Foldr provides different sharing features to allow users to share files/folders securely with others either inside or outside of the organisation.
All file sharing features are disabled by default and sharing permissions must be enabled on a per-share basis within Foldr Settings >> Shares before they can be used. Enabling the sharing features is completely granular and they may be enabled for all users or only specific groups / individual accounts as required.
The sharing features typically make use of a dedicated service account to retrieve shared items from file servers and in the case of work submission folders write files back to the shared folder on the network. The service account is used in the background transparently to a user and it is via the use of the service accounts that a user is able to share items from a location, (such as an Active Directory home folder) that others may not usually have permission to access.
Email notifications will be sent to users if configured on the server. There is a dedicated KB article regarding configuring the server to send email if this has not already been completed.
Terminology
Share / Share with Others = Sharing inside the organisation (with others that have an account in Active Directory or a local account on the Foldr appliance). Share with others is useful to allow users to share project folders or files with colleagues or for work submission / hand-in purposes. This permission relates to the Shared by Me / Share with Me areas of the web and mobile apps as items are shared.
Note – For work submission / hand-in folders, only the user sharing the folder with others is required to have the ‘share’ permission assigned. A user using and interacting with a hand-in folder doesn’t need any additional permissions assigned to them.
When sharing with others inside the organisation, the user can choose from 3 different options to decide what the recipient of a shared file / folder can do with it:
Hand-out = Read (download) only for the recipient
Hand-in = Read only but the recipient is able to securely submit files back. Foldr will automatically organise files submitted to a hand-in folder by placing them in a directory called ‘Foldr Uploads’ in the root of the shared folder. The user sharing the folder with others can optionally allow users the ability to upload anywhere inside the folder structure and their uploads will be placed in the relevant sub-folder, again in a Foldr Uploads directory, rather than always being placed in the root of the folder.
Upload = Read only for existing files with the ability to only write/upload new files. The recipient is able to upload files anywhere in the folder structure. The recipient cannot modify existing files or create new folders inside the shared folder.
Manage = Full access (read, write & delete)
Public Links = Sharing externally / with anyone using a short URL that requires no authentication when being used to access shared content.
Secure Public Links = Sharing with external users (those that do not have an account in Active Directory) using short URLs. The recipient will receive an email notification when items are shared with them. They are prompted to create a password upon first sign in and have to authenticate to receive shared items. Secure public links may be marked as writable to allow the recipient to upload back to a shared folder.
Service Accounts
When enabling any of the sharing permissions / features for SMB shares, the appliance uses a background service account to read / write to shared folders and files. As such, the service account selected (on the Share configuration screen) needs sufficient permissions to access the SMB share on the file server. When enabling sharing for cloud storage (OneDrive, Google Drive etc) a service account must NOT be used.
Configuration Steps – Sharing
1. Log into Foldr Settings and navigate to Shares tab (labelled Shares & Storage in later builds).
2. Edit a share > Access tab and scroll down to the Permissions section
To enable sharing for EVERYONE with access to the share, edit the built-in ‘Foldr Users’ group (double click). Alternatively click + Add Use or Group and search for users or groups that need the sharing feature.
3. Click on the Sharing tab and ALLOW ‘Share with Others’. Click Update.
4. A suitable service account must now be selected (directly above Permissions). The service account must have at least READ permission to the SMB file server share and all files/sub-folders held on the share. If the service account doesn’t have permission to access the files, then the shared item will not be usable by the recipient. In the case of hand-in or manage folders, the service account also requires write access to the network location on the backend file server.
5. Click Save Changes (top right)
The configuration steps to enable ‘share with others’ is complete.
When a user next signs into Foldr’s web or mobile apps they will see the share button and be able to share files with others inside the organisation. Example below from the web app:
