0% found this document useful (0 votes)

107 views160 pages

Filr Admin

Filr 4.2 Administrative User Interface Reference November 2020

Uploaded by

simonjean

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

107 views160 pages

Filr Admin

Filr 4.2 Administrative User Interface Reference November 2020

Uploaded by

simonjean

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 160

Filr 4.

2
Administrative User Interface Reference
November 2020
Legal Notice
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S.
Government rights, patent policy, and FIPS compliance, see https://www.microfocus.com/about/legal/.

Copyright © 2020 Micro Focus. All Rights Reserved.

2
Contents

About This Guide 7

1 Administrative Consoles 9

2 Administrative Access 11
Assigning and Managing Port 8443 Direct Administrators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Changing Passwords and SSH Access for vaadmin and root . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Logging In as an Administrator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Administration Console. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Port 9443 Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

3 Access to Filr and Its Services 15

Desktop Access—Default Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Desktop Access—Individual Users and Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Mobile Device Access—Default Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Mobile Device Access—Individual Users and Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Web Browser Access—Default Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Web Browser Access—Individual Users and Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Recent Files List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
KeyShield Configuration Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
NetIQ Advanced Authentication Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Reverse Proxy Configuration Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Single Sign-On Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

4 Filr Clustering Configuration 33

5 LDAP Servers and Synchronization 35

6 Content Editor 47

7 Licensing 51
Installing/Updating the Filr License. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Viewing Filr License Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

8 Logging and Monitoring 53

Accessing Filr System Log Files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Automatically Applying Deferred Search Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Changing the Ganglia Monitoring Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Generating Filr-Monitoring Reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
Credits Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

Contents 3
Data Quota Exceeded Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Data Quota Highwater Exceeded Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Disk Usage Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Email Report. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
External User Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
File Block Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
Filr Outlook Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
License Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Login Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
Orphaned User Share Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
System Error Logs Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
User Access Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
User Activity Report. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
XSS (Cross-Site Scripting) Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Logging All HTTPS Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Managing Audit Trail Logs of Database Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

9 Management Zones 65
Managing Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Adding and Modifying Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Adding a Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Modifying a Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Deleting Zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Viewing Zones Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

10 Net Folder Servers 69

Creating and Managing Net Folder Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Manage Net Folder Servers Dialog. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Creating a Net Folder Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Editing an Existing Net Folder Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Deleting a Net Folder Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Enabling Just-in-Time-Synchronization for Filr and eDirectory Rights Usage for OES and NetWare . . . . . . 74
Proxy User Identities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
Managing Proxy Identities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Creating Proxy Identities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Modifying Proxy Identities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

11 Net Folders 79
Managing Net Folders. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Creating and Modifying Net Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Creating a Net Folder. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Modifying a Net Folder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Deleting a Net Folder. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84

12 Net Folder System-Level Synchronization 85

Enabling and Tuning Net Folder Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Just-in-Time Synchronization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86

4 Contents
13 Network Infrastructure 87
Changing Network Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Network Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Port Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

14 Notifications (Email) 93
Configuring an Email Service for Filr to Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Enabling Notifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

15 Performance Tuning 97
Changing Configuration Settings for Requests and Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Changing JVM Configuration Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

16 Personal Storage and Home Folders 99

Enabling Personal Storage for Users and Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Managing and Restricting Filr-Based Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

17 Product Improvement 103

18 Managing Uploading of Files 105

19 Search and Lucene Indexing 109

Managing Filrsearch Configuration Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
Managing the Lucene Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Managing Search Nodes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Memcached (Search Index Appliance Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Advantages for Using Memcached. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
Managing Memcached . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

20 Security 115
Certificates. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
Firewall Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Password Security (Local and External Users) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
Securing Memcached . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
User Visibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Viewing, Wiping, and Disconnecting Registered Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
WebDAV Authentication Configuration Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

21 Sharing 121
Managing Shared Items . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Managing Sharing, License Terms, and Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
The Rights Tab Controls All Filr Sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Contents 5
22 SQL Database Connection 127

23 Storage Management 129

Expanding Storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

24 Support Files and Online Updates 131

Managing Field Test Patches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Managing Online Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Submitting Configuration Files to Micro Focus Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133

25 Changing System Services Configurations 135

Managing System Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Shutting Down and Restarting the Micro Focus Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

26 Time and Locale 137

Changing the Appliance’s NTP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
Setting a Default Time and Locale for Non-LDAP and External Users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

27 UI Controls and Customizations 139

Email Notification Template Customization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Branding the Web Client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Branding the Desktop Apps (Advanced-Edition License Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
Branding the Mobile Apps (Advanced-Edition License Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
UI Language . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Name Completion Settings—Managing How Group Names Display in Drop-Down Lists. . . . . . . . . . . . . . 145
Add Custom Templates to Filr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

28 Users and Groups 147

Managing Users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
Viewing and Managing User Properties. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Managing Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

29 Integrating Microsoft Office and Outlook with Filr 157

Managing Office Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
Managing Outlook Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

6 Contents
About This Guide

This guide is for Filr administrators and covers the administrative dialogs and screens for the
following services and features:
 Chapter 1, “Administrative Consoles,” on page 9
 Chapter 2, “Administrative Access,” on page 11
 Chapter 3, “Access to Filr and Its Services,” on page 15
 Chapter 4, “Filr Clustering Configuration,” on page 33
 Chapter 5, “LDAP Servers and Synchronization,” on page 35
 Chapter 6, “Content Editor,” on page 47
 Chapter 7, “Licensing,” on page 51
 Chapter 8, “Logging and Monitoring,” on page 53
 Chapter 9, “Management Zones,” on page 65
 Chapter 10, “Net Folder Servers,” on page 69
 Chapter 11, “Net Folders,” on page 79
 Chapter 12, “Net Folder System-Level Synchronization,” on page 85
 Chapter 13, “Network Infrastructure,” on page 87
 Chapter 14, “Notifications (Email),” on page 93
 Chapter 15, “Performance Tuning,” on page 97
 Chapter 16, “Personal Storage and Home Folders,” on page 99
 Chapter 17, “Product Improvement,” on page 103
 Chapter 18, “Managing Uploading of Files,” on page 105
 Chapter 19, “Search and Lucene Indexing,” on page 109
 Chapter 20, “Security,” on page 115
 Chapter 21, “Sharing,” on page 121
 Chapter 22, “SQL Database Connection,” on page 127
 Chapter 23, “Storage Management,” on page 129
 Chapter 24, “Support Files and Online Updates,” on page 131
 Chapter 25, “Changing System Services Configurations,” on page 135
 Chapter 26, “Time and Locale,” on page 137
 Chapter 27, “UI Controls and Customizations,” on page 139
 Chapter 28, “Users and Groups,” on page 147
 Chapter 29, “Integrating Microsoft Office and Outlook with Filr,” on page 157

About This Guide 7

Audience
This guide is intended for Filr administrators.

Feedback
We want to hear your comments and suggestions about this manual and the other documentation
included with this product. Please use the comment on this topic link at the bottom of each page of
the online documentation.

Documentation Updates
For the most recent version of the Micro Focus Filr Administration Guide and other documentation,
visit the Micro Focus Filr Documentation website (http://www.microfocus.com/documentation/filr/
filr-4).

Additional Documentation
You can find more information in the Micro Focus Filr documentation, which is accessible from the
Micro Focus Filr Documentation website (http://www.microfocus.com/documentation/filr/filr-4).

8 About This Guide

1 Administrative Consoles
1

Port 9443 Appliance Console

Path: https://appliance_ip_or_dns:9443
 You and those with the vaadmin or root user password use this to manage virtual-machine-
level settings and Filr service configurations that affect an entire service and its interactions
with other services.
Figure 1-1 The Port 9443 Filr Console

Port 8443 Filr Administration Console

Path: To access the Administration Console, login to the new Filr Web client <https://
appliance_ip_or_dns:8443>, then click on Username > Administration Console.

NOTE: The Administration Console can only be accessed through the New Filr Web client by the
Administrators and admin equivalent users.

 You and other designated Filr administrators use this console to manage all aspects of Filr
services.
 If the Filr appliance is configured for port redirection, Filr users, including administrators, might
not need to include the port number.

Administrative Consoles 9
 If Filr is configured to use NetIQ Access Manager, the Filr login screen is not used. For more
information about Filr configurations that affect login, see “Changing Network Settings” on
page 87.
 Ensure that the hostname does not include the special character “_”. This fails to launch the
console and results in “Error 400”.
Figure 1-2 The Port 8443 Filr Console

10 Administrative Consoles
2 Administrative Access
2

This section covers the following Filr administrator-related tasks:

 “Assigning and Managing Port 8443 Direct Administrators” on page 11
 “Changing Passwords and SSH Access for vaadmin and root” on page 12
 “Logging In as an Administrator” on page 12

For more information about Filr administrators, see “Filr Administrative Users” in the Filr:
Understanding How Filr Works guide.

Assigning and Managing Port 8443 Direct Administrators

Path: “Port 8443 Filr Administration Console” on page 9 > Management > Administrators
Best Practice: You can plan your Direct administrators in advance or create them as needs develop.
In either case, you should keep a record of those with administrative access.

Table 2-1 Using the Manage Administrators dialog

Field, Option, or Button Information and/or Action

About Port 8443 Direct Port 8443 Direct Administrators can only administer the following:
Administrators
 Users
 Groups
 Mobile Devices
 Net Folders
 Net Folder Servers

Administrators

 Add 1. Click Add to add a new Direct administrator.

2. Begin typing the user or group name you want to assign.
3. Click a user or group to add it to the list.

 Remove 1. Select one or more users or groups in the Administrators list.

2. Click Remove.
The selected items are removed.

 Filter list 1. Type an alphanumeric string contained in the user or group names you want
to display.
2. Press Enter.
The list displays only the names that contain the string you entered.

Administrative Access 11
Field, Option, or Button Information and/or Action

 Gear icon 1. Click the icon

2. Select Edit Column Sizes.
3. Follow the instructions in the Edit Column Sizes dialog to adjust column
widths.
Changes persist from session to session.

Changing Passwords and SSH Access for vaadmin and root

NOTE: Changing both passwords requires logging in as root. If you log in as vaadmin, you can only
change the vaadmin password.

Path: Port 9443 Appliance Console > Administrative Passwords

Table 2-2 The Administrative Passwords dialog

Field, Option, or Button Information and/or Action

vaadmin  Acting as either vaadmin or root, type the current password, type and
confirm the new password, and click OK.

root  Acting as root, type the current password, type and confirm the new
password, and click OK.

root SSH Access  Acting as root, select or deselect Allow root access to SSH and click OK.

SSH is disabled by default. For information about how to start SSH on the
appliance, see Chapter , “Managing System Services,” on page 135.

Logging In as an Administrator
Administration Console
Path: “Port 8443 Filr Administration Console” on page 9

12 Administrative Access
Table 2-3 Using the Sign In dialog

Field, Option, or Button Information and/or Action

 User ID:  First-time login: The username you specified in “Specify the First Search
Appliance, Locale, and Admin user” in the Filr: Installation, Deployment, and
Upgrade Guide. The default is admin.
 Subsequent login: The name of the built-in Filr administrator (default is
admin), or a directly assigned administrator.

 Password:  First-time login: Enter the username.

You are then prompted to change the password.

 Subsequent login: Administrative user password set above or changed in the
Profile.

 Change Password  First-time login only

1. Type the current password, which is the username.
2. Type and confirm a new, more secure password.

Port 9443 Console

Path: Port 9443 Appliance Console

Table 2-4 Port 9443 Sign In dialog

Field, Option, or Button Information and/or Action

 Username  Enter either vaadmin or root.

 Password  Type the password for vaadmin or root

Administrative Access 13
14 Administrative Access
3 Access to Filr and Its Services
3

Users can access Filr through web browsers, desktops, and mobile devices.
 “Desktop Access—Default Settings” on page 15
 “Desktop Access—Individual Users and Groups” on page 18
 “Mobile Device Access—Default Settings” on page 18
 “Mobile Device Access—Individual Users and Groups” on page 21
 “Web Browser Access—Default Settings” on page 24
 “Web Browser Access—Individual Users and Groups” on page 25
 “Recent Files List” on page 26
 “KeyShield Configuration Settings” on page 27
 “NetIQ Advanced Authentication Configuration” on page 28
 “Reverse Proxy Configuration Settings” on page 29
 “Single Sign-On Access” on page 31

Desktop Access—Default Settings

Settings made here apply to all Filr users unless Filr access and password caching are overridden by
settings made through the Users or the Groups management dialogs.
Path: Port 8443 Appliance Console > System > Desktop Application

Table 3-1 Using the Configure Desktop Application dialog

Field, Option, or Button Information and/or Action

Allow Desktop Applications to:

 Access Filr  Select this to allow all users to access Filr through the Filr desktop
application.
 Deselect this if you want only designated users and groups to have
desktop access as controlled through user and group settings

 Cache the user’s password  Select this to allow users to enable the Remember password option
on the Account Information page in the Micro Focus Filr Console.

Remember password option availability is also configurable for

individual users and groups through the Users and the Groups
management dialogs (More > Desktop Application Settings).

Access to Filr and Its Services 15

Field, Option, or Button Information and/or Action

 Be deployed  Select this to expose the Download Filr Desktop App option in the
web client > user drop-down menu.

Alternatively, you can download the desktop apps from

download.novell.com and distribute them using client management
software such as Micro Focus ZENworks.

For more information, see “Client Management Software and the

Filr Desktop Applications” in the Filr 4.2: Maintenance Best Practices
Guide.

 Deploy files contained  Select this to allow users to download the Desktop App contained in
locally Filr.

 Deploy files accessed via  Select this and specify the URL of the server that is hosting the
URL to another location Desktop App downloads.

To set up web server distribution of the desktop app, see “Hosting

Desktop Application Installation Files on a Separate Server” in the
Filr 4.2: Maintenance Best Practices Guide.

 This is required if your Filr system is fronted by an L4 or L10 switch.

 This is a best practice because it minimizes the load on Filr.

Desktop Synchronization

 Synchronize every __  Specify how many minutes you want the desktop app to wait after a
Minutes desktop synchronization ends before it checks again for changes to
Available Offline files.

Default=15 minutes.

 You can use this to control the synchronization load that the Filr
desktop application puts on Filr.
 Changes on the desktop are automatically synchronized to Filr
regardless of this setting.

 Maximum file size that can  Specify the maximum file size (in MB) that can be synchronized
be synchronized: between the Filr desktop application and Filr.

 Remove cached files after X  Specify the number of days that locally cached files remain on users’
days desktops after they are no longer being accessed or modified.

 Allow user to modify  Select this to allow users to specify how long they want locally
cached files lifetime cached files remain on their desktops after the files are no longer
being accessed or modified.

Desktop Notifications

 Allow balloon notifications  Deselect this to disallow balloon notifications from being displayed
for desktop client users on the users’ desktops. This option is selected by default.

Application Whitelist/Blacklist For more information, see “Controlling File Downloads by the Filr
Desktop Applications” in the Filr 4.2: Maintenance Best Practices Guide.

 Restore Defaults...  Click this to restore the defaults for all settings in the Application
Whitelist/Blacklist section below.

16 Access to Filr and Its Services

Field, Option, or Button Information and/or Action

Mode  Lets you control how antivirus, backup, and other applications
download files that are accessible through Filr.

 No restrictions - Ignore the  Select this if you want all applications, including antivirus scanners
lists. and backup software, to download files to the workstation’s local
disk.

 Whitelist - Allow only the  If you select this, then download attempts by unlisted applications
listed applications to trigger system alerts to users that a download has been “blocked by
download files. an administrative setting.”

This option doesn’t provide for user control of application-driven

downloads.

 Whitelists are empty by default.

 You can add and remove applications for your organization as
needed.

 Blacklist - Block the listed  If you select this, then download attempts by blacklisted
applications from applications trigger system alerts to users that a download has been
downloading files. “blocked by an administrative setting.”

This option doesn’t provide for user control of application-driven

downloads.

 Filr includes two default blacklists (Windows and Mac) that you can
modify as needed.
 Blacklisted applications are blocked from downloading files through
Filr.
 Unlisted applications are allowed to download files.

 Whitelist and Blacklist -  If you select this option, then

Allow and block the listed  Blacklisted applications are always blocked.
applications. Prompt users
to allow or block unlisted  Whitelisted applications are always allowed.
applications.
 A download attempt by an unidentified application causes the
application to be added to a list of blocked applications.
 Users can allow downloading by any blocked applications through
their desktop Filr console.

Whitelist  This is empty by default.

 Only the built-in administrator can create a customized list.
 Applications listed here and in the Blacklist are blocked.
In other words, the Blacklist trumps the Whitelist.

Blacklist  Filr includes a fairly extensive list of common antivirus and backup
applications to offer a level of protection against unwanted file
downloading.
 Only the built-in administrator can customize this list.

Access to Filr and Its Services 17

Field, Option, or Button Information and/or Action

OK button  Click this to save your changes.

Current user sessions are not affected. To see changes, users must
log in to a new session.

Cancel button  Click this to cancel the changes you have made.

Desktop Access—Individual Users and Groups

Path: Port 8443 Appliance Console > Management > Users/Groups > select one or more users or
groups > More > Desktop Application Settings...

Table 3-2 Using the Configure Desktop Application dialog (applies in both user and group contexts)

Field, Option, or Button Information and/or Action

Configure Desktop Application (X users)

Use default settings option  Select this to apply all of the settings in the Configure Desktop
Application dialog to the selected users or groups.

Use user settings to allow the  Select this to apply the access and password caching settings below
desktop application to: option to the selected users or groups.

The following two settings override their counterparts in the

Configure Desktop Application dialog and all other settings there
apply here.

 Access Filr  Selecting this allows the previously selected users or groups to
access Filr through the Filr desktop application.
 Deselecting this option blocks the previously selected users or
groups from accessing Filr through the Filr desktop application.

 Cache the user’s password  Selecting this allows the previously selected users or groups to
enable the Remember password option on the Account
Information page in the Micro Focus Filr Desktop Console.
 Deselecting this blocks the previously selected users or groups from
enabling the Remember password option on the Account
Information page in the Micro Focus Filr Desktop Console.

OK button  Click this to save your changes.

Current user sessions are not affected. To see changes, users must
log in to a new session.

Cancel button  Click this to cancel the changes you have made.

Mobile Device Access—Default Settings

Path: Port 8443 Filr Admin Console > System > Mobile Applications

18 Access to Filr and Its Services

Table 3-3 Using the Configure Mobile Applications dialog

Field, Option, or Button Information and/or Action

Allow mobile applications to:

 Access Filr  Select this to allow access to Filr through Filr mobile apps.

 Cache the user’s  Select this to let users enable the Save Password option when logging in to
password the Filr site through a Filr mobile app.

 Allow files to be  Select this to let users download files from Filr to mobile devices.
added to the
Downloads area IMPORTANT: If you don’t want users downloading files, make sure that you
for offline access also disable downloading through web browsers.

 Downloaded files can be viewed in offline mode by accessing the Downloads

section in the app.
 Users are responsible for the security of downloaded files. See “Encrypting
Downloaded Files” in the “Micro Focus Filr Mobile App Quick Start Help”.

 Force PIN Code  Select this to force users running Filr mobile app to have a 4-digit access code
set on their devices for accessing Filr

See “Configuring a 4-Digit Passcode” in the “Micro Focus Filr Mobile App
Quick Start Help.”

 Cut/Copy  Select this to let users cut or copy data from the Filr mobile app so that the
data can be pasted into third-party applications.

 Screen capture  Select this to let users take a screen capture while inside the Filr application.
(affects Android
only) IMPORTANT: As noted in the option name, this only applies to Android
devices. iOS users can always take screen captures.

 Disable  Select this to prevent users from running the Filr mobile app on devices that
applications on have been rooted or jail-broken.
rooted or jail-
broken devices

Access to Filr and Its Services 19

Field, Option, or Button Information and/or Action

Open in: drop-down list  Click the drop-down list and select the option that is best for your
organization as described in the rows below.

 This controls whether users can open files in third-party apps through Filr.

For example, a user views a file in Filr, opens and modifies the file in a
document editing app, then saves the file back to the Filr app.
 iOS calls this “Open In” functionality; Android devices refer to it as “Share” or
“Send To.”

IMPORTANT: For MobileIron device management, the following points apply:

 In almost all cases the Filr and MobileIron settings must be consistent with
each other.
 The exception is if you want only the MobileIron-managed devices to have
Open In capabilities.
To cause this behavior,
1. Enable Open In in MobileIron.
2. Disable Open In in Filr.

 Disabled option  This prevents users from opening files in Filr using third-party applications.

 All applications  This lets users open files in Filr using any third-party application.
option

20 Access to Filr and Its Services

Field, Option, or Button Information and/or Action

 Whitelist option  This opens two Whitelists (Android and iOS) of third-party apps that users are
allowed to open files into.

IMPORTANT
 Only Android package names and iOS bundle IDs are valid list entries.
 To get an Android app package name:
1. Install the Package Name Viewer app from the Google Play
store.
This app displays the package name for each app that is currently
installed on the device.
 To find the bundle ID for an iOS app:
1. Synchronize the app to iTunes from your device.
2. In the iTunes library, open the Mobile Applications folder.
For iTunes on Mac, the default location is your Home directory at:
~/Music/iTunes/Mobile Applications/
For iTunes On Windows, the default location is
C:\Users\username\My Music\iTunes\Mobile
Applications/
3. Create a copy of the app’s file, and re-save the copy as a .zip file.
4. Unzip the newly created .zip file.
You now see a folder by the name of the application name.
5. Locate the iTunesMetadata.plist file within the folder and
open it in a text editor.
6. The bundle ID is the string displayed below the
softwareVersionBundleid key within the file.

Mobile synchronization

 Synchronize every  Specify how many minutes the mobile apps wait after a desktop
X Minutes synchronization ends before they start another synchronization with Filr.

Default=15 minutes.

 You can use this to control the synchronization load that the Filr mobile app
puts on Filr.

OK button  Click this to save your changes.

Current user sessions are not affected. To see changes, users must log in to a
new session.

Cancel button  Click this to cancel the changes you have made.

Mobile Device Access—Individual Users and Groups

Path: Port 8443 Filr Admin Console > Management > Users/Groups > select one or more users or
groups > More > Mobile Application Settings...

Access to Filr and Its Services 21

Table 3-4 Using the Configure User Mobile Application Settings dialog

Field, Option, or Button Information and/or Action

Configure User Mobile Application Settings (X users)

Use default settings  Select this to apply all of the settings in the Configure Mobile Applications
dialog to the selected users or groups.

Use user settings to  Select this to apply the settings below to the selected users or groups.
allow mobile
applications to:

 Access Filr  Lets selected users/groups access Filr through a Filr mobile app.

 Cache the user’s  Lets selected user/goups enable the Save Password option when logging in
password to the Filr site through a Filr mobile app.

 Allow files to be  Lets selected user/groups download files from Filr to mobile devices.
added to the  Downloaded files can be viewed in offline mode by accessing the Downloads
Downloads area section in the app.
for offline access
 If you don’t want users downloading files, make sure that you also disable
downloading through web browsers.
 Users are responsible for the security of downloaded files. See “Encrypting
Downloaded Files” in the “Micro Focus Filr Mobile App Quick Start Help”.

 Force PIN Code  Forces selected user/groups running version 2.0 and later apps to have a 4-
digit access code set on their devices for accessing Filr, as described in
“Configuring a 4-Digit Passcode” in the “Micro Focus Filr Mobile App Quick
Start Help.”

 Cut/Copy  Lets selected user/groups cut or copy data from the Filr mobile app so that
the data can be pasted into third-party applications.

 Screen capture  Lets selected users/groups take a screen capture while inside the Filr
(affects Android application.
only)
IMPORTANT: As noted in the option name, this only applies to Android
devices. iOS users can always take screen captures.

 Disable  Prevents selected users/groups from running the Filr mobile app on devices
applications on that have been rooted or jail-broken.
rooted or jail-
broken devices

22 Access to Filr and Its Services

Field, Option, or Button Information and/or Action

Open in:  Click the drop-down list and select the option that is best for the selected
users or groups as described in the rows below.

 Controls whether selected user/groups can open files in third-party apps

through Filr.

IMPORTANT: For MobileIron device management, the following points apply:

 Disabled  Prevents selected users/groups from opening files in Filr using third-party
applications.

 All applications  Lets selected users/groups open files in Filr using any third-party application.

Access to Filr and Its Services 23

Field, Option, or Button Information and/or Action

 Whitelist  This opens two Whitelists (Android and iOS) of third-party apps that selected
users or groups are allowed to open files into.

OK button  Click this to save your changes.

Current user sessions are not affected. To see changes, users must log in to a
new session.

Cancel button  Click this to cancel the changes you have made.

Web Browser Access—Default Settings

Path: Port 8443 Filr Admin Console > System > Web Application

24 Access to Filr and Its Services

Table 3-5 Using the Configure Web Application dialog

Field, Option, or Button Information and/or Action

 Allow Guest access  By default, Guest (anonymous) access to Filr is not enabled.
 Selecting this enables anonymous access to Filr through the built-in Guest
user account.
For more information about the Guest and other users, see “Types of Filr
Users” in Filr: Understanding How Filr Works.
IMPORTANT
 Guest access is for web users only.
Mobile app and desktop users cannot log in as Guest.
 Using NetIQ Access Manager to provide single sign-on access as
described in the installation guide, prevents Guest user access.

 Guest access is  By default, this option is not enabled.

read only  Enabling this option prevents Guests from commenting on files or adding
files to publicly available folders.

 Disable file  By default, this option is not enabled.

downloads  Enabling this option prevents all file downloads through web browsers.
Individual user or group settings to allow downloads have no effect unless
this is deselected.

 Disable web access  By default, this option is not enabled.

 Enabling this option prevents all users from accessing Filr through a Web
browser, unless access is allowed on an individual user or group basis.

OK button  Click this to save your changes.

Current user sessions are not affected. To see changes, users must log in to a
new session.

Cancel button  Click this to cancel the changes you have made.

Web Browser Access—Individual Users and Groups

Path: Port 8443 Filr Admin Console > Management > Users/Groups > select one or more users or
groups > More > > select a file download or web access option from the list below

Access to Filr and Its Services 25

Table 3-6 Using the More Options to Control Web Access for Individual Users and Groups

Field, Option, or Button Information and/or Action

 Disable File Downloads  These options do not all appear at the same
 Enable File Downloads time.

 Use Default File Download Setting They change, dynamically, to reflect alternate
choices to the options configured in “Web
 Disable Web Access
Browser Access—Default Settings” on page 24.
 Enable Web Access
 Select an available option in the More drop-
 Use Default Web Access Setting down list for the selected users or groups.
The action is immediately applied to the
selected user or group accounts and the drop-
down list changes dynamically to reflect the new
settings.

Recent Files List

This is the list of recently accessed files by the logged in user and the files shared (by the logged in
user and other users). By default, 10 files accessed by the user, in the past 7 days are listed. The
Administrator can configure the number of days. The user can change the number of files to be
displayed in the list. By default, the Netfolders flag is enabled. If the Administrator disables
Netfolders for the Recent Files, then the files uploaded, renamed, commented, or edited by other
users in the Netfolders are not listed under logged in user’s Recent Files. All the files that you or
other users access recently are listed in this area. There is no need to browse the individual folders to
access those files. The list displays:
 Who has modified the file.
 What is the operation performed on the file.

Changing the age of the files that appear on the Recent Files
By default, the recent files accessed by the user in the past 7 days are listed in the Recent Files. The
Administrator can change the number of days up to 60. To do this, add
recent.activity.for.days=<value> as a separate line at /opt/novell/filr/apache-
tomcat/webapps/ssf/WEB-INF/classes/config/ssf-ext.properties.
Figure 3-1 Adding SSH

After adding the line, restart the Filr service.

26 Access to Filr and Its Services

NOTE
 This setting affects all the users in the Filr including an administrator and the users with
equivalent rights as an administrator.
 The value for recent.activity.for.days should be numerical and be less than or equal to
60 (maximum), if value more than 60, then defaulted to the maximum value.

Restrict the files in the NetFolders from appearing in the Recent Files list
By default, if any activity like adding comments, move, copy, or share performed by users on the files
in My Files, Shared with Me, and Net Folders area are listed in the Recent files. However, the Filr
administrator based on the activities can restrict the files from the Netfolder getting displayed in
Recent Files. To restrict the files, add recent.activity.netfolders.disable=true as a
separate line at /opt/novell/filr/apache-tomcat/webapps/ssf/WEB-INF/classes/
config/ssf-ext.properties,as shown in the figure below and restart Filr Service.
Figure 3-2 Adding SSH

NOTE
 This setting affects all the users in the Filr including the administrator and users with equivalent
rights as an administrator.
 This setting does not affect share activities performed on NetFolder files. Share activities
continue to show even after setting this flag to true.

KeyShield Configuration Settings

Path: Port 8443 Filr Admin Console > System > KeyShield SSO
For dialog usage instructions and other KeyShield integration information, see “KeyShield
Integration with Filr” in the Filr 4.2: Maintenance Best Practices Guide.

Table 3-7 Using the KeyShield SSO Configuration dialog

Field, Option, or Button Information and/or Action

Enable KeyShield SSO 1. Select this to enable KeyShield SSO and Filr integration.
2. Specify the configuration information for the following fields.

 KeyShield Server  The access URL of the KeyShield server

URL (use http or
https):

Access to Filr and Its Services 27

Field, Option, or Button Information and/or Action

 API authorization  The API Key copied from the KeyShield console.
key:

 HTTP connection  How long the Filr appliance will wait for a response from KeyShield before
timeout: prompting users for their login credentials.
 Micro Focus doesn’t recommend changing this value unless the network
connection might not allow a quick response. For example, when Filr and
KeyShield connect over a WAN.

 Connector names:  The names of every KeyShield SSO connector that Filr users will connect
through.

 Username  These let KeyShield match username validation requests with the LDAP
attribute alias: attribute that requesting applications use for usernames. For more detail and
a Filr example, see “KeyShield Attribute Alias Support” in the Filr 4.2:
Maintenance Best Practices Guide.

Two Factor Authentication

Require hardware token 1. Select this to require a physical token, such as an access card, for access to
Filr through KeyShield.
2. Specify the options for missing tokens below.

 Missing token  The error message to display when web access is requested and the token is
error message for not presented or not recognized.
Web interface:

 Missing token  The error message to display when WebDAV access is requested and the
error message for token is not presented or not recognized.
WebDAV interface:

Allow username/  Select this to let users enter a username and password as an alternative to
password-based the hardware token.
failback authentication
(non-SSO) for LDAP
users

 Test connection  Click this to test the connection between Filr and the KeyShield server.
button

OK button  Click this to save your changes.

Current user sessions are not affected. To see changes, users must log in to a
new session.

Cancel button  Click this to cancel the changes you have made.

NetIQ Advanced Authentication Configuration

Path: Port 8443 Filr Admin Console > System > NetIQ Advanced Authentication
This functionality is only available on Filr Advanced Edition. Before you configure the advanced
authentication options, you must do the following:
 Ensure that all the Filr clients are updated with the latest patch installed.

28 Access to Filr and Its Services

 Configure an OAuth2 Event in the Advanced Authentication server using the Advanced
Authentication Administrative Portal to automatically generate the client ID and the client
secret. See “Using Multi-Factor Advanced Authentication with Filr” in the Filr 4.2: Maintenance
Best Practices Guide.
You must specify these client ID and client secret values in the NetIQ Advanced Authentication
Configuration dialog. See Table 3-8.

Table 3-8 Using the NetIQ Advanced Authentication Configuration dialog

Field, Option, or Button Information and/or Action

Enable Multi-factor 1. Select this to enable multi-factor authentication for Filr.

Authentication 2. Specify the configuration information for the following fields.

 Server URL:  The access URL of the Advanced Authentication server that you want to use
for multi-factor authentication.

 Client ID:  The client ID that is automatically generated when you use the Advanced
Authentication Administrative Portal to create an OAuth2 event. You can
copy the ID from the portal and paste it here.

 Client Secret:  The client secret key that is automatically generated when you use the
Advanced Authentication Administrative Portal to create an OAuth2 event.
You can copy the secret key from the portal and paste it here.

 Tenant Name:  Specify the tenant name. The default value is TOP and supports single
tenancy.

 Test connection  Click this to test the connection between Filr and the Advanced
button Authentication server.

 Redirect URIs  Copy the Filr URIs, that are displayed in this field. This is appended with an
additional URI for AAF to work with the New Filr Web Client.

When you create an OAuth2 event in the Advanced Authentication

Administration Portal, you must paste the copied URIs in the Redirect URIs
option to enable users to be redirected to the Filr URI after successful
authentication.

NOTE: On upgrading to Filr 4.2, ensure to copy the updated URI to the AAF
server.

OK button  Click this to save your changes.

Cancel button  Click this to cancel the changes you have made.

Reverse Proxy Configuration Settings

Use this when Filr is fronted by a reverse proxy server or L4 switch that provides a single access point
for Filr users.

IMPORTANT: Do not configure Filr appliances that are dedicated to Net Folder Synchronization and
indexing.

Access to Filr and Its Services 29

Path: Port 9443 Appliance Console > Configuration icon > Reverse Proxy

Table 3-9 Using the Reverse Proxy dialog

Field, Option, or Button Information and/or Action

Host Information  Specify the information for the server or switch through which internal and
external users access Filr.

IMPORTANT: Configure each Filr appliance that is servicing user requests in a

Filr-based cluster with the same information.

However, do not configure synchronization- and indexing-dedicated Filr

appliances with Reverse Proxy Configuration Settings.

 Host:  For a reverse proxy server or a load balancer/L4 switch, specify the DNS
hostname.
 For NetIQ Access Manager, enter the published DNS name.

 Reverse Proxy  If you have enabled Port Redirection and HTTP Port access in the Network
HTTP Port: dialog, specify port 80.

 Reverse Proxy  If you have enabled Port Redirection and HTTP Port access in the Network
Secure HTTP Port: dialog, specify port 443.

NetIQ Access Manager Integration

 Logout URL:  The URL of the published DNS name of the reverse proxy that you have
specified for the ESP, plus /AGLogout.

You can find the domain used for the ESP by editing the LAG/MAG cluster
configuration and then clicking Reverse Proxy / Authentication.

For example, if the published DNS name of the proxy service that you have
specified for the ESP is esp.yoursite.com, specify the following URL:

https://esp.yoursite.com/AGLogout

 After clicking OK, you must click Reconfigure Filr Server for your changes to
take effect.
This stops and restarts your Filr server. Because this results in server
downtime, you should restart the server during off-peak hours.

 Filr plugin for Click Filr Plugin for NAM to download the FilrAuthClass.jar file. This jar file
NAM: is required to enable Filr users to access the Filr services through NetIQ Access
Manager (NAM). For more information about configuring NAM to act as Proxy
service for a Filr site, see “Integrating Filr and NetIQ Access Manager” in the
Access Manager (NAM) and Filr Integration.

OK button  Click this to save your changes, then click Reconfigure Filr Server.

This stops and restarts your Filr server. Because this results in server
downtime, you should restart the server during off-peak hours.

Current user sessions are not affected. To see changes, users must log in to a
new session.

Cancel button  Click this to cancel the changes you have made.

30 Access to Filr and Its Services

Single Sign-On Access
NetIQ Access Manager: For information about how to configure NetIQ Access Manager to provide
single sign-on functionality in Filr, see “Reverse Proxy Configuration Settings” on page 29 and Access
Manager (NAM) and Filr Integration in the Filr: Installation, Deployment, and Upgrade Guide.

Access to Filr and Its Services 31

32 Access to Filr and Its Services
4 Filr Clustering Configuration
4

Path: Port 9443 Appliance Console > Configuration icon > Clustering

Table 4-1 Using the Clustering dialog

Field, Option, or Button Information and/or Action

Enable Clustered  Click this to enable Filr clustering on this appliance and on all appliances
Environment using the same /vashare NFS or CIFS mount point.

 JVM Route  You can leave this field blank unless you plan to use Apache as the reverse
proxy.
 If you plan to use Apache as the reverse proxy, add a JVM route for each filr
Appliance in the Cluster. The purpose of this field is to uniquely identify each
Filr Appliance to Apache.
In the JVM Route field, specify worker1. On the second Filr node, in the
JVM Route field, specify worker2, and so forth for each Filr node,
incrementing the JVM Route setting. Each Tomcat instance should have a
unique JVM Route setting.
worker1, worker2, and so forth are the default names for the matching
values used for the reverse proxy configuration. For example, if you have set
up Apache or IIS as a reverse proxy, these are the default values. The JVM
Route setting in the Filr installer must match these values.

 Hibernate Caching  memcached is the only option available when configuring Filr in a clustered
Provider: environment.

The Search appliance runs the Memcached service to enable clustering. Port
11211 is used by the Memcached service.

IMPORTANT: To secure Memcached, it is strongly recommended to deploy

the Search appliance behind the firewall.

For more information on securing Memcached, see “Securing Memcached”

on page 117.

 Server Address:  The hostnames or IP addresses of both Filrsearch servers, separated by a

space.
 After clicking OK, you must click Reconfigure Filr Server for your changes to
take effect.
This stops and restarts your Filr server. Because this results in server
downtime, you should restart the server during off-peak hours.

Filr Clustering Configuration 33

34 Filr Clustering Configuration
5 LDAP Servers and Synchronization
5

 “LDAP Configuration Dialog” on page 35

 “LDAP Server Configuration Dialog” on page 38
 “LDAP Search Dialog (User Version)” on page 41
 “LDAP Search Dialog (Group Version)” on page 44
 “Conceal LDAP ID” on page 45

LDAP Configuration Dialog

Path: Port 8443 Filr Admin Console > System > LDAP
Best Practice: Plan your LDAP Servers and use the following table when working in this dialog:

Table 5-1 Using the LDAP Configuration dialog

Field, Option, or Button Information and/or Action

LDAP Configuration dialog

LDAP Servers tab

 Add button  Click this to begin the process of adding and LDAP server.

The LDAP Server Configuration dialog opens.

 Delete button  Click this to remove the selected LDAP server from the list.

IMPORTANT: Before you remove an LDAP server, make sure you consider the
options you have set for users and groups that are no longer in LDAP in the
User Settings tab and the Group Settings tab.

 Sync All button TIP: If you have just added or modified the LDAP Servers configuration, you must
save it by clicking OK before running an LDAP synchronization.

 After your users and groups are synchronized, you can click this to refresh the
LDAP information in Filr.
 To synchronize only certain users or groups, filter the list by entering a string
in the Filter List.
Or
 Click the drop-down arrow next to the Filter List and select the type of users
or groups to synchronize.
For example, Added users, Modified users, Modified groups, and so forth.
 Users and groups that have been modified by running the LDAP sync are
reported, along with information about how they have been modified.

LDAP Servers and Synchronization 35

Field, Option, or Button Information and/or Action

 Preview Sync TIP: If you have just added or modified the LDAP Servers configuration, you must
button save it by clicking OK before previewing an LDAP synchronization.

 Use this to preview the synchronization results—users and groups that will
be added or deleted, users that will be disabled, and so on—before you run
the actual synchronization.
 To preview only certain users or groups, filter the list by entering a
string in the Filter List.
Or
 Click the drop-down arrow next to the Filter List and select the type of
users or groups to synchronize.
For example, Added users, Modified users, Modified groups, and so
forth.
 After you are satisfied with the results, use the Sync All option with the same
filters to perform the actual synchronization.

 Show Sync Results  Use this to display the most recent synchronization results for the current
button browser session.
 If you run a synchronization, log out of Filr, and then log in again, no results
are available to view.

LDAP servers list

 Server URL  The URL you specified when creating the LDAP server.
 You can click this to access the LDAP Server Configuration dialog.

 User DN  This is the LDAP proxy user information for the LDAP server

User Settings tab

 Register User  Select this option to automatically add LDAP users to the Filr site.
Profiles  Workspaces are not created until users log in for the first time.
Automatically

 Synchronize User  Select this option to automatically update Filr with user information changes
Profiles following the initial LDAP synchronization.
 The attributes that are synchronized are the attributes listed in the
“mappings” box in the Server Information tab.

For user accounts provisioned from LDAP that are no longer in LDAP sub-section

 Disable Account  This is the default because deleting user accounts cannot be undone.

For more information about disabled users in Filr, see Disabling Filr User
Accounts in the Filr 4.2: Maintenance Best Practices Guide.

 Delete Account IMPORTANT: A deleted user cannot be undeleted; this action is not reversible.

 Select this only if you have deleted users from your LDAP directory and you
want the LDAP synchronization process to also remove them from Filr.
 Also delete associated user workspaces and content: This option removes
all information, Personal Storage, etc. associated with the user accounts.

36 LDAP Servers and Synchronization

Field, Option, or Button Information and/or Action

Use the following when creating new users sub-section

 Time zone:  Use this drop-down list to set the time zone for user accounts that are
synchronized from the LDAP directory into your Filr site.
 The time zone list is grouped first by continent or region, optionally by
country or state, and lastly by city.

 Locale:  Use this drop-down list to set the locale for user accounts that are
synchronized from the LDAP directory into your Filr site.
 The locale list is sorted alphabetically by language.

Group Settings tab

 Register LDAP  Select this to automatically add new LDAP groups to the Filr site.
group profiles
automatically

 Synchronize group  Select this to synchronize group information, such as the group description,
profiles to the Filr site whenever this information changes in LDAP.

 Synchronize group  This option ensures that the Filr group includes the same users (and possibly
membership groups) as the corresponding LDAP group.

If this is not selected, then LDAP group changes are not reflected in Filr.
 This option also ensures that Filr recognizes group-based file system rights
assignment updates.
If this is not selected, users with group-based access rights might not qualify
for the roles they need to use Filr.

 Delete groups that IMPORTANT: A deleted group cannot be undeleted; this action is not reversible.
were provisioned
from LDAP but are  Select this only if you have deleted groups from your LDAP directory and you
no longer in LDAP want the LDAP synchronization process to also remove the groups from Filr.

Synchronization Schedule tab

 Enable schedule  This is selected by default so that LDAP synchronizations occur at regular
intervals.
 You should not normally de-select this unless you are troubleshooting a
problem or working with Micro Focus support to resolve a service request.

 Every day  Select this to run an LDAP synchronization every day at the time or interval
specified below.

 On selected days  Select this if you want the LDAP synchronization to run only on specific days.

At HH:MM  Using the drop-down lists, you can specify synchronizations to occur at a
specific time.
 Hours start at midnight (0) and continue through 11 p.m. (23).
 Minutes can be specified using 5-minute increments.

LDAP Servers and Synchronization 37

Field, Option, or Button Information and/or Action

Repeat every X hours  As an alternative to synchronizing at a specific time, you can set a time
interval and synchronize multiple times each day (for example, every four
hours).
 The smallest time interval you can set is .25 hours (every 15 minutes).

Local User Accounts tab

 Allow log in for  Use this to enable or disable logging in by locally created and self-provisioned
local user accounts user accounts.
(i.e user accounts
not in LDAP)

LDAP Server Configuration Dialog

Path: Port 8443 Filr Admin Console > System > LDAP > Add button
Best Practice: Plan your LDAP Servers and use the following table when working in this dialog:

Table 5-2 Using the LDAP Server Configuration dialog

Field, Option, or Button Information and/or Action

LDAP Server Configuration dialog

Server Information tab

 LDAP Server URL WARNING: If you modify an existing LDAP connection, do not modify this
LDAP server URL field. Doing so can cause synchronized users to be disabled
or deleted.

 This is the host name of the LDAP server where your directory service is
running.

Specify a URL with the format your server requires, as follows:

 Non-SSL: ldap://hostname
Assumes Port 389 is used
 SSL: ldaps://hostname
Assumes Port 636 is used
This requires that you import the LDAP server’s root certificate into
the Java keystore before attempting an LDAP synchronization. See
“LDAP Synchronization Security” in the Filr 4.2: Maintenance Best
Practices Guide.
 If the LDAP server uses a different port number from those above, you
must include the port as follows:

ldap://hostname:port_number

ldaps://hostname:port_number

38 LDAP Servers and Synchronization

Field, Option, or Button Information and/or Action

 User DN:  This is the LDAP proxy user and it must have sufficient rights to access
the user information stored there. See “LDAP Proxy User Role and
(LDAP proxy user) Rights” in Filr: Understanding How Filr Works.
 You must specify a fully qualified, comma-delimited user name, along
with its context in your LDAP directory tree, in the format expected by
your directory service.
 eDirectory:

cn=username,ou=organizational_unit,o=organization
 Active Directory:

cn=username,ou=organizational_unit,dc=domain_component

 Password:  You must type the password for the User DN.

(LDAP proxy user

password)

 Directory Type:  Select the directory type for the LDAP server that you are configuring
(eDirectory or Active Directory)

 Guid attribute:  Based on the directory type you have selected, Filr selects the standard
LDAP attribute used to identify a user.
 GUID and objectGUID: These are the default, binary attributes for
eDirectory and Active Directory, respectively
They have unique values that do not change if you rename or move a
user in the LDAP directory, thus ensuring that Filr modifies the existing
user rather than creating a new one.
 Other: Selecting this option in the Guid attribute drop-down prompts
you to map users to a different LDAP attribute by specifying the attribute
name and then clicking OK.
 You must ensure that the attribute you specify is a binary attribute.
For example, the cn attribute cannot be used because it is not a
binary attribute.
 If you cancel the prompt to specify an attribute or specify an
attribute that is not binary, Filr create new Filr users when names or
locations change.
For example, if you have a Filr user and LDAP user named William
Jones, and if William requests that you change his name to Bill in
the LDAP directory, then the next time an LDAP synchronization
occurs, Filr creates a new user named Bill Jones.

LDAP Servers and Synchronization 39

Field, Option, or Button Information and/or Action

 Filr account name  Filr uses this attribute

attribute:  To create Filr account names
 To locate users in the LDAP directory.
 As the User ID for authentication purposes.
 The value of this attribute must be unique in LDAP.
 Attribute options depend on the directory type selected in the Directory
type drop-down list.
Consult with your directory administrator to determine which attribute
or attributes are used in your directory service.
 For eDirectory, the default available options are cn and Other.
 For Active Directory, the default available options are
sAMAccountName, cn, and Other.
 If you select Other as the value for this attribute, you are prompted
to enter the name of an LDAP attribute to use instead of the default
choices.
 Based on your findings, you might need to set up two or more LDAP
sources that point to the same LDAP server but use different values for
the LDAP Attribute Used for Filr Name.
For example, if you use Active Directory, you might need to set up one
LDAP source and use cn and another to sAMAccountName as the Filr
account name attribute.
 In addition to the attributes already mentioned in this section, other
LDAP attributes can be used for the Filr account name attribute, as long
as the attribute is unique for each User object.
For example, the mail LDAP attribute could be used so that Filr users can
log in by using their email addresses.

 LDAP Attribute  This lists the mappings between Filr user information and the LDAP
“Mappings” box attributes that correspond to them.

It is populated automatically.
 If Synchronize User Profiles is enabled in the User Settings tab, the
information associated with the mappings that are configured here, is
updated each time the user account is synchronized.

OK button  If you are modifying previously configured LDAP server information, you
can click OK. Otherwise, you must click the Users tab

Cancel button  Click this to discard the LDAP server configuration changes you have
made and exit the tab.

Users tab

 Add button  Click this to open the “LDAP Search Dialog (User Version)” on page 41
wherein you can specify a context where Filr searches for LDAP users.

 Delete button  Click this after selecting one or more list entries. For example, when the
context no longer exists or when it is covered by another entry.

40 LDAP Servers and Synchronization

Field, Option, or Button Information and/or Action

OK button  If you are modifying previously configured User information, you can
click OK.
 If this is a new configuration, you should click the Groups tab and add an
LDAP search context. Otherwise, your Filr users might not be recognized
as having the roles needed for Filr access (see the information for the
“Synchronize group membership” option).

Cancel button  Click this to discard your changes and exit.

Groups tab

 Add button  Click this to open the LDAP Search Dialog (Group Version) wherein you
can specify a context where Filr searches for LDAP groups.

 Delete button  Click this after selecting one or more group Base DN entries. For
example, when the context no longer exists or when it is covered by
another entry.

OK button  Click OK to save the LDAP server configuration.

Cancel button  Click this to discard your changes and exit.

LDAP Search Dialog (User Version)

Path: Port 8443 Filr Admin Console > System > LDAP > Add button > Users tab > Add button

Table 5-3 Using the LDAP Search dialog (User Version)

Field, Option, or Button Information and/or Action

LDAP Search dialog (User Version)

 Base DN: Best Practice: Use the Browse icon next to the Base DN field to browse
the LDAP directory for the base DN that you want to use. This eliminates the
risk of typing the context incorrectly. Also, if browsing fails, that means the
LDAP server configuration is not correct and must be changed.
 This is the directory context or container under which LDAP User
objects are located.
 When specifying this you must use the syntax required by your
directory service type.
 eDirectory: ou=organizational_unit,o=organization
 Active Directory:

ou=organizational_unit,dc=domain_component

IMPORTANT: Container names cannot exceed 128 characters. If they do,

users are not provisioned.

LDAP Servers and Synchronization 41

Field, Option, or Button Information and/or Action

 Filter: Filr sets up a standard User filter for the LDAP server type.

IMPORTANT: In most of the cases, you need to modify this to ensure that
only the licensed users are added to the Filr server.

Use the User filter to provision only the licensed users to the Filr server.

 About User Filters:

 By default, Filr identifies potential users by filtering on the
following LDAP directory object attributes:
 Person
 orgPerson
 inetOrgPerson
If needed, you can modify the filter by inserting the following
operators:
 | OR (the default)
 & AND
 ! NOT

 A Group for Filr Users:

 You might want to create a group for only Filr users, regardless of
where they are located in your LDAP directory.
 After creating the group, use the following filters to search for
User objects that have the group membership attribute shown
below.
Make sure you include the parentheses in your filter.
 eDirectory:

(groupMembership=cn=group_name,ou=organizational_unit,
o=organization)
 Active Directory:

(memberOf=cn=group_name,ou=organizational_unit,dc=doma
in_component)

IMPORTANT: Users in eDirectory sub-groups are not synchronized.

However, for Active Directory you can create a filter that synchronizes
users in sub-groups by using the following rule object identifier (OID):

<attribute name>:<matching rule OID>:=<value>

 Search subtree  Select this if you want Filr to search for users in containers underneath
the base DN (that is, in subtrees).

Home-Directory Net Folder Configuration sub-section

42 LDAP Servers and Synchronization

Field, Option, or Button Information and/or Action

 Use the following  Select this to specify the Net Folder Server and path where user Home
custom criteria directories are located.
 Net Folder Server: Click the drop-down list and select the Net Folder
Server where Filr should create home folders when the users in this
context (Base DN) log in.
If the server isn’t created yet, click New Net Folder Server and refer to
“Creating a Net Folder Server” on page 69 if you need help.
 Relative Path: Using UNC syntax, specify the path to where the
corresponding Home directories are located.
For example, if user Home directories are included in a directory
named Home which is located at the root of the specified Net Folder
Server, the path would be Home\.
In place of the actual directory names, include a replaceable parameter
using the syntax: %LDAPattributeName%.
Continuing the example, if the Home directory is associated with the
LDAP attribute cn, the complete path with the replaceable parameter
included would be Home\%cn%.
Filr evaluates replaceable parameters each time a user logs in and
replaces the parameter with the value of the LDAP attribute specified
in the path.
 After the Home Net Folder Server is created, when you log in to the
Port 8443 Administration Console, you are prompted to complete the
server’s configuration by specifying a Net Folder proxy user. See the
information starting with “Specify proxy using a Proxy Identity” on
page 71.

 Use the LDAP home  Select this option to use the LDAP Home directory attribute.
directory attribute  Filr detects the attribute during the LDAP synchronization process.
 If the search context of the LDAP synchronization contains an OES or
Windows server that has a Home folder attribute associated with at
least one user, Filr creates a Home Net Folder Server immediately after
running the LDAP synchronization process.
 After the Home Net Folder Server is created, when you log in to the
Port 8443 Administration Console, you are prompted to complete the
server’s configuration by specifying a Net Folder proxy user. See the
information starting with “Specify proxy using a Proxy Identity” on
page 71.

LDAP Servers and Synchronization 43

Field, Option, or Button Information and/or Action

 Use the specified LDAP  Select this option to specify the name of the LDAP attribute that
attribute contains the required home directory information.

Attribute Name: This must be of type String and must contain a UNC
path, with one of the following forms:

\\server\volume\path

\\server\share\path

\\server\share
 After the Home Net Folder Server is created, when you log in to the
Port 8443 Administration Console, you are prompted to complete the
server’s configuration by specifying a Net Folder proxy user. See the
information starting with “Specify proxy using a Proxy Identity” on
page 71.

 Don’t create a home  Select this option if you do not want user Home directories to be
directory Net Folder created at the time that users are imported into the Filr system.

LDAP Search Dialog (Group Version)

Path: Port 8443 Filr Admin Console > System > LDAP > Add button > Groups > Add button

Table 5-4 Using the LDAP Search dialog (Group Version)

Field, Option, or Button Information and/or Action

LDAP Search dialog (Group Version)

 Base DN: Best Practice: Use the Browse icon next to the Base DN field to browse
the LDAP directory for the base DN that you want to use. This eliminates
the risk of typing the context incorrectly. Also, if browsing fails, that means
the LDAP server configuration is not correct and must be changed.
 This is the directory context or container under which LDAP Group
objects are located.
 When specifying this you must use the syntax required by your
directory service type.
 eDirectory: ou=organizational_unit,o=organization
 Active Directory:

ou=organizational_unit,dc=domain_component

IMPORTANT: Container names cannot exceed 128 characters. If they do,

groups are not provisioned.

 Filter: Filr sets up a standard Group filter for the LDAP server type.

IMPORTANT: In most of the cases, you need to modify this to ensure that
only the licensed users are added to the Filr server.

Use the Group filter to provision only the licensed users to the Filr server.

44 LDAP Servers and Synchronization

Field, Option, or Button Information and/or Action

 Search subtree  Select this if you want Filr to search for groups in containers
underneath the base DN (that is, in subtrees).

Conceal LDAP ID
Displaying the LDAP ID can cause security threats to the directory service such as unauthorized
access to data and modification of configuration. A configurable option is available in the ssf-
ext.properties file to hide the LDAP IDs.

1 In the /opt/novell/filr/apache-tomcat/webapps/ssf/WEB-INF/classes/config/
ssf-ext.properties file, set the hide.LDAPId parameter to true.

User Ids are no longer displayed in the Web Client - Address book search, Show People tabs and
so on.
2 Restart the Filr service after making modifications to the ssf-ext.properties file.

LDAP Servers and Synchronization 45

46 LDAP Servers and Synchronization
6 Content Editor
6

The Content Editor (CE) appliance enables collaborative editing feature for Filr users. The
functionalities are:
 Secure edits of the documents
 Multiple files that can be concurrently edited by multiple users
 Supports collaborative edits for all major file types like documents, spreadsheet, and so on
 Edits are done by using the Browser, no Native application is required
 Policies to block copy, print, and download of the content
 By default, this functionality is available for all files under My Files, Shared With Me, Shared By
Me and Net Folder areas.
A separate appliance is required as the collaborative editing is a resource intensive task. Around 100
files can be concurrently edited by using this functionality.

Content Editor Dialog

Path: Port 8443 Filr Administration Console > System > Content Editor

NOTE: This functionality is only available on Filr Advanced Edition. This feature is available with Filr
Web UI, desktop clients and mobile apps.

IMPORTANT: CE ships with a self-signed certificate. Ensure to change the self-signed certificate to a
valid trusted certificate, so all the clients can use this functionality.

Table 6-1 Edit Online Feature Availability

Apps / Clients Edit Online Feature Availability Require Valid Trusted Certificate

iOS Filr Mobile App Yes Yes

Android Filr Mobile App Yes No

Windows Filr Mobile App No Not Applicable

Mac Desktop Client Yes Yes

Windows Desktop Client Yes No

Linux Desktop Client No Not Applicable

Before you configure the Content Editor options, you must do the following:
 Deploy a Content Editor appliance.

Content Editor 47
 Configure the Content Editor appliance with the DNS hostnames of each Filr appliance that you
want to be able to connect to it.
While installing CE, ensure that it is installed in the same domain where Filr is installed. For both
Filr and CE, at each level, domain names should be the same. For example, top-level domains
(such as “.com”), second-level domains (such as “abc.com”), and lower-level domains, also
called sub-domains (such as “support.a.com”).
For more information, see Content Editor .

Table 6-2 Using the Content Editor Configuration dialog

Field, Option, or Button Information and/or Action

Enable Content Editor 1. Select this to enable collaborative editing for Filr users.
2. Specify the configuration information for the following fields.

 Server URL  The server address (IP address or DNS hostname) of the Content
Editor appliance.

 Test connection button  Click this to test the connection between Filr and the Content
Editor appliance.

Content Editor Policies: Set the policies that will be applicable to the user when performing
collaborative edit.

When a user is editing the file and if changes are made to the policy,
then the file has to be reloaded for the changes to take effect.

 Disable copy  Content from the document cannot be copied to any other
document.

 Disable print and download  The file you are editing cannot be printed or downloaded to
your local workstation.

 Disable Watermark  By default, this option is enabled.

When this option is enabled, watermark is displayed across the

document. Email id or name of the user is displayed as
watermark. The watermark is also displayed on printing the
document.

NOTE: This option is available with CE 1.0.1 and later versions.

Adding Fonts
Path: Port 9443 Appliance Console > Configuration > Custom Fonts
You can upload new fonts and use them in the Content Editor. You can either upload a font file (.tff or
.otf) or upload a .zip file having multiple font files. If the user is already editing a file, then reload the
Content Editor page for the newly added fonts to appear in the Fonts drop-down menu.

48 Content Editor
Figure 6-1 Upload Custom Fonts

Table 6-3 Uploading Custom Fonts

Field, Option, or Button Information and/or Action

Path to font file  Enter the path of the font file or click Browse ot select the font
file file that you want to add to the Content Editor.

Click this to choose the font file (.tff or .otf .zip) file that you
want to add to the Content Editor.
Install  Install button.
Click this to install the font file that you have selected.

Dashboard
The Dashboard is used for monitoring system utilization and performance of Content Editor. You can
do live monitoring of all the user sessions running on Content Editor.
Perform the following steps, to view the dashboard:
1 Path: Port 9443 Appliance Console > Dashboard
2 Specify the credentials.

After entering the correct password, you can view the list of live documents opened, total users,
memory consumption, document URLs with the number of users viewing that document. You can
also end the sessions directly from the panel which results in closing the socket connection to the
respective document.

Content Editor 49
Figure 6-2 Dashboard Monitor

50 Content Editor
7 Licensing
7

 “Installing/Updating the Filr License” on page 51

 “Viewing Filr License Details” on page 51

Installing/Updating the Filr License

IMPORTANT: If you have an expandable deployment, you must update the license on each Filr
appliance in the cluster.
PostgreSQL and Filrsearch appliances do not require licenses.

Path: Port 9443 Appliance Console Configuration icon > License

Table 7-1 Using the License (port 9443) dialog

Field, Option, or Button Information and/or Action

 Choose File button 1. Download your license-key.xml file (from the Novell Customer Center
(NCC)) to your management workstation.

NOTE: If the license is not available, contact Micro Focus Support.

2. Click Choose File.
3. Browse to and select the downloaded license file.
4. Click Open.
5. Click Reconfigure Filr Server in the Configuration column.

Viewing Filr License Details

Path: Port 8443 Filr Admin Console > Management > License

Licensing 51
Table 7-2 Using the License (port 8443) dialog

Field, Option, or Button Information and/or Action

 Current License This section displays information about the installed license, including:

 Information about the license key, when it was issued, and who issued it.
 Product and version information.
 The effective date range.
 Information about user allowances.
Your contract contains details. Internal users might or might not be
restricted; external (Filr administrator-created) users are not restricted.
 The options or features that the license enables for use.

 Reload License File  If the license information displayed doesn’t seem correct, click this to reload
the file and refresh the display.

 If you need to install a new license file, see “Installing/Updating the Filr
License” on page 51.

52 Licensing
8 Logging and Monitoring
8

 “Accessing Filr System Log Files” on page 53

 “Automatically Applying Deferred Search Logs” on page 53
 “Changing the Ganglia Monitoring Configuration” on page 54
 “Generating Filr-Monitoring Reports” on page 55
 “Logging All HTTPS Traffic” on page 62
 “Managing Audit Trail Logs of Database Activity” on page 63

Accessing Filr System Log Files

Path: Port 9443 Appliance Console > System Services icon

Table 8-1 List of System Log Files

Field, Option, or Button Information and/or Action

 Log Files column  Click one of the Download links to download the log files for the following
services.
 Novell Filr: catalina.out, appserver.log
The catalina.out file reports all timestamps in UTC/GMT.
(Filr appliance)
 Jetty: jetty.stderrout.log
(Filr, Filrsearch, and PostgreSQL database appliances)
 Postfix: mail
(Filr appliance)
 Novell FAMT: famtd.log
(Filr appliance)
 Search: indexserver.log
(Filrsearch appliance)
 PostgreSQL: postgresql.log
(PostgreSQL appliance)
 Memcached: jetty.stderrout.out
(Filrsearch appliance)

Automatically Applying Deferred Search Logs

Path: Port 8443 Appliance Console > Search Index > Update Logs

Logging and Monitoring 53

Table 8-2 The Configure Update Logs dialog

Field, Option, or Button Information and/or Action

 Automatically IMPORTANT
Apply Deferred
Update Logs in  The application of update logs is integral to Filr system design and data
Background integrity.
 You should never disable this option unless instructed to do so by a support
technician as part of resolving an incident report.

Changing the Ganglia Monitoring Configuration

Ganglia is a scalable, distributed monitoring system that lets you gather important information
about your Filr system.
Path: Port 9443 Appliance Console > Ganglia Configuration icon

Table 8-3 Using the Ganglia Monitoring Configuration dialog

Field, Option, or Button Information and/or Action

Monitoring Services

Enable Full Monitoring  Deselect this if:

Services  You already have a monitoring system that you plan to use for Filr.
 You plan to configure a dedicated appliance for viewing monitoring
information.
You do this by selecting Unicast below and then specifying the DNS
name or IP address of the appliance where monitoring information will
be collected.
 (Default) Select this to have this appliance receive and store metrics from
other appliances, and to allow the Ganglia Web Interface to run on the same
machine as the Filr appliance.

Monitoring Options

Enable Monitoring on  (Default) Select this option to enable Ganglia monitoring on this appliance.
this appliance

 Multicast  (Default) Send performance data to the other appliances on the network
(default setting).

 Unicast  Send monitoring information to a single destination.

This is a best practice recommendation for performance.

 Publish to:  The URL where you want Ganglia to send monitoring information when it is
running in Unicast mode.

Monitoring Tool Options

 Enable direct http  Select this to allow Ganglia to communicate using HTTP port 9080.
port 9080 access

54 Logging and Monitoring

Field, Option, or Button Information and/or Action

 Reset Database  Click this to remove all existing Ganglia metrics from this appliance.
button
This option is not related to the Filr database.

See Also
 “Monitoring” in the Filr 4.2: Maintenance Best Practices Guide.
 The Ganglia Monitoring System web site (http://ganglia.info/).

Generating Filr-Monitoring Reports

The report information displays on the same page or gets downloaded to your computer in CSV
format. The CSV file downloads in a new tab that automatically opens in the same browser. So, you
must ensure that your browser allows pop-ups. Downloading large reports might take considerable
time.

IMPORTANT: The Filr server captures logs based on the user's local time zone. Hence, when you
generate a report, it is recommended to consider + or - one day depending on the time zone
difference between you and the user.

Path: Port 8443 Filr Admin Console > System > Reports

Table 8-4 Using the Reports dialog

Field, Option, or Button Information and/or Action

About the Reports  Most reports are created in CSV format for importing into a spreadsheet and
manipulating the data to suit your needs.

A few reports are displayed in the Reports window.

 The default file name for CSV-format reports is report.csv.
If you create multiple reports without manually renaming them, the default
file name is incremented—report (n).csv.
 CSV-format reports are saved in the default download directory for the
browser being used.

 Run a Report:  Click the drop-down list and select a report to run.

The following sections describe the contents of each report.

 “Credits Report” on page 56

 “Data Quota Exceeded Report” on page 56
 “Data Quota Highwater Exceeded Report” on page 56
 “Disk Usage Report” on page 57
 “Email Report” on page 57
 “External User Report” on page 58

Logging and Monitoring 55

 “File Block Report” on page 58
 “Filr Outlook Report” on page 59
 “License Report” on page 59
 “Login Report” on page 60
 “Orphaned User Share Report” on page 60
 “System Error Logs Report” on page 61
 “User Access Report” on page 61
 “User Activity Report” on page 61
 “XSS (Cross-Site Scripting) Report” on page 62

Credits Report
Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > Credits
This report displays the portions of Filr that are subject to third-party copyrights and licenses.

Data Quota Exceeded Report

Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > Data Quota Exceeded Report
 This report is only available when Data Quotas are enabled.
 It lists users who have exceeded their data quota.
 The CSV-formatted report contains the following:
 Data Quota Used (MB): The amount of disk space the user is currently using.
 Data Quota: If set, this is the user’s individual quota. If not set, the quota displays as zero
(0) and has not effect.
To set a quota for individual users, see Table 16-2, “Using the Personal Storage (data quota)
dialog,” on page 100.
 Max Group Quota (MB): If group quotas are set for one or more groups that this user
belongs to, this is the largest data quota set for any of those groups. If no groups have a
quota set, the quota displays as zero (0) and has no effect.
To set group quotas, see Table 16-2, “Using the Personal Storage (data quota) dialog,” on
page 100.
 Default Data Quota (MB): Displays the site-wide default quota.
For information on how to set a default data quota, see Table 16-2, “Using the Personal
Storage (data quota) dialog,” on page 100.

Data Quota Highwater Exceeded Report

Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > Data Quota Highwater
Exceeded Report

 This report is only available when Data Quotas are enabled and one or more high-water marks
are exceeded.

56 Logging and Monitoring

 It lists users who have exceeded their data high-water mark.
 The CSV-formatted report contains the following:
 Data Quota Used (MB): The amount of disk space the user is currently using.
 Data Quota: If set, this is the user’s individual quota. If not set, the quota displays as zero
(0) and has not effect.
To set a quota for individual users, see Table 16-2, “Using the Personal Storage (data quota)
dialog,” on page 100.
 Max Group Quota (MB): If group quotas are set for one or more groups that this user
belongs to, this is the largest data quota set for any of those groups. If no groups have a
quota set, the quota displays as zero (0) and has no effect.
To set group quotas, see Table 16-2, “Using the Personal Storage (data quota) dialog,” on
page 100.
 Default Data Quota (MB): Displays the site-wide default quota.
For information on how to set a default data quota, see Table 16-2, “Using the Personal
Storage (data quota) dialog,” on page 100.

Disk Usage Report

Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > Disk Usage Report
 This report is only available when Personal Storage is enabled.
 You specify which of the following information to include in the CSV-formatted report:
 Total Usage by User: Lists all Filr users whose disk space usage is above the amount
specified in the Include only users or workspaces with usage greater than field.
 Total Usage by Workspace: Lists all workspaces where disk space usage is above the
amount specified in the Include only users or workspaces with usage greater than field. Disk
space usage for each folder in each workspace is listed separately. The data is organized by
workspace and folder ID.
 Total Usage by User and Workspace: Combines the user and workspace data into a single
report.
 Usage Greater Than: The number of megabytes above which you want to list disk space
usage. Use this to eliminates smaller disk space usages from being reported.

Email Report
Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > Email Report
 Date Range: The date range defaults to the past month, but dates can be set by clicking in the
date fields and using drop-down widgets to change the range.
 Sent emails: Information about sent emails displays in the Reports window.
 Error emails: Information about email-associated errors displays in the Reports window.
 Received emails: Not operational because Filr cannot receive emails.
 Displayed reports include the following information:
 Send Date: When the email was sent.

Logging and Monitoring 57

 From Address: Address that the email was sent from.
This is the email address defined in the user profile.
 To Address: Address that the email was sent to.
 Type: Action that caused the message to be sent.
For example, sendMail indicates that an item was shared.
 Status: Status of the message.
 Subject Line: Subject line of the message.
 Attached Files: File name of any attachments that were included in the email message.
 Errors: Any errors associated with the email message.

External User Report

Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > External User Report
 Lists the following information about the external users you include in the People field. If the
People field is left blank, all external users are included.
 User ID
 First Name
 Last Name
 Email Address
 Creation Date
 Terms Acceptance Date

File Block Report

Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > File Block Report
This report lists information about all the files blocked from uploading during a specified period of
time.
 Date Range: The date range defaults to the past month, but dates can be set by clicking in the
date fields and using drop-down widgets to change the range.
 People: All users are covered by default, but you can begin typing names and use the name-
completion widget to select specific users for the report.
 This report lists the following information about the files that were blocked from uploading.
 User
 File Name
 File Operation
 File Operation Time
 Reason
 IP Address

58 Logging and Monitoring

NOTE: For files that are being uploaded through the web browser, Filr does a minimal check on
the files at the browser level itself and does not upload or save files that must be blocked. This
report does not include any entry for files that Filr blocks at the browser level.

Filr Outlook Report

Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > Filr Outlook Report
 Date Range: The date range defaults to the past month, but dates can be set by clicking in the
date fields and using drop-down widgets to change the range.
 This report lists the following information about the email sent through Outlook and the details
of the file uploaded on the Filr server and shared in the email:
 Sender: The account from which the Outlook email is sent.
 File Name: The name of the file on the Filr server that is shared in the email.
 File Size: The size of the file on the Filr server whose link is shared in the email.
 Sent Date: The date on which the email is sent.
 Subject: The subject of the email.
 Recipients: The email addresses to which the email was sent.
 Accessed on: The date and time when the Filr file shared in the email was last accessed.
 Expiration Date: The date and time when the Filr file link sent in the email expires.
 Downloads Allowed: The total number of times that the Filr file whose link is shared in the
email can be accessed.
 Downloads Remaining: The number of times that the Filr file whose link is shared in the
email can still be accessed.

License Report
Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > License Report
The License report lists the following information in the Reports window:
 Filr version (ProductTitle)
 License key type (Key uid)
 Date the license key was issued (Key issued)
 Date range when the license key is valid (Effective)
 Information regarding registered and external user allowances.
 The Date Range covered by the report (as set before Create Report is clicked)
 Current Active User Count—user accounts that are not disabled.
 List of dates in the date range with the following user license information:
 Date: The date for which the data in the row applies.
 Local Users: User accounts created within Filr and not being synchronized from an LDAP
directory.

Logging and Monitoring 59

 Users Synchronized from LDAP: User accounts created from an LDAP source. (Only
synchronized accounts that are not marked as Deleted or Disabled are counted.)
 Users with OpenID Accounts: OpenID is no longer supported. Users that self-provisioned
using an OpenID account.
 Self Registered Users: User accounts created when users self-provisioned.
 Guest Access Enabled: Whether Guest access was enabled on the listed date.
 Users in the Past 365 Days: Users who have logged in at least once in the past year.
 Checksum: <waiting for information from Sanjeev.>

NOTE: This report only covers web client users. Mobile and Desktop users are not currently tracked.

 Date Range: The date range defaults to the past month, but dates can be set by clicking in the
date fields and using drop-down widgets to change the range.
 People: All users are covered by default, but you can begin typing names and use the name-
completion widget to select specific users for the report.
 Summarize Login Entries: Summarizes how many times the selected users have logged in using a
web browser.
The Sort Report By drop-down list, lets you presort the data alphanumerically by User, Last
Login, or Number of Logins.
 List All Login Entries: Lists each successful log in to the web client and includes the following
data about the action:
 User (first name, last name, and user ID)
 Account type
 Login date and time
 IP address
The Sort report by drop-down list lets you presort the data alphanumerically by either Login
Date or User.

Orphaned User Share Report

Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > Orphaned User Share Report
The Orphaned User Share report lists the following information in the Reports window:
 User: The name of the user who shared files or folders with other users and whose account is
now either disabled or deleted. No information is displayed if the user object is deleted.
 User State: The state of the account of the user who shared the files: disabled or deleted.
 Entity Type: The type of entity (file or folder) that the user shared with other users.
 Entity Name: The name of the file or the folder that the user shared with other users.
 Path: The path of the shared entity.

60 Logging and Monitoring

 Revoke: Displays Yes or No depending on whether the orphaned user shares are already
revoked.

System Error Logs Report

Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > System Error Logs
Use this to download a logfiles.zip file of the error logs currently on the system.
 Download Log: Generates a logfiles.zip file that contains the error logs currently on the system.
 The zip file is downloaded to the browser’s download directory.
 If you download multiple zip files without manually renaming them, the file name is
incremented—logfiles (n).zip

User Access Report

Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > User Access Report
This report shows each Filr location that the specified user has access to.
 User: Use the name-completion widget (type then select a name) to select a user you want to
check.
A report for the user is automatically displayed in the Reports window, showing each location
that the user has access to.

User Activity Report

Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > User Activity Report
This report summarizes the significant actions that specified users have taken on the Filr site during
a specified period of time.
 Date Range: The date range defaults to the past month, but dates can be set by clicking in the
date fields and using drop-down widgets to change the range.
 People: All users are covered by default, but you can begin typing names and use the name-
completion widget to select specific users for the report.
 Activity Summary: This report lists how many times the selected users have performed the
following actions in the Filr site:
 User reported on
 Views
 Adds
 Edits
 Renames
 Deletes (purge)
 Pre-Delete (delete but not purge)
 Restores (restore a deleted item that has not been purged)

Logging and Monitoring 61

 ACL changes
 Add shares
 Modify shares
 Delete shares
 Workspace or Folder Activity: This report lists each individual user action and includes the
following data about the action:
 User performing the action
 Activity type
 Count
 Activity date and time
 Folder
 Entry title
 Entity type
 Share Recipient
 Recipient Type
 Share Role

XSS (Cross-Site Scripting) Report

Cross-site scripting (XSS) is a client-side computer attack that is aimed at web applications. Because
XSS attacks can pose a major security threat, Micro Focus Filr contains a built-in security filter that
protects against XSS vulnerabilities. For more general information about XSS, see “XSS—Filr Is
Secure” in the Filr 4.2: Maintenance Best Practices Guide.
Path: Port 8443 Filr Admin Console > System > Reports > Run a Report: > User Activity Report
 Select the binders to be checked: Navigate the directory structure and select the directories you
want to scan, then click Create Report.
The generated lets you to remove potentially harmful XSS threats from your Filr site.

IMPORTANT: Because XSS attacks often are designed to wait for users with extra privileges
(such as the administrator) to view the page where the attack was set, it is important that you
don’t navigate to the page after you run the report.
For information about how to run the XSS report and safely remove XSS threats, see “TID
7007381: Running the XSS Report in Micro Focus Filr” in the Novell Support Knowledgebase
(http://www.novell.com/support).

Logging All HTTPS Traffic

Path: Port 9443 Appliance Console > Configuration icon > Logging

62 Logging and Monitoring

Table 8-5 Using the Logging dialog

Field, Option, or Button Information and/or Action

 Enable host access  Selecting this generates a single file that contains log information for all
logging HTTPS traffic and can become large very quickly.
 If the file grows too large, you must disable this option.

NOTE: By default, non-https logging is always enabled on the appliance. (For

information about how to access the Filr log file, see “System Error Logs Report”
on page 61.)

Managing Audit Trail Logs of Database Activity

Path: Port 8443 Filr Admin Console > Management > Database Logs

Table 8-6 Using the Manage Database Logs dialog

Field, Option, or Button Information and/or Action

Automatically Delete  This defines the maximum number of days to keep audit trail log entries
Audit Trail Entries Older before they are deleted.
Than X Days
The default is 183 days (6 months).

The allowed minimum is 30 days, which would prune logs after 30 days.

Specifying a value 0 means that the audit logs are never pruned.

IMPORTANT: Before changing this, consider the following:

 Audit trail entries are used to build the Activity and Login reports.
Removing older entries limits the time span that these reports can
cover. (For more information about these reports, see “Generating Filr-
Monitoring Reports” on page 55.)
 The Filr desktop application relies on audit trail data when doing full
synchronizations.

Logging and Monitoring 63

64 Logging and Monitoring
9 Management Zones
9

Filr supports multi-tenancy by using Filr zones. Filr Administrators can now set Filr zones to create
multiple virtual Filr sites within a single physical Filr site. Each Filr zone is completely independent
and can be accessed using its own unique URL. Zone assets such as users, groups, shares, comments,
and data cannot be accessed across zones. A maximum of 12 zones per Filr server is supported. This
functionality is only available on Filr Advanced Edition.
Access to the Filr zones through NetIQ Access Manager is not supported.
 “Managing Zones” on page 65
 “Adding and Modifying Zones” on page 65
 “Viewing Zones Information” on page 67

Managing Zones
Path: Port 8443 Filr Admin Console > Management > Zones

Table 9-1 Using the Manage Zones dialog

Field, Option, or Button Information and/or Action

 Add button  Click this to launch the Add Zone dialog.

 Delete button  Use this to remove the selected zones.

 Modify button  Use this to modify the information for the selected zone.

Adding and Modifying Zones

 “Adding a Zone” on page 65
 “Modifying a Zone” on page 66
 “Deleting Zones” on page 67

Adding a Zone
Path: Port 8443 Filr Admin Console > Management > Zones > Add

Management Zones 65
Table 9-2 Using the Add Zone dialog

Field, Option, or Button Information and/or Action

 Zone Name  Specify a unique name to describe the zone. The name can include
alphanumeric characters and should use less than or equal to 128
characters.

 Virtual Host  Specify the hostname or fully qualified domain name of the zone
that you have set up in DNS. The name should include less than or
equal to 255 characters.
 Ensure that the hostname does not include the special character
“_”.

 Description  Specify a short description for the zone. This is an optional field
and is limited to 128 characters.

 Unrestricted Storage  Specifies the total amount of storage space that all the users in the
zone can use in the Filr site. By default, the Unrestricted Storage
option is selected, which means that the storage space in the Filr
site is not restricted for the zone.
 To restrict the storage space for the zone:
1. Deselect the Unrestricted Storage option.
2. Specify values for the following:
 Storage Quota: Specify the total amount of disk space
(in GB or TB) that all the users in the zone can use in the
Filr site.
IMPORTANT: Do not specify a zero value (0) for the
Storage Quota.
 Default High-Water Mark: Specify the percentage of
the zone storage quota utilization, when the zone
administrator has to be notified that the zone users are
approaching the storage quota. The default high-water
mark is 90% of the total storage quota for the zone.
IMPORTANT: Do not specify a zero value (0) for the
Default High-Water Mark.

Modifying a Zone
Path: Port 8443 Filr Admin Console > Management > Zone > Select a zone > Modify.
Generally, the information in Adding a Zone applies to modifying a zone. You can modify the value of
the Virtual Host and Unrestricted Storage. On modifying the new value for the virtual host, ensure
the following:
 You must remove the DNS record for the previous virtual host value specified for the zone.
 The new value does not include the special character “_”. This fails to launch the console and
results in “Error 400”.

66 Management Zones
Deleting Zones
Path: Port 8443 Filr Admin Console > Management > Zone > Select one or more zones > Delete.
When you delete a zone, you must remove the DNS record for the virtual host specified for the zone.

WARNING: Deleting the zone permanently deletes all zone-related entities and data from Filr and it
cannot be undone.

Viewing Zones Information

Path: Port 8443 Filr Admin Console > Management > Zones
The Manage Zones page lists the following information about all the existing zones in the Filr site:

Table 9-3 Using the Manage Zone page

Field, Option, or Button Information and/or Action

 Zone Name:  Name of the zone.

 Virtual Host:  The hostname or fully qualified domain name of the zone that you
have set up in DNS.

 Description  Description of the zone.

 Storage Space Used:  The amount of the storage space, in percentage, used by all users
in the zone. Depending on the space used, the storage space
indicator displays one of the following colors:
 Green: The storage space used is within the high-water mark
limit set for the zone.
 Yellow: The storage space used is beyond the high-water
mark limit set for the zone.

By default, the first zone in the list is highlighted. The Zone Information pane on the right hand side
of the Manage Zones page displays the following additional information about the highlighted zone.
To view the additional information for a zone, click the zone name to highlight that zone

Table 9-4 Using the Zone Information panel

Field, Option, or Button Information and/or Action

 Internal Users Count:  Number of internal users logged in to this zone.

 External Users Count:  Number of external users logged in to this zone.

 Users Logged in Since 30  Number of users logged in to this zone since 30 days.
Days:

 Storage Quota:  The total storage space allocated for the zone

Management Zones 67
Field, Option, or Button Information and/or Action

 Storage Space Used:  The amount of the zone storage space already consumed by the
zone users.

 Default High-Water Mark:  The high-water mark set for the zone, which is the percentage of
the zone storage quota utilization when the zone administrator
has to be notified that the zone users are approaching the storage
quota.

68 Management Zones
10 Net Folder Servers
10

 “Creating and Managing Net Folder Servers” on page 69

 “Enabling Just-in-Time-Synchronization for Filr and eDirectory Rights Usage for OES and
NetWare” on page 74
 “Proxy User Identities” on page 75

Creating and Managing Net Folder Servers

 “Manage Net Folder Servers Dialog” on page 69
 “Creating a Net Folder Server” on page 69
 “Editing an Existing Net Folder Server” on page 74
 “Deleting a Net Folder Server” on page 74

Manage Net Folder Servers Dialog

Net Folder Servers are “connections” to physical file servers and their associated NSS volumes, CIFS
shares, or SharePoint sites. You can set up as many Net Folder Servers as needed.
Path: Port 8443 Filr Admin Console > Management > Net Folder Servers

Table 10-1 Using the Manage Net Folder Servers dialog

Field, Option, or Button Information and/or Action

 Add button  Click this to create a new Net Folder Server.

 Delete button  Before you can delete a Net Folder Server, you must first delete all Net
Folders associated with it.
 After completing the first step and selecting a listed Net Folder Server, click
this button to remove the connection to this Net Folder Server from Filr.
Data on the back-end server is unaffected.

 Sync button  After selecting a Net Folder Server, click this to immediately synchronize Net
Folder meta data with Filr according to the Synchronization Options you
have set.

 Name  Click a Net Folder Server name to begin editing its configuration settings.

 Path  This shows the connection path to the Net Folder Server.

Creating a Net Folder Server

Path: Port 8443 Filr Admin Console > Management > Net Folder Servers > Add

Net Folder Servers 69

Best Practice: Plan your Net Folder Servers in advance and use the following table when working in
this dialog:

Table 10-2 Using the New Net Folder Server dialog

Field, Option, or Button Information and/or Action

Configuration tab

 Name:  Specify a name for this Net Folder Server.

 In most cases this should be a name that clearly indicates the file
server and volume.
 If the server and volume are defined in your LDAP directory services as
a Home Directory location, a Home Net Folder Server is created
automatically and the name is assigned using the information in LDAP,
as follows:
defined_dns_or_ip_path_to_server-
volume_or_share_name
For example,
 \\oes-fs-1.my-company.local\HOME_NSS
Is automatically named:
oes-fs-1.my-company.local-HOME_NSS
 \\Win2012.my-company.local\Home_Folders$
Is automatically named:
Win2012.my-company.local-Home_Folders$

70 Net Folder Servers

Field, Option, or Button Information and/or Action

 Server Type:  Server types include OES, OES 2015 or later (NSS for AD), NetWare,
Windows or SharePoint 2013.
 For OES 2015 or later NSS AD servers, you must consider whether the
Volume is enabled for NSS AD and the protocol that the volume uses:
 Volume enabled for NSS AD
Uses the CIFS or NCP protocol
Select Micro Focus Open Enterprise Server (NSS for AD) as the
server type
 Volume not enabled for NSS AD
Uses CIFS protocol
Select Micro Focus Open Enterprise Server (NSS for AD) as the
server type
For more information on NSS AD, see the NSS AD Administration
Guide.
 Volume not enabled for NSS AD
Uses NCP protocol
Select Micro Focus Open Enterprise Server as the server type
 For NSS volumes on OES 2015 or later servers that have DFS junction
targets that point to an older OES server, you must select Micro Focus
Open Enterprise Server as the server type. Otherwise, the trustee
assignments on the target will not be reflected in Filr.
If an NSS volume on an OES 2015 or later server has DFS junctions and
you are planning to select the OES 2015 NSS for AD server type, you
must scan the volume from iManager as instructed in “Managing
Junctions” in the OES 2018 SP2: Domain Services for Windows
Administration Guide.
 For Home Net Folder Servers, this is set automatically

 Server Path:  The path to the NSS volume (OES or NetWare), NSS volume on OES
2015, Windows share, or SharePoint 2013 site on the file server.
 For Home Net Folder Servers, this is set automatically

Authentication tab

 Specify proxy using a  Best Practice: Select this option to specify a Proxy Identity.
Proxy Identity  Click the Proxy Identity field and begin typing to expose the list of
 Proxy identity: Proxy Identities.
Select a previously defined Proxy Identity created in “Creating Proxy
Identities” on page 76.

Net Folder Servers 71

Field, Option, or Button Information and/or Action

 Specify proxy using a  Alternate Practice: Select this option to specify a Proxy User and
name and password Password.
 Proxy name:  Click the LDAP browse icon to find and select the Proxy Name.
 Proxy password:  Type the Proxy Password.
Proxy name and password: Specify the fully qualified, comma-
delimited name and password for the proxy user used to access the
OES, NetWare, Windows, or SharePoint 2013 server. (You can use the
Browse icon next to the Proxy field to browse the LDAP directory
for the proxy user that you want to use.)

 Test Connection button  Always click this button to ensure that the path is accurate and that
the credentials are valid.

Sometimes proxy users with the incorrect context pass this test.
Ensure that the context for your proxy user is correct.

 Authentication Type:  Select the authentication service for the file server that you are
connecting to.

Option availability reflects the Server type setting that you selected in
the Configuration tab.
 For OES or NetWare, only Micro Focus NMAS is available.
 For OES (NSS for AD), only Auto Detect (Kerberos then NTLM) is
available.
 For Windows, you can select Kerberos, NTLM, or Auto detect
(meaning that Kerberos is attempted first, and if it fails, NTLM is
used.)
Kerberos requires
 That the DNS name server can resolve DNS queries for the
Active Directory domains.
And
 Kerberos port 88 communication is available.
If either requirement is not met, you must select NTLM as the
authentication type.

Synchronization Schedule
tab

 Enable Scheduled  Select this option to enable full metadata synchronization between the
Synchronization back-end file server and Filr according to the schedule you specify
below this option.

 Every Day  The options you select and configure in this section set a default
 On Selected Days schedule for each Net Folder associated with this Net Folder Server.

 At  The synchronization options you specify can greatly affect system

performance.
Repeat every XX hours As a best practice, Micro Focus recommends that you set the options
here only after completing the planning.

72 Net Folder Servers

Field, Option, or Button Information and/or Action

Synchronization Options
tab

 Index the Content of files  Select this to have Filr index the files in all associated Net Folders for
in the Net Folders searchability.

IMPORTANT: Enabling indexing at the Net Folder Server level is not

usually a best practice. Rather, indexing should be confined to Net
Folders. This is why disk space planning should be done at the Net
Folder level.

A possible exception to this rule is enabling content indexing of Home

Net Folder Servers.

 Enable Just-in-Time IMPORTANT: This is always available as a selectable option, but it has no
synchronization effect unless JITS is enabled for the Filr system. See “Enabling Just-in-Time-
Synchronization for Filr and eDirectory Rights Usage for OES and NetWare”
on page 74.

 Click this to enable JITS on this Net Folder Server with the following
options enforced.
 For Home Net Folder Servers, JITS is automatically enabled.

 Maximum age for Just-in-  How long Filr waits from the last JITS synchronization before re-
Time results syncing.

Default is 60 seconds.

 Maximum age for ACL  How long Filr waits from the last ACL retrieval before retrieving the
Just-in-Time results information again.

The default is 3600 seconds (60 minutes).

 Allow the desktop app to  Select this option to ensure that user Home folders are synchronized
trigger initial home with users’ desktops.
folder sync
If this option is not selected, user Home folders are synchronized to
the Filr desktop application only after the user has logged in to Filr on
the web, or after the Filr administrator triggers a full initial
synchronization from the administration console (as described in
“Enabling and Tuning Net Folder Synchronization” on page 85).
 For Home Net Folder Servers, this is automatically selected.

OK button  Click this to save your changes.

Current user sessions are not affected. To see changes, users must log
in to a new session.

Cancel button  Click this to cancel the changes you have made.

Net Folder Servers 73

Editing an Existing Net Folder Server
NOTE: To fix a Home Net Folder Server configuration that was created automatically, you need only
provide a Proxy Identity or proxy user. See “Specify proxy using a Proxy Identity” on page 71.

Path: Port 8443 Filr Admin Console > Management > Net Folder Servers > Click a listed Net Folder
Server
Generally, the information in “Creating a Net Folder Server” on page 69 applies to the Edit Net
Folder Server dialog, with the following exceptions:
 The Name cannot be modified
 Do not change the Server Type.
If you have migrated data to a new back-end file server, you must create a new Net Folder
Server.
 Consult with Micro Focus Support before changing the Server Path.

Deleting a Net Folder Server

Refer to the information for the Delete button in Table 10-1 on page 69.

Enabling Just-in-Time-Synchronization for Filr and

eDirectory Rights Usage for OES and NetWare
Path: Port 8443 Filr Admin Console > Management > Net Folder Settings

Planning Worksheets

Best Practice: Plan for Just-in-Time Synchronization (JITS) in advance.

Table 10-3 Using the Net Folder Settings dialog

Field, Option, or Button Information and/or Action

Net Folder Global Settings

 Enable Just-in-  This controls general availability of Just-in-Time Synchronization.

Time  Selecting this allows the JITS settings on Net Folders and Net Folder Servers
synchronization of to function.
Net Folders
 De-selecting this disables JITS system-wide.
In other words, if you disable JITS here, then even though it can still be
selected or deselected on individual Net Folder Servers and Net Folders, it
won't actually work.

74 Net Folder Servers

Field, Option, or Button Information and/or Action

 Maximum wait  This sets the default value for how long the JITS process retrieves file and
time for results X folder metadata within a folder before returning the results to the user. If all
Seconds Metadata for the folder was not retrieved, retrieval continues in the
background.

The default is 5 seconds.

 Use directory  This is enabled by default and causes Filr to check eDirectory for user and
rights in addition group trustee information when accessing Net Folders.
to file system
rights For example, users and groups who have Supervisor rights on the NCP server
object have implicit rights on the volume in eDirectory and are therefore
trustees from an NCP perspective.
 If you are certain that no users inherit needed rights from eDirectory, you can
consider disabling this. However, if you miss something, disabling this option
might affect users’ ability to access certain files and folders.
 Checking eDirectory rights is a resource intensive task, hence Filr only checks
for these rights in the below scenarios:
 When a Filr server is restarted., or
 They take effect on a Net Folder Server, the next time the Net Folder
Server is reconfigured.

Refresh cached rights  This is the frequency that the Filr server checks the rights information from
information every X the OES file system.
Minutes  The default is every 5 minutes.
 Rights information is available in Filr only after one of the following occurs
since the last successful cache refresh:
 Just-in-Time synchronization on the folder.
 A scheduled or manual Full synchronization happens on the Net Folder
or Net Folder Server.
 This option applies only to OES back-end servers.
 NetWare servers refresh every 60 minutes.
 Windows and SharePoint servers refresh only when Net Folder and Net
Folder Server synchronizations occur.

Proxy User Identities

Proxy User Identities simplify the selection and password maintenance processes associated with
Net Folder Proxy Users. After defining a Proxy Identity, you can select it in a list rather than browsing
the LDAP tree, and when the user’s password changes on the backend, you only change it in the
Proxy User Identity dialog rather than in each Net Folder Server.
 “Managing Proxy Identities” on page 76
 “Creating Proxy Identities” on page 76
 “Modifying Proxy Identities” on page 76

Net Folder Servers 75

Managing Proxy Identities
Path: Port 8443 Filr Admin Console > Management > Proxy Identities
Best Practice: Plan your Proxy Identities in advance and use the following table when working in this
dialog:

Table 10-4 Using the Manage Proxy Identities dialog

Field, Option, or Button Information and/or Action

Proxy Identities

 New Proxy  Click this to launch the Creating Proxy Identities.

Identity... button

 Delete button  Use this to remove the selected Proxy Identity.

The LDAP proxy user associated with the Proxy Identity is unaffected.

 Filter List field  Begin typing a string to limit the displayed list of Proxy Identities.

 Gear icon  Click this and select Edit Column Sizes to open the Edit Column Sizes dialog.
You can then modify the column widths to fit your requirements.

Creating Proxy Identities

Path: Port 8443 Filr Admin Console > Management > Proxy Identities > New Proxy Identity...

Table 10-5 Using the New Proxy Identity dialog

Field, Option, or Button Information and/or Action

New Proxy Identity

 Title:  Type the name you want displayed in the Proxy Identities list. Specify a name
that is easily associated with the Net Folder servers to which the associated
LDAP Proxy user has rights.

 Proxy name:  Use the LDAP browser icon to browse to and select the target proxy user.

 Proxy password:  Type the current password of the target proxy user.

 Verify password:  Retype the password.

Modifying Proxy Identities

Path: Port 8443 Filr Admin Console > Management > Proxy Identities > New Proxy Identity...

76 Net Folder Servers

Table 10-6 Using the New Proxy Identity dialog

Field, Option, or Button Information and/or Action

Modify Proxy Identity

 Title:  You can change the name you want displayed in the Proxy Identities list.

The changed name then replaces the previous name in all lists and dialogs.

 Proxy name:  You can associate a different LDAP proxy user with the Proxy Identity by using
the LDAP browser.

 Proxy password:  When the password changes in LDAP, you can change it here rather than
needing to change each Net Folder Server’s proxy information.
 Verify password:
 All changes require that you type and verify the password.

Net Folder Servers 77

78 Net Folder Servers
11 Net Folders
1

 “Managing Net Folders” on page 79

 “Creating and Modifying Net Folders” on page 80

Net Folders are connections to specific directories within the Net Folder Servers you have created.
You can synchronize Net Folders on a schedule independent of the schedule set for the Net Folder
Server.

Managing Net Folders

Path: Port 8443 Filr Admin Console > Management > Net Folders

Table 11-1 Using the Manage Net Folders dialog

Field, Option, or Button Information and/or Action

 Add button  Click this to create a new Net Folder.

 Delete button  Select a Net Folder in the list, then click this and confirm that you want to
remove the Net Folder from Filr.

Filr users no longer have access to the Net Folder.

No data is affected on the back-end file server.

 Sync button  Click this to start a manual synchronization of the Net Folder.

 Stop sync button  Click this to stop a synchronization operation that is in progress.

 Filter List field  To filter the list of Net Folders, specify the name of a Net Folder in this field.

 Arrow drop-down  To display User Home Directories in the list, click this and select Show Home
Directories.

 Name  This column lists all of the standard Net Folders associated with the Filr
appliance.

 Sync status icon  The icon indicates the current synchronization status.
 Click the icon to view more information about the current synchronization
status.

 Server Name  The name of the Net Folder Server to which this Net Folder belongs.

 Relative Path  The directory path to this Net Folder from its parent Net Folder Server.

Net Folders 79
Creating and Modifying Net Folders
 “Creating a Net Folder” on page 80
 “Modifying a Net Folder” on page 84
 “Deleting a Net Folder” on page 84

Creating a Net Folder

Path: Port 8443 Filr Admin Console > Management > Net Folders > Add
Best Practice: Plan your Net Folders in advance and use the following table when working in this
dialog:

Table 11-2 Using the New Net Folder dialog

Field, Option, or Button Information and/or Action

Configuration tab

 Name:  Specify a name that you want users to see when accessing the Net
Folder.

 Net Folder Server:  Using the drop-down list, select the Net Folder Server that the
new Net Folder is associated with.

 New Net Folder Server:  I you have not already established a Net Folder Server for this Net
button Folder, you can create it by clicking this and following the
instructions in “Creating and Managing Net Folder Servers” on
page 69.

 Relative path:  Specify the relative path to the folder on the Net Folder Server. If
this field is left blank, it uses the Net Folder Server path.

When connecting to a SharePoint site, if you leave the Relative

Path field blank, all document libraries shown in Site Contents are
synchronized to Filr. These libraries include the following:
Documents, Form Templates, Site Assets, Site Pages, Style Library,
and any user-created document libraries.

 Test Connection button  Click this to verify that the path that you have typed is valid.

 Use the index content setting  This is selected by default and causes this Net Folder to use the
defined on the Net Folder content indexing setting defined for the Net Folder Server, which is
Server that content-indexing is not enabled.

As noted in “Creating a Net Folder Server” on page 69, enabling

indexing at the Net Folder Server level is not a best practice and
there is no disk space planning support in the planning worksheets
for this.

80 Net Folders
Field, Option, or Button Information and/or Action

 Use the index content setting  If the Content Searchable? value is set to Yes, select this option
defined below to configure this Net Folder for content indexing.

Because indexing happens in the background and can take several

hours or even days to complete for large datasets, Micro Focus
recommends “Dedicating a Filr Appliance to Indexing and Net
Folder Synchronization” as explained in the Filr: Installation,
Deployment, and Upgrade Guide.

 Index the content of files  If you selected the option to Use the index content setting
within this Net Folder defined below, you must select this if you want to enable content
indexing for the Net Folder.

This is presented as a separate option from its parent option to

allow for those cases where content indexing is enabled at the Net
Folder Server level (not a best practice) but this Net Folder should
not be indexed.

 Use the Just-in-Time settings  This is selected by default and causes this Net Folder to use the
defined on the Net Folder JITS settings defined for the associated Net Folder Server.
Server

 Use the Just-in-Time settings  Select this if you want to use different JITS settings than are
defined below defined on the associated Net Folder Server.

 Enable Just-in-Time IMPORTANT: This is always available as a selectable option, but it has
synchronization no effect unless JITS is enabled for the Filr system. See “Enabling Just-in-
Time-Synchronization for Filr and eDirectory Rights Usage for OES and
NetWare” on page 74.

 If you selected the option to Use the Just-in-Time settings defined

below, you must select this if you want to enable JITS
synchronization for the Net Folder.

This is presented as a separate option from its parent option to

allow for those cases where JITS is enabled at the Net Folder
Server level but JITS should not apply to this Net Folder.

 Maximum age for Just-in-  How long Filr waits from the last JITS synchronization before re-
Time results syncing.

Default is 60 seconds.

 Maximum age for ACL Just-in-  How long Filr waits from the last ACL retrieval before retrieving
Time results the information again.

The default is 3600 seconds (60 minutes).

Rights tab Net Folder Sharing Settings

Net Folders 81
Field, Option, or Button Information and/or Action

 User or Group:  After clicking the Rights tab, begin typing the name of a User or
Group that you want to have access to the files and folders on the
Net Folder.
 Click the name when it appears in the drop-down list.
You can specify the following types of users, groups, and
Organization Units (OUs) for granting rights:
 Individual users (either imported from the LDAP directory or
that have been created in Filr)
 Groups (either imported from the LDAP directory or that
have been created in Filr)
 Organization Units (when using eDirectory as the LDAP
directory)
After you specify the user, group, or Organization Unit and select
it, the Grant Rights dialog box displays.

Grant Rights dialog

 Allow access to the Net  You must select this for the associated user or group to access the
Folder Net Folder.

Users are granted a Filr role that roughly corresponds to the same
level of access rights that they currently have on the back-end
server’s file system.

If you select have selected users or groups that don’t currently

have access rights on the file system, they see only folder names.

 Recipient can share files in  If you want the associated user or group to be able to share the
this Net Folder with: files within this Net Folder, select from the following options.
 Internal users
 External users
 Public
 Share using File Link
 Allow the recipient to grant files re-share privilege

For more information about sharing in Filr, see “Understanding

Sharing” in Filr: Understanding How Filr Works.

IMPORTANT: Users and groups must first be included in the

Managing Sharing, License Terms, and Comments > Rights tab,
and their maximum sharing privileges defined there before they
can be granted rights to share files here.

Furthermore, the rights available here are restricted to only those

granted in the Managing Sharing, License Terms, and Comments.

82 Net Folders
Field, Option, or Button Information and/or Action

 Recipient can share folders in IMPORTANT: This functionality is only available when an Advanced-
this Net Folder with: Edition license is installed on the Filr appliances.

 If you want the associated user or group to be able to share folders

within this Net Folder, select from the following options.
 Internal users
 External users
 Public
 Allow the recipient to grant folders re-share privilege

For more information about folder sharing in Filr, see “Folder

Sharing (Advanced-Edition License Only)” in Filr: Understanding
How Filr Works.

IMPORTANT: Users and groups must first be included in the

Managing Sharing, License Terms, and Comments > Rights tab,
and their maximum sharing privileges defined there before they
can be granted rights to share folders here.

Furthermore, the rights available here are restricted to only those

granted in the Managing Sharing, License Terms, and Comments.

Synchronization Schedule tab Net Folder Synchronization

 Use the synchronization  If you already set a synchronization schedule for the Net Folder
schedule defined on the Net Server (as described in “Creating and Managing Net Folder
Folder Server Servers” on page 69), and if you want the Net Folder to use that
same schedule, select this option.

 Use the synchronization  Select this option to create an independent synchronization

schedule defined below schedule for the Net Folder.

 Enable scheduled  Select this option to enable synchronization, then select from the
synchronization: following synchronization options:
 Every day: Synchronize files every day.
 On selected days: Synchronize files only on designated days
of the week.
 At: Select the time of day to synchronize files.
 Repeat every xx hours: Select how frequently the
synchronization occurs.
 This is presented separately from the parent option to allow for
those cases where full synchronization is enabled at the Net Folder
Server level but should not apply to this Net Folder.

Data Synchronization tab

 This folder can be accessed  This option is enabled by default on upgrading to Filr 3.4 or later. If
from the user's desktop selected, Filr desktop users can view this Net folder using the
desktop application.

If deselected, this Net folder is hidden from the desktop users.

Net Folders 83
Field, Option, or Button Information and/or Action

 Users can access this folder  If this option is selected, the Make available offline option is not
only in an online mode available for the users. However, a user can double-click a file to
cache it locally.

 Users can access this folder  If this option is selected, users can perform all operations on the
both in an online and offline files and folders.
mode

Modifying a Net Folder

Path: Port 8443 Filr Admin Console > Management > Net Folders > Click a Net Folder in the list
Generally, the information in “Creating a Net Folder” on page 80 applies to the Edit Net Folder
Server dialog, with the following exception:
 Do not change the associated Net Folder Server or attempt to create a different Net Folder
Server for this Net Folder.

Deleting a Net Folder

Path: Port 8443 Filr Admin Console > Management > Net Folders > Select a listed Net Folder > Delete
See the information for the Delete button in Table 11-1, “Using the Manage Net Folders dialog,” on
page 79.

84 Net Folders
12 Net Folder System-Level Synchronization
12

 “Enabling and Tuning Net Folder Synchronization” on page 85

 “Just-in-Time Synchronization” on page 86

Enabling and Tuning Net Folder Synchronization

Use the following dialog to allow the full synchronization of Net Folders to happen.
Path: Port 9443 Appliance Console > Filr Appliance Tools> Configuration icon > Net Folders

Table 12-1 Using the Net Folders (synchronization) dialog

Field, Option, or Button Information and/or Action

Net Folders dialog

 Allow  Select this option to allow manual and scheduled full synchronizations of Net
Synchronization Folders on the appliance.

IMPORTANT: This setting must be selected for at least one Filr appliance in a
Filr cluster. If it is not, no manual or scheduled full synchronizations can
happen.

 Max Simultaneous  The number of Net Folders that can be synchronized simultaneously during a
Syncs: manual or scheduled full synchronization.

The default is 5.

 Threads Per Sync:  The number of threads that each synchronization can use.

The default is 4.
 For optimal performance, modify this value to be equal to the number of
CPUs on the appliance, multiplied by 1.5.
For example, if your appliance has 2 CPUs, change this value to 3.
 The max value that you can set is the number of CPUs on the appliance
multiplied by 3.
For example, if your appliance has 2 CPUs, the max value is 6.

OK button  Click this to save your changes. Then click Reconfigure Filr Server so that the
changes are used by Filr.

Cancel button  Click this to cancel the changes you have made.

Net Folder System-Level Synchronization 85

Just-in-Time Synchronization
Just-in-time synchronization is a process whereby the metadata for files and folders is immediately
downloaded from the file server to Filr when users browse to a folder.
It affects many different parts of Filr services as reflected in the following table.

Table 12-2 JITS Task Summary

To do this See this

 Enable/Disable JITS for the Filr  “Enabling Just-in-Time-Synchronization for Filr and eDirectory
system Rights Usage for OES and NetWare” on page 74

 Enable/Disable JITS for a Net  “Enable Just-in-Time synchronization” on page 73

Folder Server

 Enable/Disable JITS on a Net  “Enable Just-in-Time synchronization” on page 81

Folder

 Enable/Disable JITS on a user’s  ““Home Folder button” on page 151”

Home folder

86 Net Folder System-Level Synchronization

13 Network Infrastructure
13

 “Changing Network Settings” on page 87

 “Network Configuration” on page 88
 “Port Numbers” on page 90

Changing Network Settings

The settings in this dialog are set during initial deployment.
Path: Port 9443 Appliance Console > Network icon

Table 13-1 Using the Network (DNS, IP, Access restrictions) dialog

Field, Option, or Button Information and/or Action

Network (IP Network Support (IP Address Infrastructure Information and Appliance-Specific IP
Infrastructure) dialog Configuration Settings)

DNS Configuration
section

 Name Servers:  You can modify the name servers.

 Search Domains:  If this field is left blank, it is auto-populated with the domain of the appliance
hostname. For example, if the hostname of the appliance is
filr.mycompany.com, the domain is auto-populated with
mycompany.com.

 Gateway:  Make sure that this matches any of the other changes you have made in this
dialog.

NIC Configuration  In this section, you can modify the IP address, hostname, and network mask
section of any Network Interface Controller (NIC) associated with the appliance. (If
you configured multiple NICs for the Filr appliance, you can configure the
additional NICs.)
 In the NIC Configuration section, click the ID of the NIC.
 Edit the IP address, hostname, or network mask.
If you change the IP address, you must restart the appliance in order for
the change to be reflected.
 Click OK.

Appliance  In this section, specify the IP address of any networks for which you want to
Administration UI (Port allow access to the Filr site.
9443) Access  Leave this section blank to allow administrative access from any network.
Restrictions section

Network Infrastructure 87
Field, Option, or Button Information and/or Action

OK button  Click this to save your changes, then click Reconfigure Filr Server.

This stops and restarts your Filr server. Because this results in server
downtime, you should restart the server during off-peak hours.

User sessions can be affected by the above changes.

Cancel button  Click this to cancel the changes you have made.

Network Configuration
Path: Port 9443 Appliance Console > Configuration icon > Network

Table 13-2 Using the Network (Port Redirection) dialog

Field, Option, or Button Information and/or Action

Network Network Support (Network Communication Configuration)

(Communication
Configuration) dialog

 Port Redirection  Select this option to have Filr automatically redirect from ports 80 or 443
(which are the standard ports for Web browsers) to ports 8080 and 8443
(which are the default ports that Filr listens on). Enabling port redirection in
this way allows users to specify the Filr site URL without including the port
number. If port redirection is not enabled, users must include the port
number in the site URL when accessing the Filr site.

IMPORTANT: When port redirection is enabled, ensure that the reverse proxy
ports are set to 80 for the HTTP port and to 443 for the secure HTTP port. If they
are not, URLs that are sent with Filr email notifications will continue to have the
default port (8443) in them.

For information about how to change the reverse proxy ports, see “Reverse Proxy
Configuration Settings” on page 29.

 HTTP Port:  The default HTTP port is 8080. As a best practice, do not change this from the
default port.
 Select Enabled if you want to enable the HTTP port. By default, only the
Secure HTTP port is enabled.
 Select Force Secure Connection to force users to connect to Filr over a
secure connection (HTTPS).
See “Port Numbers” on page 90 for more information about port
numbers in Filr.

 HTTPS Port:  HTTPS Port: The default secure HTTP port for Filr is 8443. As a best practice,
do not change this from the default.

See “Port Numbers” on page 90 for more information about port numbers in
Filr.

88 Network Infrastructure
Field, Option, or Button Information and/or Action

 AJP Port:  If the AJP connector is listening on port 0.0.0.0, then to avoid the ghostcat
vulnerability, a new attribute is added to the AJP Connector in the /opt/
novell/filr/apache-tomcat/conf/server.xml file:
 address="0.0.0.0"
 secretRequired="true"
 secret="changeit"
The secret value should be changed to a complicated value and shared
with reverse proxy.
 For an explanation of the Apache JServ Protocol port, see The AJP Connector
(https://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html).

 Session Timeout  By default, if the Admin Console session is idle for four hours (240 minutes),
Filr logs the idle user out. For increased convenience to Filr users, you can
make the session timeout interval longer. For increased security for your Filr
site, you can make the session timeout shorter. The minimum value for this
field is 20 (minutes).
 This setting is not valid for the Web UI that is available in Filr 4.2 and later.
The default session timeout for Web UI is 15 minutes and the token gets
refreshed every 5 minutes. If you want to change these values, add the
following parameters to the ssf-ext.properties file:
 filr.token.expiration.interval=900
 filr.token.refresh.window=300
The filr.token.expiration.interval is the session expiry timeout
and value is given in seconds. The value recommended is 900 (15 minutes -
(15 X 60)).
The filr.token.refresh.window is for token Refresh and value is
specified in seconds. After this period of time, a new token is issued and it
extends the session. The refresh timeout recommended is 300 (5 minutes -
(5 X 60)).

 Forward Proxy No longer used.

Host Name

 Forward Proxy Port No longer used.

 Enable TLS v1.2  Restricts the Filr clients (Desktop, Mobile, Web) to use only TLS 1.2 protocol
Protocol ONLY for communicating with the Filr server. This option is disabled by default.

WARNING: To allow Filr desktop clients to continue working seamlessly, you

MUST ensure that the desktop clients are updated to the latest version
before you enable this option.

OK button  Click this to save your changes, then click Reconfigure Filr Server.

This stops and restarts your Filr server. Because this results in server
downtime, you should restart the server during off-peak hours.

Current user sessions are not affected. To see changes, users must log in to a
new session.

Cancel button  Click this to cancel the changes you have made.

Network Infrastructure 89
Port Numbers
Table 13-3 lists the ports that you need to take into consideration when setting up Filr. Figure 13-1 is
a graphical representation of how some of the ports are used in a Filr deployment.
As a best practice, do not change any port numbers from the default ports.

Table 13-3 Filr Port Numbers

Port Numbers Description

80, 443 Standard Web server ports

8080, 8443 Default Tomcat ports for the Filr appliance

When you install Filr, Tomcat is installed along with

the Filr software. Filr uses Tomcat as a stand-alone
web server for delivering data to Filr users in their
web browsers. For more information about Tomcat,
see the Apache Tomcat Web site (http://
tomcat.apache.org).

9090, 9443 Jetty port for the appliance (Administrator Interface)

9080 Apache/HTTPD port

8005 Default shutdown port

For an explanation of the shutdown port, see Tomcat

- Shutdown Port (http://www.wellho.net/mouth/
837_Tomcat-Shutdown-port.html).

8009 Default AJP port

For an explanation of the Apache JServ Protocol port,

see The AJP Connector (http://tomcat.apache.org/
tomcat-6.0-doc/config/ajp.html).

22 SSH port for the appliance

111 rpcbind utility

1099 Java RMI port

4330 FAMT port

7380, 7443 Ganglia RRD-REST ports

8380, 8381 Default Jetty ports

8642, 8649, 8650, 8651, 8652 Ganglia web interface port

1199 Lucene RMI registry port

1188 Lucene server port

5432 PostgreSQL outbound port

3306 MySQL outbound port

90 Network Infrastructure
Port Numbers Description

1433 Microsoft SQL server port

25, 465 SMTP and SMTPS outbound ports

6901 OES DFS JetStream port

524/tcp Access OES server over NCP

137/tcp, 137/udp, 138/udp, 139/tcp, 445/tcp Access servers over CIFS

88 Kerberos port

11211 Used for memcached caching in an appliance cluster

636 Secure LDAP port

389 Non-secure LDAP port

Figure 13-1 Filr Port Usage

524
389/636
NetWare
6901

137
138 OES
139
445
389/636 w
88
Windows

445
CIFS Storage
22
80 80 111
443 443 2049
Personal Devices, 8443
L4 Switch 9443 NFS Storage
Workstations,
Browsers Filr 25
(465/587)
Mail

5432
PostgreSQL
Content Editor
Appliance
1188
1199
Protocol Key 8649 Filrsearch
11211
REST NCP CIFS NFS System Protocols

Network Infrastructure 91
92 Network Infrastructure
14 Notifications (Email)
14

Filr can send notifications through email about what is happening on the system. For an overview of
Filr’s notification services, see “Filr Email Notifications” in Filr: Understanding How Filr Works
To configure Filr’s notification services, see the following sections:
 “Configuring an Email Service for Filr to Use” on page 93
 “Enabling Notifications” on page 95

Configuring an Email Service for Filr to Use

Path: Port 9443 Appliance Console Configuration icon > Outbound E-Mail

TIP
 If you make changes in this dialog, you must select Reconfigure Filr Server for them to take
effect.
Because reconfiguring Filr restarts the Filr service, you should only change these settings during
off-peak hours.

Table 14-1 Outbound Email dialog

Field, Option, or Notes

Button

Outbound Email
dialog

 Use Local By default, Filr is configured with an active Postfix mail server system.
Postfix Mail
Server  To use another mail system (such as GroupWise), deselect this option, then specify
the appropriate information for the system that Filr will use instead.

 Protocol:  Specify whether the email system that Filr will leverage uses SMTP or SMTPS
(secure SMTP).

For GroupWise, check how the Internet Agent is configured.

 If the email system requires SMTPS, see “Email Transfer Security” in the Filr 4.2:
Maintenance Best Practices Guide.

 Host:  Specify the host name of the mail server that Filr will leverage.

If you are using GroupWise, this is the host name of a server where the Internet
Agent is running.

Notifications (Email) 93
Field, Option, or Notes
Button

 Port:  Specify the port through which Filr can connect to the SMTP mail server.

GroupWise always uses port 25, even when SSL is enabled.

Some mail servers require port 465 or 587 for SMTPS connections.

 Time zone:  You can change the time zone if you want Filr to use an email time stamp that is
different from the time zone where the server is located.

The time zone list is grouped first by continent or region, optionally by country or
state, and lastly by city.

 User Name:  Specify the email address that Filr will use when sending emails.

If the email server requires authentication, Filr sends this username.

Many SMTP mail hosts require a valid email address before they establish the SMTP
connection.

Although some email systems can construct a valid email address if you specify only
a valid user name, you should provide a valid email address to ensure a successful
connection.

Email notifications from Filr will show this email address in the From field.

 Password:  If the email server requires passwords, specify the password for the user name.

 Authentication  If the email server Filr is leveraging requires authentication, select this option.
Required
GroupWise The GroupWise Internet Agent does not require authentication for
inbound messages. However, the /forceinboundauth startup switch in gwia.cfg
will cause the Internet Agent to refuse SMTP connections unless a valid email user
name and password are provided.

The Internet Agent can accept just the user name or the full email address.

Exchange If you set up the outbound email server to require authentication (by
selecting the option Authentication Required), Exchange must be configured to
allow the From address to be different from the user who is configured for
Exchange authentication. The Exchange permission that you need to add is ms-
Exch-SMTP-Accept-Any-Sender.

This is needed because Exchange, by default, requires that the From address of
outbound emails match the exchange user who is configured for authentication,
and many Filr emails place the email address of the user performing an action in
the From field.

 Allow  If you select this option, users can send email to the All Users group.
sending e-
mail to all This is disabled by default because of the potential for users to send large numbers
users of emails.

 Force HTTPS  Select this if all links in Filr-generated email messages should be HTTPS instead of
links HTTP.

Otherwise, Filr uses its connection (HTTP or HTTPS) with the emailing user as the
link protocol.

94 Notifications (Email)
Field, Option, or Notes
Button

 Enable  Select this option if the email service that Filr is leveraging requires TLS over SMTP
STARTTLS for secure email.

 From e-mail  If you don’t want the User Name email address used in the From field in Filr
address messages, specify a different address here.
override:

 Use from e-  Select this option to have Filr always use the From email address override email
mail address address in system-generated emails (summarized in “Enabling Notifications” on
override for page 95).
all outbound
e-mail If this option is not selected, the From email address override field is used only in
digest subscription emails.

 Connection  Specify the amount of time for Filr to wait before timing out on a connection
Timeout: request to the email host.

 Test  Click this to test your Outbound E-Mail configuration.

Connection

Enabling Notifications
Path: Port 8443 Filr Admin Console > System > Email
By default, Filr users can have the Filr system send email notifications when they create folders, add
files, share files and folders, and so on.

Table 14-2 Using the Email dialog

Field, Option, or Button Notes

Email dialog

 Enable Outgoing Email  Use this option to control whether the Filr system generates email
notifications.

If you de-select this option, no notifications are sent.

This option has no effect on the ability for Filr users to email each
other.

 Default Digest Schedule  Use this section to schedule how often Filr sends activity digests to
subscribers.

Notifications (Email) 95
Field, Option, or Button Notes

 Outgoing Email Quotas  When users subscribe themselves or others to receive email
notifications, there is an option to have the email include changed or
new files as attachments.

Use the options in this section to control the size of email

attachments, as follows:
 To preserve the default of no size restrictions, leave the fields
blank.
 To limit attachment sizes, specify the maximum amounts for
either or both fields.
 To prevent any attachments from being sent, specify 0 (zero) in
each field.

96 Notifications (Email)
15 Performance Tuning
15

 “Changing Configuration Settings for Requests and Connections” on page 97

 “Changing JVM Configuration Settings” on page 98

Changing Configuration Settings for Requests and

Connections
Configure the number of client requests and database connections that Filr supports.
Path: Port 9443 Appliance Console > Configuration > Requests and Connections

Table 15-1 Using the Requests and Connections dialog

Field, Option, or Button Information and/or Action

Requests and  Max Threads: The maximum number of simultaneous client request threads
Connections that Filr will support.

Default: 250
 Max Active: The maximum number of database connections that can be
allocated simultaneously from this pool.
Default: 300
 Max Idle: The maximum number of database connections that can be
simultaneously idle in this pool.
Default: 300
 Scheduler Threads: The size of the thread pool used for background
execution of scheduled tasks.
Default: 20
 Max REST Requests (upload/download): The maximum number of
concurrent desktop and mobile, upload and download requests that Filr will
handle simultaneously.
Default: 150
Ensures that Filr does not exceed capacity.
Excess requests are cached so that Filr can respond when it has bandwidth.

OK button  After clicking this, you must click Reconfigure Filr Server for the changes to
take effect.

TIP: Extremely large Filr sites requesting numerous client requests and database connections might
see improved performance by increasing these settings.

Performance Tuning 97
Changing JVM Configuration Settings
Path: Port 9443 Appliance ConsoleConfiguration icon > JVM Settings

Table 15-2 Using the JVM Settings dialog

Field, Option, or Button Information and/or Action

JVM Settings Best practice recommendation: Set both sizes to 66% of total RAM (see
“Appliance Memory and CPU” in the Filr: Installation, Deployment, and Upgrade
Guide).

Although Filr can begin with the minimum and adjust up to the maximum as
needed, the adjustment process is resource intensive and degrades system
performance.

IMPORTANT: Values must end with g or m and cannot contain fractional values.
For example, to set the JVM min heap size to 1.5 GB, specify 1536m.

 JVM Min Heap Size: Increase or decrease as needed.

Default: 9g
 JVM Max Heap Size: Increase or decrease as needed.
Default: 9g
 Java Home: Informational only; cannot be changed.
 Allow generation of a system dump on a user signal: Causes generation of a
system dump in addition to a heap dump and java core dump at the time a
dump is triggered on a user signal.
This can be useful when troubleshooting issues with your Filr system.
However, a system dump takes more time and the files consume more disk
space than a heap dump or java core dump.

OK button  After clicking this, you must click Reconfigure Filr Server for the changes to
take effect.

98 Performance Tuning
16 Personal Storage and Home Folders
16

 “Enabling Personal Storage for Users and Groups” on page 99

 “Managing and Restricting Filr-Based Storage” on page 99

Enabling Personal Storage for Users and Groups

Path: Port 8443 Filr Admin Console Management > Personal Storage > Allow LDAP Users to Have
Personal Storage Area

Table 16-1 Using the Personal Storage (enable) dialog

Field, Option, or Button Information and/or Action

Personal Storage dialog Personal Storage (Enabling Personal Storage)

 Allow LDAP users  Select or deselect this, depending on whether you want all users whose
to have personal accounts are synchronized via LDAP to have access to personal storage in the
storage area My Files area.

To learn more about personal storage, see My Files (Personal Storage) in the
Filr: Understanding How Filr Works.

IMPORTANT: This lets you enable personal storage for all users. Unlike some
other configuration options, it is not required for personal storage to be
available. Personal storage can also be enabled or disabled on a user or group
basis irrespective of this setting.
 Individual Users: To enable or disable personal storage for individual
users, see Table 28-1, “Using the Users dialog,” on page 147.
 Groups of Users: To enable or disable personal storage for groups of
users, see Table 28-3, “Using the Groups dialog,” on page 151.

Managing and Restricting Filr-Based Storage

Disk space usage almost always increases over time. You can limit on the amount of data that can be
uploaded to Filr’s shared storage disk at the system level or for individual users and groups.
Only files count toward the data quota. Empty folders don’t count. Files in Net Folders don’t count.
You can limit the amount of disk space for individual users and groups as well as for individual
folders.
Path: Port 8443 Filr Admin Console > Management > Personal Storage

Personal Storage and Home Folders 99

IMPORTANT: Data quotas at all levels are strictly enforced. If uploading a file would cause a user to
exceed the assigned quota, Filr rejects the upload attempt and the attempt is aborted. This is also
true with data quotas that are set on folders.
When a file is added to a shared folder, the size of the file is attributed to the quota of the user who
uploaded the file.

Table 16-2 Using the Personal Storage (data quota) dialog

Field, Option, or Button Information and/or Action

Enable User Data Personal Storage (Enable User Data Quotas section)
Quotas section

 Enable User Data NOTE: Data quotas only apply to personal storage.
Quotas
Enabling Data Quota Enforcement

 Select this to enable

 Enforcement of the default data quota for all unlisted users and groups
And
 Enforcement of the data quotas shown for the listed users and groups
 Specify a high-water mark for both the default data quota and the quotas set
for users and groups.

Disabling Data Quota Enforcement

 Deselect this to disable all data quota enforcement.

 Default User Data  This applies to users who do not have another data quota (user or group)
Quota Size that applies to them.

Default is 100 MB.

 Default High-  When a user exceeds the data quota high-water mark (the default is 90% of
Water Mark the applicable data quota), a warning message displays on the user’s profile
page informing the user that he or she is approaching the data quota. Filr
displays how many kilobytes of disk space are still available.

 Add a Group IMPORTANT: Group quotas override default quota settings. If users belong to
button more than one group, they are assigned the highest quota to which they are
entitled through group membership.

1. Click this to add a group of users.

2. In the Group field, start typing the name of the group for which you want to
set a quota, then click the group name when it appears in the drop-down list.
Repeat this process to add additional groups for which you want to assign the
same data quota.
3. In the Quota field, specify the disk space limit for the group.
4. Click OK, then click Apply > Close to save the group data quota settings.

100 Personal Storage and Home Folders

Field, Option, or Button Information and/or Action

 Add a User button IMPORTANT: User quotas override default quota settings and the settings on any
groups to which users belong.

1. Click this to add an individual user quota.

2. In the User field, start typing the name of the user for which you want to set
a quota, then click the user’s name when it appears in the drop-down list.
Repeat this process to add additional users for which you want to assign the
same data quota.
3. In the Quota field, specify the disk space limit for the user.
4. Click OK, then click Apply > Close to save the user data quota settings.

Personal Storage and Home Folders 101

102 Personal Storage and Home Folders
17 Product Improvement
17

The first time you log in to Filr, after changing the admin user’s password, a dialog displays that
explains that the purpose of the Filr data collection system is to help improve the Filr product.
The data collection process runs for the first time when a Filr appliance has been running for 24
hours. Thereafter, it runs weekly.
For additional information, see “Helping Micro Focus Improve Filr” in the Filr 4.2: Maintenance Best
Practices Guide.

IMPORTANT: Micro Focus collects nothing that identifies your organization, your data, or your users.

Path: Port 8443 Filr Admin Console > Management > Product Improvement

Table 17-1 Using the Product Improvement dialog

Field, Option, or Button Information and/or Action

 Collect and send the product  This option causes the Filr system to send Micro Focus
name and version, and the information about the product version and build, license type,
number of LDAP users. and number of users.

 Also collect and send  This option causes the Filr system to send additional information
information about the about the installation, most of which is self-explanatory.
deployment size and  The user information doesn’t include the LDAP user count
configuration, the number of because that is already available under the Tier1.
files and folders, and so on.
 The user count numbers do not include system user
accounts, such as admin, _filesyncagent, and so on.
 The group count numbers do not include system groups,
such as allusers, allextusers, and so on.
 workspaceCount does not include system workspaces,
such as the /Home workspace and so on.
 The numbers in fileCounts and folderCounts in the
netFolder section correspond to each other by position.
 The mobile device type is derived from the value of the
description field associated with the device information
captured in the system. Any descriptions that don’t match
one of the pre-defined keywords are included as other.

 View the information  After the system has been running 24 hours, this link displays so
collected. that you can download and review the .json file created by the
collection process. This is the file that is sent to Micro Focus via
FTP.

Product Improvement 103

104 Product Improvement
18 Managing Uploading of Files
18

The file upload size limit conserves disk space on your Micro Focus Filr site because it prevents users
from uploading large files to the Filr site. The default size limit for uploading files into your Filr site is
2 GB. You can also allow or block the types of files that users can upload.
Path: Port 8443 Filr Admin Console Management > File Upload

Table 18-1 Using the Filr Upload dialog

Field, Option, or Button Information and/or Action

File Upload Limits tab Use the options under this tab to limit the size of the file that users can upload.

Default File Upload Size  Unlike data quotas, there is no option to enable or disable file upload size
Limit checks.
 The default file upload size limit is 2 GB, but you can modify this if needed.
 You can also add different upload limits for individual users and groups as
explained below.

 Add a Group IMPORTANT: Group upload limits override the default limit. If users belong to
button more than one group, they are assigned the highest upload limit to which they are
entitled through group membership.

1. Click this to add a group of users.

2. In the Group field, start typing the name of the group for which you want to
set an upload limit, then click the group name when it appears in the drop-
down list.
Repeat this process to add additional groups for which you want to assign the
same upload limit.
3. In the File Size Limit field, specify the size limit for the group.
4. Click OK, then click Apply > Close to save the group file size limit.

 Add a User button IMPORTANT: User upload limits override default upload limits and the limits set
for any groups to which users belong.

1. Click this to add an individual user upload limit.

2. In the User field, start typing the name of the user for which you want to set
an upload limit, then click the user’s name when it appears in the drop-down
list.
Repeat this process to add additional users for which you want to assign the
same upload limit.
3. In the File Size Limit field, specify the file size limit for the user.
4. Click OK, then click Apply > Close to save the user file size limit.

Managing Uploading of Files 105

Field, Option, or Button Information and/or Action

File Type Blocking tab IMPORTANT: This functionality is only available when an Advanced-Edition license
is installed on the Filr appliances.

Use the options under this tab to allow or block the types of files that users can
upload.

 No restrictions  Select this to allow users to upload files of all types. This is selected by
default.

 Whitelist - Allow  If you select this:

uploading of only  Users can only upload files of the type listed in the Whitelist.
the listed file types
 Users cannot upload a file for which Filr cannot detect the file type.
 Users can upload archive and compressed files of the type listed in the
Whitelist irrespective of whether the type of the files contained within
the archive and compressed file is listed in Whitelist or not. The
supported archive and compressed files include 7z, ar, arj, cpio,
dump, tar and zip.
For example: Users can upload a ZIP file containing an RTF file, even if
the Whitelist includes ZIP but not RTF.
 Whitelists are empty by default.
 You can add file types as needed:
 The Add dialog provides some examples of the supported file types
based on the category of files such as Document and Media. You can
choose to add other file types.
 You can also specify file types and add them to the list.
 You can remove file types as needed.

 Blacklist - Block  If you select this

uploading of the  Users can upload files of the type that is not listed in the Blacklist.
listed file types
 Users can upload files of any type for which Filr cannot detect the file
type.
 Users cannot upload archive and compressed files that are not
blacklisted if the first-level folder within the archive and compressed file
contains at least one blacklisted file. The supported archive and
compressed files include 7z, ar, arj, cpio, dump, tar and zip.
For example: If the Black list includes PDF but not ZIP, users cannot
upload a ZIP file that contains a PDF file in the first-level folder.

 Blacklists are empty by default.

 You can add file types as needed.
 The Add dialog provides some examples of the supported file types
based on the category of files such as Document and Media. You can
choose to add other file types.
 You can also specify file types and add them to the list.
 To remove file types, select the file types you want to remove and click
Delete.

Apply button  Click this to save your changes.

106 Managing Uploading of Files

Field, Option, or Button Information and/or Action

Close button  Click this to return to the previous window.

Managing Uploading of Files 107

108 Managing Uploading of Files
19 Search and Lucene Indexing
19

Indexing is key to all access within Filr, including files and folders, searching on content, and even
users and groups.
For more information, see “Filr Search Appliance—Accessibility, and Searchability” in Filr:
Understanding How Filr Works
This section covers the following:
 “Managing Filrsearch Configuration Settings” on page 109
 “Managing the Lucene Index” on page 111
 “Managing Search Nodes” on page 112
 “Memcached (Search Index Appliance Only)” on page 113

Managing Filrsearch Configuration Settings

For more information, see “Filr Search Appliance—Accessibility, and Searchability” in Filr:
Understanding How Filr Works
Path: Port 9443 Filr Appliance Console > Configuration Icon > Search Appliance

Table 19-1 Using the Search Appliance dialog

Field, Option, or Button Information and/or Action

Configuration Type: The options that follow depend on the configuration type selected, as shown
below.

 Local  This is the default configuration type for a small Filr deployment, wherein the
Lucene search index, the PostgreSQL database, and the Filr software are
running on the same virtual machine.
 Host Name: local host indicates that the indexing process is running on
the same appliance and the Filr process.
 RMI Port: 1199 is the port used and cannot be changed.

Search and Lucene Indexing 109

Field, Option, or Button Information and/or Action

 Server  This option is for when only one Lucene search index is running as a stand-
alone appliance.

This is not a best practice configuration.

 Host Name: The DNS host name of the stand-alone search appliance.
This is set at install time.
 RMI Port: 1199 is the default and Micro Focus does not recommend
changing this.
 Lucene User Name: The default name is lucene service but you
can type a different name as long as you use the same name throughout
your deployment.
 Lucene User Password: The password for the Lucene user.

 High Availability  Select this when two Lucene search indexes are running as stand-alone
appliances.

This is the best practice configuration.

 Lucene User Name: The default name is lucene service but you
can type a different name in the User Name field as long as you use the
same name throughout your deployment.
 Lucene User Password: The password for the Lucene user.

NOTE: The following options apply to only High Availability configurations.

 Add button  Click this to open the New Search Node dialog.

 Remove button  Select a listed Filrsearch appliance by clicking in the white space of its row.

Then click Remove to remove the appliance.

New Search Node

 Name  Specify a name for the Lucene search index appliance you are adding.

You must specify the same name on each Filr appliance in the cluster. For
example, if from one Filr appliance you specify filrsearch_index1 for
this appliance, then you must specify filrsearch1_index1) on each of
the Filr appliances in the cluster.

 Description  Specify a short description for the Lucene appliance.

 Host Name  Specify the DNS host name or IP address of the Filrsearch appliance you are
adding.

 RMI Port  1199 (informational only).

(See Remote Method Invocation (http://java.sun.com/javase/technologies/

core/basic/rmi/index.jsp).)

Filrsearch List

 Name  You can click this to open the New Search Node dialog.

 Host Name  1199 (informational only).

110 Search and Lucene Indexing

Field, Option, or Button Information and/or Action

 RMI Port  1199 (informational only).

OK button  To save your changes, click this, then click Reconfigure Filr Server.

This stops and restarts your Filr server. Because this results in server
downtime, you should restart the server at off-peak hours.

Cancel button  Click this to cancel the changes you have made.

Managing the Lucene Index

The Lucene index provides access to all data in your Micro Focus Filr site, including objects, such as
users, groups, files and folders, and file contents where content indexing is enabled.
For more information, see “Filr Search Appliance—Accessibility, and Searchability” in Filr:
Understanding How Filr Works
Path: Port 8443 Filr Admin Console > Search Index > Index

Table 19-2 Using the Search Index page

Field, Option, or Button Information and/or Action

Manage Search Index Use the options under this tab if users report that they can’t find information or
tab people that they know should be available in Filr. Chances are good that the index
has become damaged or out-of-date for some reason.

This is not a good option to correct slow performance. Re-indexing takes much
longer and requires more resources than optimization (available in the Optimize
Search Index tab).

For more information, see “Rebuilding the Lucene Index” in the Filr 4.2:
Maintenance Best Practices Guide.

 Re-Index  Use this option to rebuild all of the indexes for your entire site.
Everything  Keep in mind that no one will be able to access any of the files, folders, users,
groups, etc. until a corresponding synchronization process has taken place
and the metadata index for the items is re-created.
 Depending on the size of your Filr site, this can be a very time-consuming
process.

 Select the Places to  If you know that there are problems with specific portion of the site, you can
Be Re-Indexed: choose to reindex only those portions.

 Select the Nodes to  You can choose which of the appliances to apply the reindexing to.
Apply Re-Indexing  Micro Focus recommends setting one of the nodes to write-only and
to: reindexing only the other node. (See “Managing Search Nodes” on
page 112.)

Search and Lucene Indexing 111

Field, Option, or Button Information and/or Action

Optimize Search Index Use the options under this tab if you notice that search performance in Micro
tab Focus Filr is becoming slower over time.

As a rule of thumb, you should run the optimization once a week during off hours
or on weekends when the Filr system is not being heavily used.

IMPORTANT: For optimization to run, there must be at least 51% free disk space
on the Lucene search index appliance.

Optimizing the Lucene index does not repair a damaged or out-of-date index. You
must use the Manage Search Index tab in those cases.

 Optimizing the  You can either choose to run the optimization immediately, or schedule it
Search Index during off hours or on weekends as the options indicate.
 Run
Immediately
 Run at
Scheduled
Time

 Exclude File Types Use the options under this tab to specify the type (extension) of files that should
not be indexed.

Managing Search Nodes

This dialog lets you control access to the Filrsearch appliances (search nodes) and is integral to
certain index maintenance operations.
For example, you can take one Lucene node out of service for maintenance while other Lucene
nodes continue to operate. Then you can synchronize the out-of-date Lucene node with the current
indexing data.
For more information, see “Search Index Maintenance” in Filr 4.2: Maintenance Best Practices Guide
Path: Port 8443 Filr Admin Console > Search Index > Nodes

Table 19-3 Using the Search Nodes dialog

Field, Option, or Button Information and/or Action

 Node information  This is informational only.

 IP_address
 Host:
 RMI Port:

112 Search and Lucene Indexing

Field, Option, or Button Information and/or Action

 User Mode Access:  Read and Write: This is the normal operating mode and allows the Filr
system to both retrieve information from the index and modify the index.
 Write Only: Select this if you are performing a re-index on the search index
node.
 No Access: Selecting this option ensures that no data is written to the index
while maintenance is being performed, such as upgrading the appliances or
adding more disk space or memory

 Enable Deferred  Do not deselect this unless instructed to do so by a support technician as part
Update Log of resolving an incident report.

Memcached (Search Index Appliance Only)

Memcached is a high-performance, distributed memory object caching system used by a number of
large Internet sites such as Wikipedia, Flickr, Twitter, and Youtube, as well as enterprise systems.
Memcached is not designed for authentication and is protected only by firewalls and similar
mechanisms.

IMPORTANT: To secure Memcached, it is strongly recommended to deploy the Search appliance

behind the firewall.

For more information, see “Securing Memcached” on page 117.

Advantages for Using Memcached

Memcached offers the following advantages over other caching systems:
 Better utilization of memory resources from the server farm.

No replication (and therefore no overhead involved in replication). This results in a reduction of

60 or more threads per node in a two-node cluster.
The number of servers and the size of data scale together.
 Scales out much better than replication-based cluster cache.

Managing Memcached
Path: Port 9443 Appliance Console > Memcached icon

Search and Lucene Indexing 113

Table 19-4 Managing Memcached

Field, Option, or Button Information and/or Action

 Listen Interface:  The URL that Memcached listens on.

 Number of  The number of threads to use when processing incoming requests.

Threads:

 Max Memory:  Max memory that can be used by Memcached.

 Max Simultaneous  Specify the number of network connections that can be handled by
Connections: memcached simultaneously.

114 Search and Lucene Indexing

20 Security
20

Enterprise data is a critical resource that must be protected from unauthorized access,
eavesdropping, corruption, unintended modification, or Trojan horses.
Generating, storing, and protecting enterprise data requires significant investments in time, money,
and other resources.
Filr is designed to enhance an organization’s ability to use and leverage its data. It has been carefully
engineered to guard against exposing data to additional vulnerabilities.
 “Certificates” on page 115
 “Firewall Configuration” on page 116
 “Password Security (Local and External Users)” on page 116
 “Securing Memcached” on page 117
 “User Visibility” on page 117
 “Viewing, Wiping, and Disconnecting Registered Clients” on page 118
 “WebDAV Authentication Configuration Settings” on page 118

Certificates
For certificate-maintenance procedures associated with this dialog, see Certificate Maintenance in
the Filr 4.2: Maintenance Best Practices Guide
Path: Port 9443 Appliance Console > Digital Certificates icon

Table 20-1 Using the Digital Certificates Page

Field, Option, or Button Information and/or Action

Certificates in the Selected Key Store

 Key Store drop-  Use this drop-down list to filter whether JVM or Web Application Certificates
down are listed.

 File drop-down  This drop-down list lets you create a new key pair, import a trusted certificate
or key pair, export a certificate you have selected in the list, or generate a CSR
for a web application you have selected.

 Edit drop-down  This exposes the option to delete a certificate you have selected.

 View Info  This lets you view the information for a selected certificate

 Reload  This lets you reload a selected certificate.

Security 115
Firewall Configuration
Path: Port 9443 Appliance Console > Firewall icon

Table 20-2 Using the Firewall Details page

Field, Option, or Button Information and/or Action

Firewall Details This page is only informational, not editable.

It lists the port numbers that Filr expects to use on your network and the current
status of each port.

Password Security (Local and External Users)

You can require that user passwords to the Filr site meet certain criteria by enabling password
complexity checking. Only locally created users and external users are affected by this setting; users
whose accounts are synchronized to Filr via LDAP are not affected.
Users’ existing passwords are not forced to comply with the password policy; only when a user
changes his or her password is the password policy put into effect.
Path Port 8443 Filr Admin Console > System > Password Policy

Table 20-3 Using the Configure Password Policy dialog

Field, Option, or Button Information and/or Action

Password complexity
changing requires that
passwords:

 Enable Password  When this is enabled, Filr requires that passwords:

Complexity  Are at least 8 characters in length
Checking for Local
and External Users  Do not contain the user’s first name, last name, or user ID (these
restrictions are not case-sensitive)
 Contain at least 3 of the following:
 A lower-case character
 An upper-case character
 A number
 One of the following symbols: ~ @ # $ % ^ & * ( ) - + {
} [ ] | \ ? / , . < >

116 Security
Securing Memcached
Memcached is a high-performance, distributed memory object caching system used by a number of
large Internet sites such as Wikipedia, Flickr, Twitter, and Youtube, as well as enterprise systems.
Memcached is not designed for authentication and is protected only by firewalls and similar
mechanisms.
The Search appliance runs the Memcached service to enable clustering. To secure Memcached, it is
strongly recommended to deploy the Search appliance behind the firewall. Memcached service uses
port 11211 and the firewall must allow this port for communication. For more information, see Ports
Used in Filr Deployments in the Filr: Understanding How Filr Works.
For more information about Memcached, see Memcached (http://memcached.org/).

User Visibility
By default, each Filr user can see all other Filr users on the Filr site.
In a large organization it can be daunting for users to sort through a long list of people they don’t
work with to find those in their groups or on their teams.
Filr lets you restrict the users that appear in sharing dialogs and so on, to only those within groups to
which a user belongs.
For a detailed explanation of Filr’s User Visibility feature, see “Key Points About User Visibility in Filr”
in Filr: Understanding How Filr Works.
Path: Port 8443 Filr Admin Console: Management > Limit User Visibility

Table 20-4 Using the Limit User Visibility dialog

Field, Option, or Button Information and/or Action

 Add Limitation  Click this, begin typing, select a listed user or group to limit them to seeing
only other members of the groups they belong to.

 Add Override  Click this, begin typing, select a listed user or group to enable them to see
everyone.

 Remove Visibility  Select a user or group and click this to remove them from the list.
Settings

 Filter List  Type a string within the user or group names to filter the displayed list to only
those containing the string.

 Gear icon  Select this to change the column sizes.

 Limited Visibility  Select the box next to the option to activate the visibility limitations for all
On listed users and groups.

Or
 Select the users and groups you want to be affected by their limitations.

Security 117
Viewing, Wiping, and Disconnecting Registered Clients
Filr lets you manage registered client devices from the Filr Administration Console.
You can remove devices from the registration list and schedule the removal (wiping) of all Filr data
from the device the next time the user logs in.
For more detail, refer to the descriptions of dialog buttons, fields, and so on in Table 20-5.
Path: Port 8443 Filr Admin Console > Management > Registered Clients

Table 20-5 Using the Registered Clients dialog

Field, Option, or Button Information and/or Action

Registered Clients - System Wide

 Delete button  Click this to remove a device from the list.

This doesn’t affect the device, only its registration status with Filr.

The device is re-registered if the user logs in again.

 Wipe drop-down  Schedule Devices to be Wiped: If you select this, then the next time the user
logs in to the device, the user password and all online and available-offline
files are removed from the device, although the folder structure remains the
same. The Filr application then exits, but it is not uninstalled or removed
from the device.
 Clear Scheduled Wipe from Devices: This removes the scheduled wipe and
no information is removed the next time the user logs in to the device.

 Device Name  The name given to the device by the device owner.

 OS Version  The operating system on the device.

 Client  The version of the Filr application that is installed on the registered device.

 User  The name of the Filr user who logged in from the listed device.

 Last Login  The date and time when the device was last used to log in to the Filr system.

 Wipe Scheduled  This indicates whether a wipe has been scheduled to occur so that all Filr
data is removed from the device the next time the user logs in from it.

 Last Wipe  The last time Filr data was wiped from the device.

 Filter List  Filter the displayed list by typing a string found in any of the rows. For
example, you could type “7” to see a list of Windows 7 registered clients.

 Gear icon  Click this to access the Edit Column Sizes dialog.

WebDAV Authentication Configuration Settings

Path: Port 9443 Appliance Console > Configuration icon > WebDAV Authentication

118 Security
Table 20-6 The WebDAV Authentication dialog

Field, Option, or Button Information and/or Action

 WebDAV  You should only change this if there is a specific reason for doing so.
authentication
method: Basic Authentication: Encodes the user name and password with the Base64
algorithm and if used, should be combined with SSL/TLS (HTTPS). It is unsafe
if transmitted over HTTP.

Do not select Basic authentication unless there is a specific reason for doing
so.

Digest Authentication (Default): Applies MD5 cryptographic, one-way

hashing with nonce values to a password before sending it over the network.
This option is safer than Basic authentication when used over HTTP.

Always select this type of authentication when client users are using
Windows 7 as their operating system and Microsoft Office as their text editor.
 If you change the method, click OK, then click Reconfigure Filr Server.

Micro Focus Filr uses the WebDAV protocol for “Edit with Application” interaction with tools such as
OpenOffice and Microsoft Office.

IMPORTANT: Windows 7 users as the client operating system, various issues can be introduced
because of WebDAV limitations in Windows 7. If your Filr users are using the Windows 7 operating
system, see “WebDAV Support” in the Filr 4.2: Maintenance Best Practices Guide.

Security 119
120 Security
21 Sharing
21

The following sections cover the main administrative controls for sharing in Filr.
 “Managing Shared Items” on page 121
 “Managing Sharing, License Terms, and Comments” on page 122

Managing Shared Items

Use this dialog to manage the share settings for all shared files and folders.
Path: Port 8443 Filr Admin Console > Management > Shares

Table 21-1 Using the Shares dialog

Field, Option, or Button Information and/or Action

Manage Shares

Find share items by:  Use this to filter the list of shares by one of the options below.
drop-down list

 User  Begin typing the name of a user in the User field, then select the user name
when it appears in the drop-down list. All active shares from that user are
displayed in the table.

 File  Begin typing the name of a file in the File field, then select the file name
when it appears in the drop-down list. All active shares associated with that
file are displayed in the table.

 Folder  Begin typing the name of a folder in the Folder field, then select the folder
name when it appears in the drop-down list.
 Or click the Browse icon next to the Folder field and browse to the folder. All
active shares associated with that folder are displayed in the table.

 Find all shares  Select this to display all active shares in the Filr system.

Shared With sub-section  This section lists all of the shared items and who has access to them.
 You can also use the checkbox next to this label to select all of the listed
shares.
After the shares are selected, you can modify the shared-access rights.

 Delete button  Use this to remove any of the listed shares from the list. Only the share is
removed, shared items themselves are not affected.

 Access Rights  After selecting a shared item, you can decrease the granted access rights or
increase them within the limits available to the user who shared the item.

 Allow re-share  You can adjust the re-share privileges within the limits available to the user
with who shared the item.

Sharing 121
Field, Option, or Button Information and/or Action

 Expires  The default share expiry is set to 30 days. The maximum value you can set is
9999 days.

You can adjust the expiration so that the share never expires, expires on a
certain date, or expires after a specified number of days.

 Note:  You can include a note about the changes you have made. This will then be
distributed according to the option that you select for the Notify option.

 Notify:  You can choose among four notification options:

 All recipients: An email that includes your note is sent to all of those
with the share.
 Only newly added recipients: An email that includes your note is sent
to newly added recipients.
 New and modified recipients: An email that includes your note is sent
to all newly added recipients and those whose privileges have changed.
 None: No email is sent.

 Share Access  Click Share Access Report to view the share access details of the sharee.
Report
The Access report displays the following information:
 User: Name of the user who has accessed the share
 IP Address: The IP address of the device that was used to access the
share
 First Access Time: The date and time when the share was first accessed.
No information is received when the share is accessed again.
 Group: If the user has shared to a group, then the name of the group is
displayed that the user is part of.

The sharer receives an email notification with access details when the share
is accessed by the sharee. A report is generated per share when the following
conditions are satisfied:
 Users having Filr 4.0 Advanced Edition license
 File or folder shared with Filr 3.4 or later

OK button  Click this to save your changes and send notifications as specified.

Cancel button  Click this to cancel the changes you have made.

Managing Sharing, License Terms, and Comments

For users to be able to share files and folders in Filr, they must be enabled directly or as a group
member through this dialog.
 My Files sharing is then automatic for those listed, unless explicitly restricted.
 Net Folder sharing requires further configuration.

Path: Port 8443 Filr Admin Console > System > Share and Comment Settings

122 Sharing
Table 21-2 Using the Share and Comment Settings dialog

Field, Option, or Button Information and/or Action

Share and Comment

Settings dialog

Rights tab For a graphical explanation of the settings in this tab, see “The Rights Tab Controls
All Filr Sharing” on page 125.

 Allow all users to  If you select this option, groups that were imported from the LDAP directory
share with groups are displayed in the Share with field when users are sharing an item.
that have been
imported from All users in the LDAP group then have access to the item that was shared.
LDAP

 User or Group: IMPORTANT: For users or groups to share items in Filr, they must be listed here.

 Begin typing a user or group name and then select it in the list. The Grant
Share Rights dialog displays.

 User/Group List  This lists the users and groups that are granted rights to share files and
 Name folders in Filr.

 Rights  Users that are listed individually and also as members of groups have all of
the rights that are granted in their applicable listings.
 Type

Grant Share Rights dialog

 Re-share items  When users share a file or folder, they can give the users they are sharing
with the ability to re-share the file or folder.

IMPORTANT: Exercise caution here because even a user's access rights to an

item are removed, that does not remove the access rights of the user with
whom the item was re-shared.

 Share with internal  Lets users share items with internal users.
users

 Share with “All  Lets users perform a mass share to all internal users by sharing with the All
Internal Users” Internal Users group.
group

 Share with  Lets users share items with users external to the organization through the
External Users external users’ email addresses.
 Email notifications include a link to the shared item. Users can then log in to
the Filr site and self provision.

 Share with the  Lets users make items publicly available. Anyone with the URL to the Filr site
Public can access the Public folder and see the item along with everything else in
the folder.

Public access requires that you enable Guest access to the Filr site. For
information about how to enable Guest access to the Filr site, see “Web
Browser Access—Default Settings” on page 24

Sharing 123
Field, Option, or Button Information and/or Action

 Share using File  Lets users share a link to a file in Filr.

Link
Any user with the link can then access the file.

The file is not displayed in the Public area, so users must have direct access to
the link in order to access the file.

Users can share a link of the Filr file even with email addresses that are listed
in the Blacklist field.

Whitelist / Blacklist tab

Mode

 No restrictions  Lists are ignored and users can share with any email address.

 Whitelist  Allows sharing only with email addresses and domains that have been
specified in the Email addresses and Domains fields.

 Blacklist  Disallows sharing with any email addresses and domains that have been
specified in the Email addresses and Domains fields.
 Users with Share using File Link rights can share links of Filr files even with
email addresses listed in the Blacklist field.

 Email addresses list  Use the Add and Delete buttons to add and remove email addresses from the
list.

 Domains list  Use the Add and Delete buttons to add and remove domains (such as
yahoo.com) from the list.

 Delete shares that  Select this option to delete all existing shares in the Filr system that do not
don’t meet the match the criteria you set.
criteria
For example, if you selected Blacklist and then specified yahoo.com in the
Domains field, selecting this option would delete all Filr shares made to
Yahoo email addresses.

External Users Licensing

Terms tab

 Display Terms and  Enable this tab so that the external users who access the Filr site after
Conditions receiving an email invitation accept the terms and conditions that you
specify in the field provided before being granted access.

The text entered here must be HTML formatted in order to display correctly.

IMPORTANT: This does not apply to Guest (Public) access.

Comment Settings tab

 Allow Commenting  Disabling this option prevents all users from logging comments in Filr.
on Files  You can also disable commenting for only Guest (Public) users. See “Guest
access is read only” on page 25.

OK button  Click this to save your changes.

Cancel button  Click this to cancel the changes you have made.

124 Sharing
Field, Option, or Button Information and/or Action

File Request Settings

tab

 Allow users to  Allows you to request files from other users. The user to whom you send the
request for files file request receives an email with an upload request link pointing to the
location where you want the file to be uploaded.

OK button  Click this to save your changes.

Cancel button  Click this to cancel the changes you have made.

The Rights Tab Controls All Filr Sharing

To use Filr sharing, users must listed here, either individually or as a member of a group.

2. Begin typing a user or group name.

3. Select a name to add it to the list.

1. Select this option
to let Filr users
share with all
LDAP-imported
groups.

4. Specify the maximum Filr sharing rights

for the user or group.
5. Repeat from Step 2 until You cannot grant rights elsewhere
all users who need to share that aren’t granted here.
have been granted sharing rights. For example, Black Knight will not be
allowed to reshare items that have been
shared with him unless that right is added here.

Sharing 125
126 Sharing
22 SQL Database Connection
2

Filr uses the SQL database for storing file and folder, and user and group metadata. You can change
any of the fields in this dialog to match corresponding changes to the database server.
Path: Port 9443 Appliance Console > Configuration icon > Database

Table 22-1 Using the Database Connection dialog

Field, Option, or Button Information and/or Action

Database Connection
dialog

 Database Type:  Select the appropriate option for the database server.
 MySQL or PostgreSQL: Select PostgreSQL
 Microsoft SQL Server: Select MS SQL Server

 Host Name or IP  The DNS host name or IP address of your SQL server.
Address:

 Port:  The port used for communications with Filr.

The standard port for the database type is automatically selected.

 User Name:  The user id that Filr uses to log in to the database server.

 User Password:  The password for the User Name.

 Encrypt Database  Select this option to encrypt data communication from the Filr server to the
Communication: database server.

OK button  Click this to save your changes. Then click Reconfigure Filr Server so that the
changes are used by Filr.

Cancel button  Click this to cancel the changes you have made.

SQL Database Connection 127

128 SQL Database Connection
23 Storage Management
23

 “Expanding Storage” on page 129

Expanding Storage
Path: Port 9443 Appliance Console > Storage icon

Table 23-1 Using the Storage Expansion dialog

Field, Option, or Button Information and/or Action

Prerequisite  Storage expansion requires unallocated free disk space associated with the /
vastorage and/or /var partitions.
 Use the tools and processes provided by your hypervisor vendor to expand
the virtual disks that contain the partitions you want to expand.
 Restart the appliance so that the operating system can detect the disks that
have been expanded.

Appliance Disks Containing Unallocated Free Space: If no disks are listed, nothing is available to be
expanded.

Expand partitions  After selecting the devices you want to expand, click this option.

Appliance services are stopped, the selected partitions are expanded to the
size of their respective disks, and appliance services are restarted.
 Restart the appliance again so that the management software detects that
the unallocated disk space has been used.

Storage Management 129

130 Storage Management
24 Support Files and Online Updates
24

 “Managing Field Test Patches” on page 131

 “Managing Online Updates” on page 131
 “Submitting Configuration Files to Micro Focus Support” on page 133

Managing Field Test Patches

You can manage field test patches for the Filr appliance directly from the appliance. You can install
new patches, view currently installed patches, and uninstall patches.
Path: Port 9443 Appliance Console Field Patch icon

Table 24-1 Using the Field Patch dialog

Field, Option, or Button Information and/or Action

Field Test Patch

Install a Downloaded
Patch sub-section

 Path to Field Patch:  Use the Browse button to navigate to a downloaded patch, then click Install
to apply the patch.

Manage Installed  This lists all of the patches that are currently installed, when they were
Patches sub-section installed, and information about the patch as supplied by Micro Focus.

 Uninstall Latest  Patches must be uninstalled in reverse order and only the latest patch can be
Patch button uninstalled.
 Select the latest installed patch, then click this button and confirm that you
want the patch uninstalled.

 Download Log File  Click this to download the log file that tracks patch installations.
button

Managing Online Updates

Path: Port 9443 Appliance Console > Online Update icon

Support Files and Online Updates 131

Table 24-2 Using the Online Update dialog

Field, Option, or Button Information and/or Action

Online Update  This is the dialog title and it also shows which Schedule option is selected
(Automatic Update (represented by X).
Schedule: X)

Register Online Update  This dialog appears whenever the appliance is not registered with an update
Service dialog service. For example, the first time Online Update icon is clicked or when a
service has been de-registered.
 You must register the appliance for it to receive online updates.

 Service Type:  Select the service type that the appliance will use to obtain online updates: a
local Subscription Management Tool (SMT) or the Micro Focus Customer
Center

 Local SMT This is a server from where you can download the software updates and
automatically install them to update the product.

 Hostname: The hostname of the server from where you want the appliance
to download software updates.
 SSL cert URL (optional): The path to the SSL certificate for encrypting
communications with the server.
 Namespace path (optional): To enable the client to use the staging group,
specify a value. Do not specify any value if you want to use the default
production repositories.

 Micro Focus  Email: Your email address for registering the appliance to receive updates.
Customer Center  Activation Key: This displays in your NCC Portal in the same dialog as your
product license.
 Allow Data send: Select from the following options if you want to share
information with the Micro Focus Customer Center:
 Hardware Profile: Shares the hardware information.
 Optional Information: Shares information such as host type, product
version, release, architecture, timezone, and processor.

Update service: X  After you register the appliance for an update service, the service name
appears in this field (represented by X).

 Patches drop-down  Needed Patches: Selecting this option lists that patches that will be installed
during the next manual or automatic update.
 Installed Patches: Selecting this option lists all patches that have been
previously installed.

132 Support Files and Online Updates

Field, Option, or Button Information and/or Action

 Schedule drop-  Click this to set a schedule for when the appliance will download updates.
down  If you select Manual, the appliance immediately downloads all available
patches.
 If you select Daily, Weekly, or Monthly, you must then choose to apply
either All Needed Patches or Security Patches Only.
 For interactive patches, you must select the Automatically agree with all
license agreements and Automatically install all interactive patches options.

Update Now tab  This is selectable only when the Patches drop-down is set to Needed Patches.
 After clicking the option, you must choose to apply either All Needed
Patches or Security Patches Only.
 For interactive patches, you must select the Automatically agree with all
license agreements and Automatically install all interactive patches options.

View Info tab  Clicking this displays information such as a brief summary of the patch and
the bug fixes in the patch.

Register tab  Clicking this displays the appliance’s registration status, and an option to
Deregister the appliance.
 If you deregister the appliance, the Register Online Update Service dialog
reappears.

Refresh tab  Clicking this refreshes the status of updates on the Appliance.

Submitting Configuration Files to Micro Focus Support

Sometimes Micro Focus Support needs to review your appliance’s system configuration when
processing a service request. This dialog facilitates the process and saves you time.
Path: Port 9443 Appliance Console > Support icon

Table 24-3 Using the Support dialog

Field, Option, or Button Information and/or Action

Support

Automatically send the  With this option selected, you can FTP your configuration to Micro Focus
configuration to Micro Support and include the Service Request Number if desired.
Focus using FTP.  The configuration is sent when you click OK and confirm your selection.

Download and save the  With this option selected, the configuration is downloaded when you click
configuration file locally, OK and confirm your selection.
then sent it to Micro  You must then send the file to Micro Focus through email or some other
Focus manually. arrangement.

OK or Cancel  Click OK to send or download the file, or click Cancel to exit.

Support Files and Online Updates 133

134 Support Files and Online Updates
25 Changing System Services Configurations
25

 “Managing System Services” on page 135

 “Shutting Down and Restarting the Micro Focus Appliance” on page 136

Managing System Services

Path: Port 9443 Appliance Console > System Services icon

Table 25-1 Using the System Services dialog

Field, Option, or Button Information and/or Action

Available System Services: This varies by appliance type as listed below this table.

 Action drop-down  Use this to start, stop, or restart the selected service.

Before doing any of these, make sure you understand how your action will
affect the appliance.

 Options drop-down  Use this to set the selected service to start automatically or require a manual
start.

 Refresh List  Click this if the information displayed is outdated.

Filr Appliance
 SSH: This is the SSH service that is running on the appliance.
 Novell Filr: This is the Filr service that is running on the appliance. Click Download to access the
appserver.log and catalina.out files.
 Jetty: This is the Jetty service that is running on the appliance. Click Download to access the
jetty.stderrout.out file.
 Postfix: This is the Postfix SMTP outbound mail server. This allows email to be sent from the Filr
site, as described in “Enabling Notifications” on page 95. Click Download to access the mail file.
 Novell FAMT: This is the Micro Focus FAMT service that allows communication between Filr and
the external OES, Windows, or NetWare file system. Click Download to access the famtd.log
file.
 PostgreSQL: This is the PostgreSQL service that is running on the appliance. Click Download to
access the postgresql.log file.
The PostgreSQL service runs on the Filr appliance in a small deployment, and on the PostgreSQL
appliance in a large deployment.

Lucene Search Index Appliance

 SSH: This is the SSH service that is running on the appliance.

Changing System Services Configurations 135

 Jetty: This is the Jetty service that is running on the appliance. Click Download to access the
jetty.stderrout.out file.
 Search: Click Download to access the indexserver.log file
 Memcached: Click Download to access the jetty.stderrout.out file.

PostgreSQL Database Appliance

 SSH: This is the SSH service that is running on the appliance.
 PostgreSQL: This is the PostgreSQL service that is running on the appliance. Click Download to
access the postgresql.log file.

Shutting Down and Restarting the Micro Focus Appliance

Path: Port 9443 Appliance Console > Reboot or > Shutdown
 Reboot: Use this if you need to restart the Micro Focus appliance after performing
maintenance.
 Shutdown: To ensure that appliance processes are properly terminated, you should always use
this when you need to shutdown a Micro Focus appliance.
Using the hypervisor’s management features to power down or restart an appliance can result
in system corruption.

136 Changing System Services Configurations

26 Time and Locale
26

 “Changing the Appliance’s NTP Configuration” on page 137

 “Setting a Default Time and Locale for Non-LDAP and External Users” on page 137

Changing the Appliance’s NTP Configuration

This dialog lets you adjust the NTP configuration settings that were established when the appliance
was deployed.
Path: Port 9443 Appliance Console > Time icon

Table 26-1 Using the Time dialog

Field, Option, or Button Information and/or Action

 NTP Servers:  Type a new default NTP server.

 Region:  Click the drop-down list and select a region for the appliance.

 Time Zone:  Click the drop-down list and select a time zone for the appliance.

 Hardware clock set  Use this option to change the hardware clock setting.
to UTC

Setting a Default Time and Locale for Non-LDAP and

External Users
NOTE: You specify the default locale and time zone for LDAP users when you configure LDAP
synchronization.

On the other hand, when you create non-LDAP internal users and when external users self-provision,
Filr assigns English (US) as the default locale and Greenwich Mean Time (GMT) as the default
time zone.
This dialog lets you change the non-LDAP internal user and external user defaults.
Path: Port 8443 Filr Admin Console > Management > Default User Settings

Time and Locale 137

Table 26-2 Using the Default User Settings dialog

Field, Option, or Button Information and/or Action

Section: Settings for new internal (non-LDAP) users:

 Time Zone:  Use the drop-down list to select a default time zone for Filr to assign when
you create Internal, non-LDAP users.

 Locale:  Use the drop-down list to select a default locale for Filr to assign when you
create Internal, non-LDAP users.

Section: Settings for new external users:

 Time Zone:  Use the drop-down list to select a default time zone for Filr to assign when
external users self-provision to Filr.

 Locale:  Use the drop-down list to select a default locale for Filr to assign when
external users self-provision to Filr.

OK or Cancel  Click OK to apply the settings you have specified and exit this dialog, or
Cancel to discard your changes and exit.

138 Time and Locale

27 UI Controls and Customizations
27

 “Email Notification Template Customization” on page 139

 “Branding the Web Client” on page 139
 “Branding the Desktop Apps (Advanced-Edition License Only)” on page 141
 “Branding the Mobile Apps (Advanced-Edition License Only)” on page 142
 “UI Language” on page 144
 “Name Completion Settings—Managing How Group Names Display in Drop-Down Lists” on
page 145
 “Add Custom Templates to Filr” on page 146

Email Notification Template Customization

You can customize the email notifications that Filr generates as part of your branding efforts, to
provide localized messages, to comply with organizational policies, and so on.
For more information about the templates, see “Notification (Email) Customization” in the Filr 4.2:
Maintenance Best Practices Guide and “Email Template Customization—A Video Walkthrough” in
Filr 4.2: Maintenance Best Practices Guide.
Path: Port 8443 Filr Admin Console > System > Email Templates

Table 27-1 Using the Manage Email Templates dialog

Field, Option, or Button Information and/or Action

 Delete button  This button is activated when you select a template in the list that has been
customized.
 Use it to delete a customized template that you have uploaded to Filr by
using the Add Files button.
Removing a customized template causes Filr to revert to using the default
template that ships with Filr.

 Add Files button  Use this to upload a customized template file to the Filr system.

 Name  The names of the email templates that Filr uses.

 Type  This indicates whether Filr is using a customized or default template.

 Gear icon  This lets you adjust column sizes on this page.

Branding the Web Client

As the built-in Port 8443 administrator, you can brand your Filr web client to match your
organization’s brand.

UI Controls and Customizations 139

IMPORTANT: Direct Port 8443 administrators do not have rights to administer branding.

You can brand the Filr web client to match your organization’s brand. You can brand the FIlr page
with company-specific name, logo, and background image.
Images must be uploaded to Filr before they can be used for branding. You can upload them using
Company Name, Company Logo and Background Image option.

NOTE: On upgrading to Filr 4.2, ensure to reapply the Custom branding changes else the branding
changes are lost and it defaults to Micro Focus branding.

Path: Port 8443 Filr Admin Console > System > Custom Branding > Web Client Branding

Table 27-2 Using the Web Client Branding

Field, Option, or Button Information and/or Action

 Enable Web Client Branding Select to enable company-specific branding.

 Company Name The name can include maximum 60 characters. It is displayed on the Filr
Login page. To specify title in multiple lines, use <br> tag. For example:
Micro Focus<br>Filr.

 Company Logo The logo appears on all the web interfaces except the Content Editor. The
logo and the title will appear on the Follow Notification emails.

Supported formats: jpeg, jpg, gif, png, apng, svg, bmp, and ico.

Recommended resolution: 164px X 164px (square shaped image).

 Browse button

Click this to choose the logo file.

 Apply button
Click this to apply the logo.
If you choose to apply a different branding file without remove the
existing branding, then a dialog prompts you that the existing
branding file will be overwritten. Click Yes to overwrite the
branding file or click No to retain the existing branding.
 Remove Current Branding button
To remove an existing branding for the web client, click the Remove
Current Branding option.

140 UI Controls and Customizations

Field, Option, or Button Information and/or Action

 Background Image The background image appears on the Login page, External User Self
Registration page, Rest Password page, and File Request page.

Supported Formats: jpeg, jpg, gif, png, apng, svg, bmp, and
ico.

Recommended Resolution:

Length: From 1000px to 1920px

Height: 1080px

 Browse button

Click this to choose the image file.

 Apply button
Click this to apply the image.
If you choose to apply a different branding file without remove the
existing branding, then a dialog prompts you that the existing
branding file will be overwritten. Click Yes to overwrite the
branding file or click No to retain the existing branding.
 Remove Current Branding button
To remove an existing branding for the web client, click the Remove
Current Branding option.

OK or Cancel  Click OK to apply your changes, or Cancel to discard them.

Canceling doesn’t remove uploaded image files.

Branding the Desktop Apps (Advanced-Edition License

Only)
As the built-in Port 8443 administrator, you can brand your Filr desktop client to match your
organization’s brand.

IMPORTANT: Direct Port 8443 administrators do not have rights to administer branding.

To customize desktop application branding, you must first create a branding file and then upload the
file to the Filr server.
Path: Port 8443 Filr Admin Console > System > Custom Branding > Desktop Site Branding

UI Controls and Customizations 141

Table 27-3 Using the Desktop App Branding dialog

Field, Option, or Button Information and/or Action

 Mac Branding File IMPORTANT: You must first create a .zip branding file for your Mac desktops as
outlined in “Desktop Branding Files” in the Filr 4.2: Maintenance Best Practices
Guide.

 Choose File button

Click this to choose the .zip file that you created for your Mac workstations as
mentioned above.
 Apply button
Click this to apply the branding .zip file you have created.
If you choose to apply a different branding file without remove the existing
branding, then a dialog prompts you that the existing branding file will be
overwritten. Click Yes to overwrite the branding file or click No to retain the
existing branding.
 Remove Current Branding button
To remove an existing branding for the Mac desktop application, click the
Remove Current Branding option.

 Windows Branding IMPORTANT: You must first create a .zip branding file for your Windows desktops
File as outlined in “Desktop Branding Files” in the Filr 4.2: Maintenance Best Practices
Guide.

 Choose File button

Click this to choose the .zip file that you created for your Windows
workstations as mentioned above.
 Apply button
Click this to apply the branding .zip file you have created.
If you choose to apply a different branding file without remove the existing
branding, then a dialog prompts you that the existing branding file will be
overwritten. Click Yes to overwrite the branding file or click No to retain the
existing branding.
 Remove Current Branding button
To remove an existing branding for the Windows desktop application, click
the Remove Current Branding option.

Branding the Mobile Apps (Advanced-Edition License Only)

As the built-in Port 8443 administrator, you can brand your Filr mobile apps to match your
organization’s brand.

IMPORTANT: Direct Port 8443 administrators do not have rights to administer branding.

Path: Port 8443 Filr Admin Console > System > Custom Branding > Mobile Site Branding

142 UI Controls and Customizations

Table 27-4 Using the Mobile App Branding dialog

Field, Option, or Button Information and/or Action

 Android Branding IMPORTANT: You must first create a .zip branding file for your Android mobile
File devices desktops as outlined in “Android UI Branding” in the Filr 4.2: Maintenance
Best Practices Guide.

 Browse button

Click this to choose the .zip file that you created for your Android mobile
devices as mentioned above.
 Apply button
Click this to apply the branding .zip file you have created.
If you choose to apply a different branding file without remove the existing
branding, then a dialog prompts you that the existing branding file will be
overwritten. Click Yes to overwrite the branding file or click No to retain the
existing branding.
 Remove Current Branding button
To remove an existing branding for the Android mobile devices, click the
Remove Current Branding option.

 Windows Branding IMPORTANT: You must first create a .zip branding file for your Windows mobile
File devices as outlined in “iOS UI Branding” in the Filr 4.2: Maintenance Best Practices
Guide.

 Browse button

Click this to choose the .zip file that you created for your Windows mobile
devices as mentioned above.
 Apply button
Click this to apply the branding .zip file you have created.
If you choose to apply a different branding file without remove the existing
branding, then a dialog prompts you that the existing branding file will be
overwritten. Click Yes to overwrite the branding file or click No to retain the
existing branding.
 Remove Current Branding button
To remove an existing branding for the Windows mobile devices, click the
Remove Current Branding option.

UI Controls and Customizations 143

Field, Option, or Button Information and/or Action

 iOS Branding File IMPORTANT: You must first create a .zip branding file for your iOS mobile devices
as outlined in “iOS UI Branding” in the Filr 4.2: Maintenance Best Practices Guide.

 Browse button

Click this to choose the .zip file that you created for your iOS mobile devices
as mentioned above.
 Apply button
Click this to apply the branding .zip file you have created.
If you choose to apply a different branding file without remove the existing
branding, then a dialog prompts you that the existing branding file will be
overwritten. Click Yes to overwrite the branding file or click No to retain the
existing branding.
 Remove Current Branding button
To remove an existing branding for the iOS mobile devices, click the Remove
Current Branding option.

UI Language
For more information about UI language settings in Filr, see “Language Settings” in the Filr 4.2:
Maintenance Best Practices Guide.
Path: Port 9443 Appliance Console > Configuration icon > Default Locale

144 UI Controls and Customizations

Table 27-5 Using the Default Locale dialog

Field, Option, or Button Information and/or Action

 Default Locale:  Use this option to reset the language that you selected during the Filr
configuration process.

The following points explain more about the Default Locale setting.
 Micro Focus appliance installations run in English only.
 When you install the Filr software, you can set the primary language,
thereby establishing the UI language for text in locations where all Filr
users see it, such as in the Workspace tree.
Your choices are:
 Chinese-Simplified
 Chinese Traditional
 Czech
 Danish
 Dutch
 English
 French
 German
 Hungarian
 Italian
 Japanese
 Polish
 Portuguese
 Russian
 Spanish
 Swedish
 The language that you select or change here also establishes the default
interface language and locale for new user profiles that are imported
through LDAP.
The default language for non-LDAP and self-provisioned users is set in
the Default User Settings dialog.

Name Completion Settings—Managing How Group Names

Display in Drop-Down Lists
Filr includes a name completion (or Type-to-Find) feature that displays the names of users or groups
as you begin typing a name or string.
For example, as you share an item and begin typing in the Share with field, names of users or groups
that match what you have typed so far display so that you can select a listed item.

UI Controls and Customizations 145

To help you distinguish between multiple groups with the same name, Filr includes secondary
information.
This dialog lets you specify how group names are displayed in the drop-down list.
Path: Port 8443 Filr Admin Console > System > Name Completion Settings

Table 27-6 Using the Name Completion Settings dialog

Field, Option, or Button Information and/or Action

 Primary display  Click the drop-down list and select either

text: drop-down  Name: The name of the group as it appears in Filr.
list
Or
 Title: The title as it appears in the LDAP directory.

 Secondary display  Click the drop-down list and select either

text: drop-down  Description: The description of the group as it appears in Filr.
list
Or
 Fully Qualified DN. The Fully Qualified Domain Name as it appears in
the LDAP directory.

Add Custom Templates to Filr

By default Filr advanced edition is shipped with 7 file templates. These file templates are the
combination of Microsoft Word and Libre Office extensions (.xlsx, .docx, . pptx, . odt, .ods, .odp, and
.txt). You can add only one file template for each file type. An Administrator can add a new file
template or replace the existing default file templates with the customized template at the location
where the default file templates are saved. A maximum of 15 templates can be added and the
template name length can be up to 10 characters. The location is given below. Perform the following
steps to add a customized file template.
1 If vashare is available on the Filr server, then add the customized template or a new file
template at vashare/filr/fileTemplates. Else, you can add the template to
vastorage/filr/fileTemplates.
2 Copy the property create.file.extensions from /opt/novell/filr/apache-
tomcat/webapps/ssf/WEB-INF/classes/config/ssf.properties file to /opt/
novell/filr/apache-tomcat/webapps/ssf/WEB-INF/classes/config/ssf-
ext.properties file along with existing extensions and add the new file template
extension in create.file.extensions property of ssf-ext.properties file
3 Restart the Filr server for the custom templates to appear in the Create New File template list.

NOTE: The naming convention of a file template must be filetype.filetype for example,
docx.docx.
You can add any type of file template, However users can edit the template in the Filr Web Client
only if the file type is supported by CE.

146 UI Controls and Customizations

28 Users and Groups
28

 “Managing Users” on page 147

 “Managing Groups” on page 151

Managing Users
Path: Port 8443 Filr Admin Console > Users

Table 28-1 Using the Users dialog

Field, Option, or Button Information and/or Action

Users dialog (header row)

 New button  Click this to begin creating a new non-LDAP internal user.

 Import Profiles...  You can manage local users and groups by importing profile files that contain
button user or group information in XML format. This is a good way to
simultaneously perform multiple actions on non-LDAP users and group, such
as creating, modifying, or deleting users, and creating or modifying groups.
 Click Choose File, then navigate to and select the file that contains user or
group profile information in XML format.
 Click View a Sample File and make sure that the format of your file matches
the format that is shown in the provided sample file.

 Delete button  The effects of this button on user accounts depends on whether the user is
an LDAP, non-LDAP Internal, or External user. For more detail, see Deleting
Filr Users in the Filr 4.2: Maintenance Best Practices Guide.

Users and Groups 147

Field, Option, or Button Information and/or Action

 More drop-down With one or more users selected, you can choose from the following options.

 Disable User Account: Disabling Filr User Accounts in the Filr 4.2:
Maintenance Best Practices Guide
 Enable User Account: This restores access through a user account that was
previously disabled.
 Disable/Enable Personal Storage: Chapter 16, “Personal Storage and Home
Folders,” on page 99
 Use Default Personal Storage Setting: Chapter 16, “Personal Storage and
Home Folders,” on page 99
 Disable File Downloads: “Web Browser Access—Individual Users and
Groups” on page 25
 Enable File Downloads: “Web Browser Access—Individual Users and
Groups” on page 25
 Use Default File Download Setting: “Web Browser Access—Individual Users
and Groups” on page 25
 Disable Web Access: “Web Browser Access—Individual Users and Groups”
on page 25
 Enable Web Access: “Web Browser Access—Individual Users and Groups” on
page 25
 Use Default Web Access Setting: “Web Browser Access—Individual Users
and Groups” on page 25
 Workspace Share Rights...: Opens the Set User Workspace Sharing Rights
dialog, wherein you can restrict Personal Storage sharing privileges.
 Desktop Application Settings...: “Desktop Access—Individual Users and
Groups” on page 18
 Mobile Application Settings...: “Mobile Device Access—Individual Users and
Groups” on page 21
 Add Administrator Rights: Lets you assign selected users as Direct
administrators.
 Remove Administrator Rights: Lets you remove Direct-administration rights
from selected users.

 Filter List field  Begin typing a name and press enter to filter the list to only those users who
match what you have entered.

 Filter Arrow drop-  This lets you filter the displayed list of users using the following criteria:
down  Internal Users
 External Users
 Disabled Users
 Enabled Users
 Administrators
 Non-administrators

By default, all of the above are selected for display.

148 Users and Groups

Field, Option, or Button Information and/or Action

 Gear icon  Click this to adjust column sizes.

 Trash Can icon  This displays a list of Personal Workspace trash items that can be recovered.
 Restore button: This lets you undelete selected items.
 Delete button: This lets you permanently erase the selected items.
 Restore All button: This restores everything in Personal Workspace
trash.
 Delete All button: This permanently erases everything in Personal
Workspace trash.

Users List (below header row)

 Full Name column  Displays the user’s first and last names combined

 Arrow drop-down  Provides access to the following settings for the user:
column  User Properties dialog: Opens the User Properties dialog.
 Personal Storage settings: Depending on what has already been
configured for the user, you can enable the user’s personal storage,
disable the user’s personal storage, or specify that the default personal
storage settings be used for the user.
 File Downloads settings: Depending on what has already been
configured, you can enable file downloading for the user, disable file
downloading for the user, or specify that the default file downloading
settings be used for the user.
 Web Access settings: Depending on what has already been configured,
you can enable web access for the user, disable web access for the user,
or specify that the default web access settings be used for the user.

 Type column  Icons indicate whether users are LDAP, non-LDAP internal, External self-
provisioned, System-created, and so on.

 Admin column  This indicates whether users are assigned administrative responsibilities.

 Email column  This displays the email address to which Filr sends notifications

 Device Icon column  Click this to view the Registered Clients list filtered to include only this user.

This lets you manage all the user’s devices from one place. For more detail,
see “Viewing, Wiping, and Disconnecting Registered Clients” on page 118.

 User Id column  The login name of each user

Set User Workspace Use this to restrict Personal Storage sharing privileges.
Sharing Rights dialog

 Internal Users  After you have enabled sharing of files for the entire Filr system, you can
 External Users restrict Personal Storage shared-access-rights-granting by clearing any of the
settings shown in this dialog (listed in the left column).
 Public
 Asterisks (*) indicate rights that are not enabled site-wide. You cannot grant
 File Link individual users more rights than are currently defined for the site-wide
 Allow Re-Sharing setting.
of granted rights

Users and Groups 149

Field, Option, or Button Information and/or Action

New User dialog

 User ID  You must assign a unique user ID for each non-LDAP internal user.

 Password  You must assign (type and confirm) a password for the user to log in with.

 First Name  You can include the user’s first name

 Last Name  You can also include the user’s last name.

 Picture  You can include a picture of the user, or the user can add it later.

 Time Zone  Make sure the time zone setting is accurate.

 Locale  Make sure the locale setting matches the user’s language preference.

Personal Information Users normally provide the following information for themselves.

 Job Title

 About Me

 Email

 Phone

 Text Messaging
Email

OK or Cancel  Click OK to save the user information you have entered, or click Cancel to
discard your entries.

Viewing and Managing User Properties

Path: Port 8443 Filr Administration Console Management > Users > drop-down arrow next to the user
> User Properties

Table 28-2 Using the User Properties dialog

Field, Option, or Button Information and/or Action

 Profile button  You can change any of the following that is not synchronized from an LDAP
source:
 User ID
 Picture
 Time Zone
 Locale
 Job Title
 About Me
 Email
 Phone
 Text Messaging Email

150 Users and Groups

Field, Option, or Button Information and/or Action

 Home Folder  Lets you change some configuration for the User’s Home folder including:
button  The name that displays under My Files
 The content indexing settings
 The Just-in-Time Synchronization settings
 The synchronization schedule

 Personal Storage  Lets you enable or disable Personal Storage

button

 Quotas button  Lets you adjust the data quota

 Sharing... button  Lets you change the Personal Storage Sharing options

 Net Folders...  Lets you manage the assigned Net Folder settings
button

Managing Groups
Path: Port 8443 Filr Admin Console > Groups

Table 28-3 Using the Groups dialog

Field, Option, or Button Information and/or Action

Manage Groups dialog (header row)

 New button  Click this to begin adding a new non-LDAP internal group.

 Delete button  Click this to remove the selected groups from the list.

Users and Groups 151

Field, Option, or Button Information and/or Action

 More drop-down With one or more groups selected, you can choose from the following options:

 Disable/Enable Personal Storage: Chapter 16, “Personal Storage and Home

Folders,” on page 99
 Use Default Personal Storage Setting: Chapter 16, “Personal Storage and
Home Folders,” on page 99
 Disable File Downloads: “Web Browser Access—Individual Users and
Groups” on page 25
 Enable File Downloads: “Web Browser Access—Individual Users and
Groups” on page 25
 Use Default File Download Setting: “Web Browser Access—Individual Users
and Groups” on page 25
 Disable Web Access: “Web Browser Access—Individual Users and Groups”
on page 25
 Enable Web Access: “Web Browser Access—Individual Users and Groups” on
page 25
 Use Default Web Access Setting: “Web Browser Access—Individual Users
and Groups” on page 25
 Desktop Application Settings...: “Desktop Access—Individual Users and
Groups” on page 18
 Mobile Application Settings...: “Mobile Device Access—Individual Users and
Groups” on page 21
 Add Administrator Rights: Lets you assign selected group members as Direct
administrators.
 Remove Administrator Rights: Lets you remove Direct-administration rights
from selected groups.

 Filter List field  Begin typing a name and press enter to filter the list to only those users who
match what you have entered.

Manage Groups (below header row)

 Type column  Iconx indicate whether the groups are LDAP, non_LDAP internal, LDAP with
Direct Admin rights, non-LDAP with Direct Admin rights.

 Title column  Displays group titles as defined in LDAP or specified when the group was
created. LDAP titles cannot be changed in Filr, non-LDAP titles can be
changed.
 Click this to edit the group, including changing the group title and the
membership configuration.

152 Users and Groups

Field, Option, or Button Information and/or Action

 Arrow drop-down  Provides access to the following settings for the group:
column  Personal Storage settings: Depending on what has already been
configured for the group, you can enable personal storage for all group
members, disable personal storage for all group members, or specify
that the default personal storage settings be used for all group
members.
 File Downloads settings: Depending on what has already been
configured, you can enable file downloading for all group members,
disable file downloading for all group members, or specify that the
default file downloading settings be used for all group members.
 Web Access settings: Depending on what has already been configured,
you can enable web access for all group members, disable web access
for all group members, or specify that the default file downloading
settings be used for all group members.

 Name column  Displays group names as defined in LDAP or specified when the group was
created. Group names cannot be changed.

 Admin column  This indicates whether the group members are allowed Direct administrative
responsibilities because of membership in the group.

Add Group dialog

 Name: field  Specify a unique name under which the group is to be stored in the Filr
database. You can use only alphanumeric characters (a-z, A-Z, 0-9), hyphens
(-), and underscores (_).
 Once the group is created, the name cannot be modified.
 By default, after the group is added, this is what appears in lists of Filr groups.
However, you can specify whether the group Name or Title is displayed when
users are selecting groups, for example in the Share dialog, by modifying the
name completion settings, see “Name Completion Settings—Managing How
Group Names Display in Drop-Down Lists” on page 145.

 Title: field  Enter a descriptive group title. This string can include any characters that you
can type.
 The title can be modified
 You can specify whether the group Name or Title is displayed when users are
selecting groups, for example in the Share dialog, by modifying the name
completion settings, see “Name Completion Settings—Managing How Group
Names Display in Drop-Down Lists” on page 145.

 Description: box  If desired, include some text that describes the group, such as what the
members of this group have in common.

 Group  Static groups are groups whose membership is directly specified and does
membership is not change based on LDAP queries.
static option

 Group  Dynamic groups are populated based on LDAP queries made by Filr. Their
membership is membership changes as the meta data returned from Filr’s LDAP queries
dynamic option changes.

Users and Groups 153

Field, Option, or Button Information and/or Action

 Edit group  Click this to configure the type of group you have selected:
membership
button

OK or Cancel  Click OK to save the changes you’ve made in this dialog or Cancel to discard
your changes.
 Make sure you have edited the group membership. Otherwise your group
will have no members.

Static Membership for Group dialog

Allow external users  Select this to allow external users and groups to be added to the list.
and groups option

Users tab  User field: Begin typing a user name, then select a listed user to add it to the
Membership list.

Groups tab  Group field: Begin typing a group name, then select a listed group to add it to
the Membership list.

 Remove button  Click this to remove a selected user or group (depending on which dialog you
are in).

Membership list  A list of the users/groups in the static group.

OK or Cancel  Click OK to save the changes you’ve made in this dialog or Cancel to discard
your changes.

Edit Dynamic Membership dialog

Tips and Caveats  Users must already have existing Filr user accounts in order for them to be
added to a Filr group as described in this section. If your LDAP query includes
users who are not already Filr users, the users are not added to the Filr group
 When you configure your LDAP connection, you must specify the name of
the LDAP attribute that uniquely identifies the user (the value of this
attribute never changes). For eDirectory, this value is GUID. For Active
Directory, this value is objectGUID. For more information about this
attribute, see “Guid attribute:” on page 39.
 The Filr process that creates a dynamic group uses the LDAP configuration
settings in Filr to authenticate to the LDAP directory server used to specify
the Base DN (below). The credentials that are used are the LDAP server URL,
user DN, and password. For more information on how to configure these and
other LDAP configuration settings in Filr, see “LDAP Servers and
Synchronization” on page 35.
 The Base DN set below must exist in each LDAP source. Otherwise, the
membership of the dynamic group might not be updated correctly.
 If your Filr site is configured with multiple LDAP sources and the base DN that
you define for the dynamic group exists in each LDAP source, the
membership of the dynamic group contains users from each LDAP source
that match the dynamic group’s filter.

 Current  Click this to open the Dynamic Group Membership windows and view the
Membership: users that are included in the group based on the current configuration.
button

154 Users and Groups

Field, Option, or Button Information and/or Action

 Base DN:  Use the LDAP browse button to locate the context where you want the
search for users to begin.

 LDAP Filter:  Specify the LDAP filter you want to use for the query. This is required for the
search to return any results.
 For an example and more information, see “Filter:” on page 42.

 Search subtree  Select this to have the search extended into sub-containers.
option

 Update group  You must either select this or perform a manual ldap synchronization before
membership any users are added to the group you are defining.
during scheduled  If you do not select this option, the group will not be automatically updated
ldap when changes occur in your LDAP directory.
synchronization
option

 Test ldap query  Use this to see whether the configuration you have specified is working.
button

OK or Cancel  Click OK to save the changes you’ve made in this dialog or Cancel to discard
your changes.

Dynamic Group Membership window

Users tab  This displays a list of the users and groups that are members of the dynanic
group.

 Close button  Use this to return to the previous window.

Users and Groups 155

156 Users and Groups
29 Integrating Microsoft Office and Outlook
29

with Filr
Filr now provides a plugin for integrating Filr with Microsoft Office and Outlook. The Micro Focus Filr
Plugin for Microsoft Office and Outlook enables Filr users to work with files in their My Files and
Netfolders area of the Filr server directly from a Microsoft Office 2013, 2016, and Office 365
application such as Excel, Word, Outlook, or PowerPoint.
After installing this plugin, Filr users can use the Microsoft applications as follows:
 Microsoft Outlook: Browse local or Filr-based files and attach the files in an email. Depending
on the policy settings, the files are either directly attached to the email or the files are first
uploaded to the Filr server and the link of the uploaded files is then shared in the email.

NOTE: Users can use the Outlook feature only if an Advanced-Edition license is installed on the
Filr appliance.

 Microsoft Excel, Word, PowerPoint: Users can do the following:

 Browse to a file that is located on a Filr server, open the file, edit it, and then save it back to
the Filr server.
 Create a new file and upload it to the Filr server.
 Share a file with Filr users.

 “Managing Office Settings” on page 157

 “Managing Outlook Settings” on page 157

Managing Office Settings

Path: Port 8443 Filr Admin Console > Management > Office and Outlook Settings
For downloading the Micro Focus Filr Plugin for Microsoft Office and Outlook, see Filr 4: Using Micro
Focus Filr with Microsoft Office and Outlook Applications guide.
To enable the plugin in Microsoft Office, select the Enable Filr Office Plugin option. By default, this
option is disabled.

Managing Outlook Settings

Path: Port 8443 Filr Administration Console > Management > Office and Outlook Settings
For downloading the Filr Outlook Plugin, configuring Filr settings in Microsoft Outlook, and using
Microsoft Outlook for sending email attachments through Filr, see Downloading and Installing the
Filr Outlook Plugin in the Using Micro Focus Filr with Microsoft Outlook Quick Start.
To configure the Outlook settings, see Table 29-1 on page 158.

Integrating Microsoft Office and Outlook with Filr 157

To view information about the email sent through Outlook and the details of the file uploaded on
the Filr server and shared in the email, see the Filr Outlook Report.

Table 29-1 Using the Outlook Settings dialog

Field, Option, or Button Information and/or Action

 Enable Filr Outlook  Select this to enable the plugin in Microsoft Outlook. By default, this option is
Plugin disabled.

Filr Outlook Policy

 Allow download of  Select this to enable the external users to access email attachments without
email attachments authenticating to Filr.
without
authentication By default, this option is disabled and the Filr Administrator defines the
policy.

 Allow user to  Select this to enable Filr users to define the Filr Outlook policy terms, such as
define the policy when to send attachments using Filr and when attachment links sent in the
email expires.

By default, this option is disabled and the Filr Administrator defines the
policy.

 Send attachments  Select one of the following:

using Filr  Always: Select this to ensure that all of the files that Microsoft Outlook
users attach to emails through the Filr Plug-in are not directly sent as
email attachments. All the files are first uploaded to the Filr server
irrespective of the file size and then the link of the uploaded files is
shared in the email.

File size exceeds X MB:

Select this to specify the maximum file size beyond which a file attached
to the email through the Filr Plug-in is first uploaded to the Filr server
and then the link of the uploaded file is shared in the email sent to the
recipient.

 Attachment link  Click one of the following to specify when an attachment link sent through
expires after email should expire:
 X days: Select this to specify the number of days after which the
attachment link sent in the email should expire.
 X downloads: Select this to specify the maximum number of times the
attachment can be downloaded, after which the attachment link sent in
the email should expire.

 Allow user to  Select this to enable Filr users to override the values and specify a value less
modify the policy than what the Filr Administrator has set for the Send attachments using Filr
limits and Attachment link expires after.

Delete attachments  If the Filr Appliance storage is 90% utilized, the Filr system sends email
stored in the Filr Outlook notifications to the Filr administrator provided that the administrator’s
storage profile has an email address configured.
 To automatically delete all the expired attachments, Filr initiates a clean up
process everyday at 1 a.m. GMT.

158 Integrating Microsoft Office and Outlook with Filr

Field, Option, or Button Information and/or Action

 Expired  This enables all the expired attachments for deletion when Delete is clicked.
attachments This is selected by default and cannot be deselected.

Attachments older than  Select this to specify the age (in days) of the attachments that you want to
X days delete from the Filr Appliance storage. You can click Delete to immediately
delete attachments older than the specified days.

 Delete  Click this to immediately delete expired attachments and the attachments
older than the specified days from the Filr Appliance storage.

 Apply  Click this to save your changes.

 Close  Click this to return to the previous window.

Integrating Microsoft Office and Outlook with Filr 159

160 Integrating Microsoft Office and Outlook with Filr

OMU9 HTTPSAgent ConceptConfig
No ratings yet
OMU9 HTTPSAgent ConceptConfig
344 pages
Npam Admin
No ratings yet
Npam Admin
354 pages
Nextcloud Server Administration Manual
No ratings yet
Nextcloud Server Administration Manual
531 pages
Trellix Enterprise Security Manager 11.6.x Product Guide 3-30-2025
No ratings yet
Trellix Enterprise Security Manager 11.6.x Product Guide 3-30-2025
319 pages
Mcafee Epolicy Orchestrator 5.10.0 Product Guide
No ratings yet
Mcafee Epolicy Orchestrator 5.10.0 Product Guide
470 pages
PAN OS 7.0 Web Interface Ref
100% (1)
PAN OS 7.0 Web Interface Ref
500 pages
Emr Na c02256363 2
No ratings yet
Emr Na c02256363 2
358 pages
Mcafee Enterprise Security Manager 11.1.x Product Guide 7-6-2022
No ratings yet
Mcafee Enterprise Security Manager 11.1.x Product Guide 7-6-2022
319 pages
Official CHFI Study Guide
No ratings yet
Official CHFI Study Guide
976 pages
Junos Pulse Secure Access Service 8 0 Adminguide
No ratings yet
Junos Pulse Secure Access Service 8 0 Adminguide
1,510 pages
Palo Alto Networks Administrators Guide
No ratings yet
Palo Alto Networks Administrators Guide
274 pages
Pan Os 61 AdminGuide
No ratings yet
Pan Os 61 AdminGuide
698 pages
Mcafee Epolicy Orchestrator 5.10.0 Product Guide 1-31-2023
No ratings yet
Mcafee Epolicy Orchestrator 5.10.0 Product Guide 1-31-2023
483 pages
FSD - OP2023 - Latest Feature Scope Desription
No ratings yet
FSD - OP2023 - Latest Feature Scope Desription
778 pages
PAN OS 6.0 Admin Guide
No ratings yet
PAN OS 6.0 Admin Guide
522 pages
Pan Os
0% (1)
Pan Os
952 pages
Powerfactory 2020: Advanced Installation and Configuration Manual
100% (1)
Powerfactory 2020: Advanced Installation and Configuration Manual
97 pages
Fortigate System Admin 40 Mr3
No ratings yet
Fortigate System Admin 40 Mr3
311 pages
Cloud Web Help
No ratings yet
Cloud Web Help
306 pages
Bca 240 CD
100% (2)
Bca 240 CD
67 pages
Cloud Web Help
No ratings yet
Cloud Web Help
306 pages
Dell OpenManage Network Manager User Guide 6.2 SP2
No ratings yet
Dell OpenManage Network Manager User Guide 6.2 SP2
722 pages
PAN OS 6.0 Admin Guide
No ratings yet
PAN OS 6.0 Admin Guide
478 pages
Foundation Admin
No ratings yet
Foundation Admin
160 pages
Pan Os
No ratings yet
Pan Os
928 pages
Dell SonicWALL E-Class SRA 10.6.2 Admin Guide
No ratings yet
Dell SonicWALL E-Class SRA 10.6.2 Admin Guide
585 pages
SA 9.0 Administration Guide
No ratings yet
SA 9.0 Administration Guide
286 pages
Pan Os
No ratings yet
Pan Os
932 pages
Hiragana Memory Hint Worksheet Booklet JPF
No ratings yet
Hiragana Memory Hint Worksheet Booklet JPF
12 pages
Webroot SecureAnywhere User Guide - 101411
No ratings yet
Webroot SecureAnywhere User Guide - 101411
186 pages
Pan Os 6.1
No ratings yet
Pan Os 6.1
680 pages
Config PaloAlto
100% (1)
Config PaloAlto
684 pages
MongoDB Security Guide
No ratings yet
MongoDB Security Guide
102 pages
Configuring EX Series Switches
100% (1)
Configuring EX Series Switches
82 pages
Barracuda Web Application Firewall Best Practices Guide PDF
No ratings yet
Barracuda Web Application Firewall Best Practices Guide PDF
14 pages
(McAfee) McAfee Epolicy Orchestrator 5.10.0 Product Guide 5-3-2020
No ratings yet
(McAfee) McAfee Epolicy Orchestrator 5.10.0 Product Guide 5-3-2020
271 pages
PAN OS 6.1 Admin Guide
No ratings yet
PAN OS 6.1 Admin Guide
666 pages
Day One: Configuring Junos Policies Filters
No ratings yet
Day One: Configuring Junos Policies Filters
100 pages
GRC 12 Admin Guide Full
No ratings yet
GRC 12 Admin Guide Full
242 pages
BRMS Detail
No ratings yet
BRMS Detail
290 pages
Mcafee Application and Change Control 8.3.x - Windows Product Guide 6-13-2022
No ratings yet
Mcafee Application and Change Control 8.3.x - Windows Product Guide 6-13-2022
271 pages
QRadar 71MR2 AdminGuide
No ratings yet
QRadar 71MR2 AdminGuide
316 pages
QNAD 71MR1 AdminGuide
No ratings yet
QNAD 71MR1 AdminGuide
296 pages
Bitdefender GravityZone AdministratorsGuide 1 EnUS
No ratings yet
Bitdefender GravityZone AdministratorsGuide 1 EnUS
261 pages
Citrix XenApp Administrators Guide
No ratings yet
Citrix XenApp Administrators Guide
422 pages
LMT User Manual
No ratings yet
LMT User Manual
126 pages
LWDMTX5 001
No ratings yet
LWDMTX5 001
333 pages
71 - System Administrator Guide
No ratings yet
71 - System Administrator Guide
311 pages
Installation and Upgrade Guide: Access Manager Appliance 4.4
No ratings yet
Installation and Upgrade Guide: Access Manager Appliance 4.4
84 pages
Novell ZENworks 11 SP1 System Admin
No ratings yet
Novell ZENworks 11 SP1 System Admin
450 pages
PAN OS 6.0 Admin Guide PDF
No ratings yet
PAN OS 6.0 Admin Guide PDF
348 pages
MongoDB Security Guide PDF
No ratings yet
MongoDB Security Guide PDF
111 pages
Ipcop Admin
No ratings yet
Ipcop Admin
77 pages
Manual - Netgear ReadyNAS Pro 6 RNDP6000
No ratings yet
Manual - Netgear ReadyNAS Pro 6 RNDP6000
132 pages
Quick Reference Guide: Microsoft Windows Xpe-Based Thin Clients - T5710 & T5720
No ratings yet
Quick Reference Guide: Microsoft Windows Xpe-Based Thin Clients - T5710 & T5720
72 pages
Yardi Commercial Suite
No ratings yet
Yardi Commercial Suite
52 pages
Fortiauthenticator Admin 12
No ratings yet
Fortiauthenticator Admin 12
46 pages
DDOS 7.12 Command Reference Guide
No ratings yet
DDOS 7.12 Command Reference Guide
338 pages
MirthApplianceDeploymentGuide 3.6.0
No ratings yet
MirthApplianceDeploymentGuide 3.6.0
69 pages
CSC-326 Catalogue PDF
No ratings yet
CSC-326 Catalogue PDF
24 pages
PAN-OS® 8.0 CLI Quick Start
No ratings yet
PAN-OS® 8.0 CLI Quick Start
48 pages
Docx. Final Research
No ratings yet
Docx. Final Research
12 pages
Operating Systems Chapter 10 Virtual Memory Slides
No ratings yet
Operating Systems Chapter 10 Virtual Memory Slides
53 pages
Getting Started Guide PAN-OSv5.0
No ratings yet
Getting Started Guide PAN-OSv5.0
126 pages
Touchless Touch Screen Technology
No ratings yet
Touchless Touch Screen Technology
15 pages
Book-Sle-Upgrade Color en
No ratings yet
Book-Sle-Upgrade Color en
62 pages
Junos SA SSL VPN 7.4 Client Side Changes
No ratings yet
Junos SA SSL VPN 7.4 Client Side Changes
78 pages
LS10200 000NF E A1 IFC NOTIFIER Compatibility Document
No ratings yet
LS10200 000NF E A1 IFC NOTIFIER Compatibility Document
2 pages
Filr Inst
No ratings yet
Filr Inst
186 pages
AVEVA Plant Compatibility Matrix (9.5)
100% (1)
AVEVA Plant Compatibility Matrix (9.5)
22 pages
Mastering Python Advanced Concepts and Practical Applications
From Everand
Mastering Python Advanced Concepts and Practical Applications
Aissa Younes
No ratings yet
Plain JavaScript: Learning the Front-End
From Everand
Plain JavaScript: Learning the Front-End
Roger Beans-Rivet
No ratings yet
Network Security 3
No ratings yet
Network Security 3
56 pages
R Practical File
No ratings yet
R Practical File
17 pages
Playwright With Java
No ratings yet
Playwright With Java
6 pages
Practice Exercises 4
No ratings yet
Practice Exercises 4
2 pages
Datasheet+Fech3+Fixed+03gf0348 2
No ratings yet
Datasheet+Fech3+Fixed+03gf0348 2
2 pages
Excel Keyboard Shortcuts For Mac
No ratings yet
Excel Keyboard Shortcuts For Mac
16 pages
BrixNGN Solution Overview
No ratings yet
BrixNGN Solution Overview
31 pages
All About Preferences DataStore. in This Post, We Will Take A Look at - by Simona Milanović - Android Developers - Medium
No ratings yet
All About Preferences DataStore. in This Post, We Will Take A Look at - by Simona Milanović - Android Developers - Medium
16 pages
The Linux Terminal for Advanced Users - The Command Line Made Easy: First Edition
From Everand
The Linux Terminal for Advanced Users - The Command Line Made Easy: First Edition
Michael Basler
No ratings yet
As A Man Thinketh
No ratings yet
As A Man Thinketh
52 pages
Mobile-First Responsive Web Design
No ratings yet
Mobile-First Responsive Web Design
47 pages
Blog Smarter, Not Harder: SEO, Blogging, and AI Strategies to Skyrocket Your Traffic
From Everand
Blog Smarter, Not Harder: SEO, Blogging, and AI Strategies to Skyrocket Your Traffic
Jay Nans
No ratings yet
Cybersecurity for Executives: A Guide to Protecting Your Business
From Everand
Cybersecurity for Executives: A Guide to Protecting Your Business
Matthew C. Smith
No ratings yet
RDK ReadMe PDF
No ratings yet
RDK ReadMe PDF
2 pages
Gray Hat Hacking the Ethical Hacker's
From Everand
Gray Hat Hacking the Ethical Hacker's
Çağatay Şanlı
5/5 (1)
ChatGPT for Business: Strategies for Success
From Everand
ChatGPT for Business: Strategies for Success
Matthew C. Smith
No ratings yet
Junos Security Swconfig Security
No ratings yet
Junos Security Swconfig Security
1,852 pages
Deploying SRX Series
No ratings yet
Deploying SRX Series
110 pages
Using Talend REST Components in A Practical Use Case
No ratings yet
Using Talend REST Components in A Practical Use Case
19 pages
A To Z of Internet: Everything You Wanted to Know
From Everand
A To Z of Internet: Everything You Wanted to Know
Bittu Kumar
No ratings yet
Viva Q Python
No ratings yet
Viva Q Python
4 pages
10 Microservices Patterns All Architects Should Know - TechTarget
No ratings yet
10 Microservices Patterns All Architects Should Know - TechTarget
4 pages
Securing ChatGPT: Best Practices for Protecting Sensitive Data in AI Language Models
From Everand
Securing ChatGPT: Best Practices for Protecting Sensitive Data in AI Language Models
Matthew C. Smith
No ratings yet
Korblox - Pesquisa Google
No ratings yet
Korblox - Pesquisa Google
1 page
Resume Mayank
No ratings yet
Resume Mayank
1 page
Software Patterns Made Easy
From Everand
Software Patterns Made Easy
Justice Nanhou
No ratings yet