember for the same service adds a lot of burden to the user. Now with iFolder 2 Professional, the pass phrases are recoverable by the administrator.
By selecting this option in the iFolder Admin tool, you allow the iFolder administrator to access data in the user's iFolder home directory. Without setting this option, the data will likely be unuseable.
One exciting new feature is the ability to access your iFolder from a PDA device. A few months ago, I needed a file from my desktop computer at work and I didn't have my laptop or any other computer with me. I was able to use my Pocket PC and retrieve the document from my inbox, which just happened to be there. I was really glad and then realized how great it could have been if I had put the document in my iFolder home directory.
iFolder 2 allows for a more flexible and advanced web-based management and montoring system. You can run reports on certain criteria for the iFolder from within the browser and save the reports for later as well. You can even check out real time reporting statistics for multiple iFolder servers.
Now let's take a tour of the iFolder management interface and demonstrate how to use the features we have just talked about.
To access the iFolder administrative console, type the following address in your browser:
In the Global Settings page, you will see general information about the iFolder server and data needed for the service to run. This is the information that is stored in the Global LDAP Settings object in eDirectory.
To access this area, click on the Global Settings link on the iFolder administrative home page and you will see a screen just like the following screen shot.
The General Information page just lists the server IP address, port number, LDAP context, and the LDAP Directory you are using.
The Global Settings link contains information about the Global client and server policies that will be applied to the iFolder service. Here is a screen shot of the client policies.
Any setting you apply here covers all the iFolder users. There are three types of settings:
- On - This turns on the setting for the service.
- Enforced - This does not allow a user to change the setting. The box would become grayed out on users' iFolder client.
- Hidden - Removes the setting from users' iFolder client so they don't know the option is there.
As you can see, you could become very granular and strict in your iFolder settings. You could turn on a setting and enforce it so that users could not change it. If you hide the setting as well, then users don't even know the setting exists.
Here are explanations for each of the client settings.
Encryption - Encrypts the files as they are transferred to the iFolder Server. Requires an SSL connection to the server and a pass phrase to encrypt the data.
- Save Password - Allows the iFolder to automatically login without prompting the user for the password.
- Save Pass Phrase - Saves the pass phrase so the user does not have to re-enter it.
- Recover Pass Phrase - By enabling this option, you allow the administrator to be able to recover access to home directories if the user forgets the pass phrase.
- Automatic Sync - Schedules synchronization to occur automatically at the sync rate you specify in the Sync to Server and Sync from Server interval settings.
- Sync to Server Delay - Used to determine how long the client waits after it has detected a file change to synchronize with the server.
- Sync from Server Interval - Used to determine how long the client checks for changes on the iFolder server.
- Conflict Bin Space - Use to determine how much space is alloteed on each iFolder workstation for conflict bin files.
- iFolder Location - Use to determine where the iFolder directory is located on the workstation.
Here are explanations for the Global Server Policies.
- Initial Client Quota - You use this to determine how much disk space is allocated to iFolder users. Individual disk quotas take precedence over Global settings here.
- Specifies the time before the iFolder Server session will timeout.
- Debug output - Specifies that all synchronization traffic will be output to the Apache server console so it can be viewed as shown in the following screen shot.
The user management section provides additional parameters that can be tuned to cutomize your iFolder service for your needs. Any settings for specific users applied here override global iFolder settings.
- Click on the link for User Management.
- Type in a name in the box to search for a particular user, or click on the search button to search for all users.
- When the user is returned, you can click on the user to edit iFolder properties for the user. You will see a screen shot just like the following image.
- From the iFolder user management screen, you can perform several management tasks. You can update allocated disk space, disable the iFolder user, update client policies for the user, remove the user's data, or recover the pass phrase for the user if they have forgotten it.
The System Monitoring tab allows you to see real time status information about your iFolder server. You can see how many users, status of the iFolder server, and disk space free. The following image is a screen shot of the System Monitoring page.
You can also run reports that show you information about the iFolder server, LDAP server, and iFolder users. The reporting tool can be used to help your company track iFolder usage by user. This is helpful so you can monitor your iFolder system to be sure it meets your needs. You could also charge per usage if you wanted to. To run, reports, click the Reports section of the administration page and click on the link for the report you want to create.
The following is the report for user usage.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com