Global Client Policies
Before you can manage iFolder user accounts, the following tasks must be completed:
After the user context is defined, User objects are enabled, and your users have logged into the iFolder server, you can begin to manage their iFolder accounts. As an administrator, you can perform administrative tasks such as removing iFolder data and changing disk storage quotas on the iFolder server.
To set Global Client policies, log in to the Global Settings section of the iFolder Management Console and click Global Settings.
Global policies will be applied to all iFolder clients. However, you also have the option of modifying Global policies for a specific user by going directly to his user account in the User Management section of the iFolder Management Console. If you modify a Global Policy in the User Management section, this updated policy will then take precedence over the global policy.
Figure 5
Global Client Policies
If a policy is marked On, this means that this policy, by default, is selected or checked in the iFolder client. However, the user still has a choice whether to keep the default or unselect it.
If the policy is marked Enforced, the option will be grayed out in the iFolder client. Thus, users will see it, but they will not be able to change it.
If the policy is marked Hidden, the user will not see the option in the iFolder client.
For example, if you enforce and hide the option to request encryption of the iFolder data, the data will be encrypted and users will be unaware of the transaction.
HINT: The encryption option in this interface refers to the opportunity that a user has to encrypt their data as it travels from the workstation to the iFolder server. If encryption is chosen, the user data is also stored on the iFolder server in its encrypted state; however, the user data is never stored encrypted on the local workstation.
For more information on encryption, see Authentication and Encryption.
You can also update your security pass phrase from this screen. The security pass phrase is used to recover an iFolder user's pass phrase if he has forgotten it.
For more information on security pass phrases, see the next section, "Recovering Pass Phrases."
To modify Global Policies for an individual user, go to the User Management section of the iFolder Management Console and click a specific username to access that account information.
Figure 6
Individual User Policies
In order to recover a user's pass phrase, either the policy was set to Enforced or the user enabled pass phrase recovery the first time he logged in with the iFolder client.
If not already done, set up your security pass phrase.
In the iFolder Management Console, click Global Settings.
(If prompted) Log in with your Admin username and password.
Click Global Policies and then click the Display button next to Client Policies.
Click the Update button next to Security Pass Phrase.
Enter a Security Pass Phrase twice, retype it, and then click Update.
To recover a user's pass phrase, go to the User Management section of the iFolder Management Console.
Search for the appropriate user and click the username.
Scroll down to the bottom of the list and click Recover.
Enter your security pass phrase and click OK.
When the pass phrase appears, let the user know what it is.
If a user needs to recover data from a deleted or corrupted file, you can restore the user's folder to a secondary iFolder server. From there, the user can access the iFolder server's copy of his local files via a browser or NetDrive.
Log in to the User Management section of the iFolder Management Console.
Search for the user and then click the username to locate the iFolder Account Path.
Restore the folder located at the iFolder Account Path from a backup tape to a secondary iFolder server that the user can attach to.
Have the iFolder user use the Java applet or NetDrive to access the secondary iFolder server.
When the user logs in, the Java applet will show the user's data and he can download the file that was previously deleted. Using the Java applet or NetDrive is a good choice because they don't sync data, they only give access.
If a user cannot remember his password, you can delete the user data on the iFolder server and then have the user log in again. When he logs in, he will be prompted to enter a new password.
In the iFolder Management Console, click User Management.
Log in with your Admin username and password.
Search for a specific user if you know the unique user ID; if not, find the user by doing an advanced search.
Click the username, scroll to the bottom of the page, and then click Remove iFolder User Data.
Click OK to confirm the removal of the user data.
The iFolder client has a feature called the Conflict Bin. A user will rarely need to access this option; however, it is useful to understand this feature. The following scenario illustrates how the Conflict Bin works.
Suppose that John is one of your iFolder users. John has the iFolder client installed on two computers: computer A and computer B. At some point in the day, John disconnects both of these computers from the network and continues to work from both computers offline. While he is working, he makes a change to one of his iFolder files on computer A and then, later in the day, he makes a different change to the same file on computer B. He then reconnects computer A to the network in order to synchronize the changes to the iFolder server. Then, John reconnects computer B to the network to synchronize the new change.
When computer B reconnects to the network and synchronizes the change to the iFolder server, the change that John made on computer A would be overwritten with the change that John made to that same file from computer B. To prevent data loss, iFolder saves the overwritten file to the Conflict Bin. John can access the Conflict Bin by right-clicking the iFolder icon located in the system tray of the computer that originally contained the file that was overwritten.