Group Drives

Posted on 14th January 2019

Introduction

Foldr Server update 4.11.0.0 introduces a new feature called Group Drives. This allows an administrator to present storage locations that are typically only presented to one user, such as SMB Home folders, OneDrive or Google Drive to another user / group of users – Essentially presenting shares to one user in another users context.  This allows the admin to provide oversight and give managers, team leaders or teachers the ability to review users documents no matter where they are stored.

An example use case for Group Drives in a business or educational scenario would be to allow senior management / teaching staff to easily view all employee / student on-premise home folders and cloud storage that is managed by the organisation’s IT department.  When the manager/teacher signs into Foldr they would see the following structure and Foldr will automatically present the sub-folder structure inside the Group Drive based on the groups selected when configuring the share.

My Files
– Group Drive
— — Student 1
— — — SMB home folder
— — — OneDrive
— — Student 2
— — –SMB home folder
— — — OneDrive
— — Student 3
— — — SMB home folder
— — — OneDrive

The administrator can present one or as many shares as required inside the Group Drive for each user. In this example, an SMB home folder and OneDrive are configured.

Service Accounts (SMB)

All on-premise (SMB only) pointer shares that are presented to another group of users (teaching staff) must use a service account in conjunction with the ‘Use service account for all access toggle’ found under the Advanced tab in the Share configuration screen.

The service account is used in the background when a user is interacting with a Group Drive to provide access to an SMB share / home folder that they typically would not have permission to read/write data.

Service accounts are NOT mandatory for cloud storage (OneDrive / Google Drive) as both manual and automatic account linking options can be used. i.e. It will depend on the account linking mode being used. In the case of manual linking, the user that ‘owns’ the cloud account will have to have linked their account in Foldr before the manager / teacher user can access it via a Group Drive successfully. Because of this, service accounts / automatic account linking is recommended.

Configuring an Example Group Drive

In this example, we will configure a group drive to allow all members of the ‘Teaching Staff’ Active Directory Group read-only access all students Active Directory home folder and their OneDrive storage hosted in Office 365.

1. If they do not already exist, create shares in Foldr Settings >> Shares for the home folder and OneDrive.  If service accounts are not being used on an existing SMB home folder share, it is possible to create another dedicated home folder share purely for the purpose of use in a Group Drive – NOTE -Any SMB share must use a service account and have ‘use service account for all access’ enabled.

2. Create a new share for the Group Drive in Foldr Settings >> Shares. This share will be presented to users in an Active Directory group called ‘Teaching Staff’.

Name the Group Drive share as appropriate and use the Path / Share URI %foldrgroupdrive% and select an appropriate icon.

3.  Scroll down to the Permissions section to control who will see the Group Drive in Foldr.  Remove the default Foldr Users group (everyone) by clicking the in-line X button.

4.  Click + Add User or Group, search for the group that should be presented the Group Drive in Foldr and Allow the Read permission.  Click  Update.  Should you want Teaching Staff to have write access to the Student storage locations, the write permission should be included here.

5.  Click the Pointers tab and Add a New Pointer

Add the Home Folder and OneDrive shares.  i.e. The storage locations that the administrator wishes to present Teaching Staff in the student’s context.

6.  In the Groups to Display field, search for the Students group and click Save

Using the Group Drive

The Group Drive is now ready to use and users in the Teaching Staff Active Directory group will see the Group Drive under My Files in all Foldr apps.  Inside the Group Drive a sub folder will be shown for each user that is a member of the Students Active Directory group.  Inside each student folder will be another sub-folder for each pointer configured, in this case one that links to their personal home folder and another for the users OneDrive.  Files can then be interacted with in the same way as another share in Foldr.

macOS app

Web app

 

Need more help?

Get in touch with our friendly help desk who will be happy to assist you, [email protected]