8.2 Providing Net Folder Server Proxy Users

It is important that you understand the purpose, rights requirements, expected user name format, and character restrictions associated with the Net Folder Server proxy user before you configure a Net Folder Server.

8.2.1 Purpose of the Net Folder Server Proxy User

The Net Folder Server proxy user is used to read, write, create, and delete files on your corporate OES, NetWare, Windows, or SharePoint 2013 file servers on behalf of users who do not have native rights to the files, but have been granted rights via a Share in Filr.

For example, User A has native Read and Write access to a file on an OES server, and User B does not have any native access to that file. User A shares the file with User B in Filr and grants User B Read access. User B can now view the file within Filr because the Net Folder Server proxy user is giving User B the ability to read it, because of the Share. If User B tries to access the same file directly from the OES server, he does not have sufficient rights.

Users with native rights to files do not use the Net Folder Server proxy user.

The Net Folder Server proxy user is not the same as the LDAP proxy user used to synchronize users and groups (as described in Base DN:).

8.2.2 Rights Requirements for the Proxy User

The Net Folder Server proxy user that you specify here synchronizes volume objects and file objects. Ensure that this proxy user has rights to access the files and folders for the Net Folder that will be associated to the Net Folder server. Specifically, the Net Folder Server proxy user should have the rights shown in the following graphic:

Figure 8-2 Proxy User Rights Summary

8.2.3 Requirements for Proxy User Names

Net Folder Server proxy users are key to Net Folder functionality. Ensure that you comply with the requirements in the following sections.

Platform Requirements

Name requirements differ depending on whether the proxy user is accessing an OES, OES (NSS for AD), NetWare, Windows, or SharePoint 2013 file server. Only the following syntax is supported:

  • OES/OES (NSS for AD)/NetWare: cn=admin,o=context

  • Windows: Administrator or cn=Administrator,cn=users,dc=domain,dc=com, domain\user, user@domain

  • SharePoint 2013: filrad\administrator

  • DFS: When using Distributed File System (DFS) namespaces, the proxy user name format must be domain\user. For example, acme\administrator.

Use the LDAP Browse Button

To ensure that the Net Folder Server proxy user name is formatted correctly, use the Browse icon next to the Proxy field to browse the LDAP directory (eDirectory or Active Directory) for the proxy user that you want to use.

IMPORTANT:If you are selecting the proxy user for an NSS for AD volume, be sure to select the eDirectory tree, not the AD Domain.

Special Characters and Spaces Not Supported

Proxy names that contain special characters and/or spaces are not supported. For example, adminuser is supported, but @dm!n and admin user are not. Other special characters that are not supported in the proxy name are / \ [ ] : | = , + * ? < > @ ".

Consider Using Proxy Identities

Defining proxy user identities can greatly simplify selecting proxy users for Net Folder Servers and managing them thereafter.