Silversync Guide III: Configuration
Configure Silversync
- You should have now successfully accomplished Silversync Guide II: Installation
- Navigate back to Silverback Management Console
- Click OK
- Refresh your Browser page and/or click refresh button in the table
- You should see your server, with a last connection time and IP Address
- Click Edit
- Check your Deployment Options
- Make a choice
File access methods
Server Authenticates |
Server Authenticates is the functionality that the legacy Silversync system used. This means that the server has an account that needs permissions on all file's users will synchronize, and access to the files is governed by Silverback and the Tags assigned to the user. To configure this, first ensure that “Server Authenticates” is selected from the General Tab. Using this method, the server will access the content for the user. This requires that the Server has READ permissions to the file store. Proceed with Option A: Server Authenticates Server authenticates operates complete in Read Only mode. Administrators can provide content in folders and users are able to upload files via Personal File Management console. Consuming on end user devices will be in read only mode. |
User Authenticates |
User Based authentication means that the individual user’s file permissions are used. This means that a user must be granted read permissions on a file before they will be able to sync it. Using this method, the users must have NTFS READ permissions assign on the file store to access the content. Administrators will assign content to users and they can access that content. Any content the user does not have NTFS permissions on, will not be available to them. If you do not see the “User Authenticates” option, this likely means that your Silversync server is not connected to your domain controller. This is a requirement for User based authentication. Proceed with Option B: User Authenticates Local Folders on Silversync Server will be accessed in Read/Write permissions. Remote Fileshares with Read permissions. Administrators can provide content in folders and users are able to upload files via Personal File Management console and with M42Mobile application. |
OPTION A - Server Authenticates
- Select Server Authenticates
- Click Save
Do not close this Windows
Create Folders
- Open Windows Explorer on your Silversync server
- Create the following folder structure:
- C:\Files
- C:\Files\Files Folder 1
- C:\Files\Files Folder 2
- C:\Files\Files Folder 3
- C:\Userdrives
- Open Windows Explorer on a Remote Fileshare Server
- Create the following folder structure
- C:\Remote Filehare
- C:\Remote Filehare\File Share 1
- C:\Remote Filehare\File Share 2
- C:\Remote Filehare\File Share 3
Set Permissions
- On your Silversync all permissions should be set by default
- On your Remote Fileshare Server perform the following
- Right Click the C:\Remote Fileserver Folder
- Click Properties
- Click Security
- Click Advanced
- Click Add
- Click Select a principal
- Click Object Types
- Enable Computers
- Click OK
- Search for your Silversync Server Computer Object
- Ensure that the following rights are given
- Read and execute
- List folder contents
- Read
- Click OK
- Click Apply and OK
- Click OK to close Properties
Share Folders
- Right Click the C:\Remote Fileserver Folder
- Click Share with
- Specific People
- Your Silversync Computer Object should be listed with Read Rights
- Click Share
- Note down your address e.g. \\FILESERVER\Remote Fileshare
- Click Done
Add Content
- Navigate back to your Silverback Management Console
- Navigate to the Content Locations
- Click Add
- Enter C:\Files
- Click Add
- Enter \\FILESERVER\Remote Fileshare
- Click Save
- Wait for the progress indicator to finish
- Click Save and Close
- Open Powershell as an Administrator and restart services
- restart-service w3svc,silv*,epic*,mat*
- restart-service w3svc,silv*,epic*,mat*
Enable Push Notifications
To enable Push Notifications, you need to bind your server to the M42 Notification Server Service.
- If you are still in the Edit Silversync Server windows, confirm your changes with Save and Close
- Now click Bind to M42 Notification Server
- In the next window click Bind again
- Login with your Matrix42 account
- Click Allow Access
- Accept Licenses Agreement
- Click Connect
Next Steps
- Learn how to Distribute Content to devices: Silversync Guide IV: Content Distribution
- Review other sections (optional)
- Navigate to Service Mappings
- Navigate to Logs
OPTION B - User Authenticates
- Select User Authenticates
- Click Save
- Read the screen carefully
- Proceed with Option 1 (recommended)
- Proceed with Option 2 (optional)
Option 1: Enter Domain Administrator Credentials (recommended)
- Enter your Credentials
- e.g. IV\superadmin or superadmin@imagoverum.com
- e.g. Pa$$w0rd
- Click Save
Option 2: Skip Credentials
In some environments it might not be allowed to provide a third application domain administrator credentials. The system needs these permissions because it needs to established trusts in the Active Directory Domain so that the server is able to access files as the user. This lets Silverback determine if the user actually has permissions on the file. If you do not want to provide domain administrator credentials, you need to provide Delegations and SPNs manually. Please proceed with the following steps:
- Click Skip credentials
- Perform the step written in the following guide: Silversync Guide VIII: Configuring User Based Authentication Manually
- Come back when you have finished everything
- Proceed with Add Content
Connect to LDAP
- Navigate to Authentication
- Enter your LDAP Server Address: eg. dc01.imagoverum.com
- Enter LDAP Server Port: e.g. 389
- Enter a LDAP Lookup Username
- Enter a LDAP Lookup Username Password
- Click Save
Create Folders
- Open Windows Explorer on your Silversync server
- Create the following folder structure:
- C:\Files
- C:\Files\Files Folder 1
- C:\Files\Files Folder 2
- C:\Files\Files Folder 3
- C:\Userdrives
- Open Windows Explorer on a Remote Fileshare Server
- Create the following folder structure
- C:\Remote Filehare
- C:\Remote Filehare\File Share 1
- C:\Remote Filehare\File Share 2
- C:\Remote Filehare\File Share 3
Share Folders
- Right Click the C:\Remote Fileserver Folder
- Click Share with or Give access to
- Find People
- Add Authenticated Users or a specific user group
- Change to Read/Write if desired
- Click Ok
- Click Share
- Note down your address e.g. \\FILESERVER\Remote Fileshare
- Click Done
Add Content
- Navigate back to your Silverback Management Console
- Navigate to the Content Locations
- Click Add
- Enter C:\Files
- Click Add
- Enter \\FILESERVER\Remote Fileshare\
- Click Save
- Enter your Domain User Credentials to Assign Folders
- Click Save
- Wait for the progress indicator to finish
- Click Save and Close
- Open Powershell as an Administrator and restart services
- restart-service w3svc,silv*,epic*,mat*
Check other configuration (optional)
- Navigate to System Settings
- Navigate to Service Mappings
- Navigate to Logs
Enable Push Notifications
To enable Push Notifications, you need to bind your server to the M42 Notification Server Service.
- If you are still in the Edit Silversync Server windows, confirm your changes with Save and Close
- Now click Bind to M42 Notification Server
- In the next window click Bind again
- Login with your Matrix42 account
- Click Allow Access
- Accept Licenses Agreement
- Click Connect
- Proceed with Silversync Guide IV: Content Distribution
Other Configuration
Silversync covers multiple other configuration, which can be done.
Authentication
The authentication section lets you define the access settings for LDAP users and also the used service account.
Local Users Only | Enabled or Disabled | Will only allow Local Silverback Users to synchronize |
---|---|---|
LDAP Server Address | e.g. dc01.imagoverum.com | Network IP address or FQDN of the LDAP Server |
LDAP Server Port | e.g. 389 | TCP Port for LDAP Communications |
Base DN | e.g. OU=USERS,OU=IMAGOVERUM,DC=imagoverum,DC=com | The base container where Silverback will look for users |
Require SSL | Enabled or Disabled | Defines if LDAP/S is being used |
LDAP attribute |
|
Identifying LDAP Attribute to use for authentication |
LDAP Type |
|
Type of LDAP Source being connected to. |
LDAP Username | e.g. ldap_lookup@imagoverum | LDAP Lookup account used when searching for users |
LDAP Password | e.g. Pa$$w0rd | The Type of LDAP Source being connected to. |
Service Account |
This is the account that Silversync components run as on the remote Silversync server. Note: When no credentials are specified, Network Service principal is used. When specifying the username, please use the NT Syntax (e.g. DOMAIN\User). For local users, you can specify .\user. |
|
Username | e.g IV\silversync_service | Let’s you determine which account Silversync will run as. If empty, Network Service is used. |
Password | e.g. Pa$$w0rd | Let’s you determine which account Silversync will run as. If empty, Network Service is used. |
System Settings
System Settings lets you determine some environmental defaults for this Silversync server
Log Level |
|
This is the amount of detail included in the logging, this should mainly be changed for troubleshooting purposes Debug will place at folder C:\Silversync\logs for any connection one log file in *.txt format. |
---|---|---|
Cache Expiry | e.g. 18 | How long until the cached will be cleared. Caching the content helps speed up synchronization, but it should not last for a long time as it takes system resources to maintain. |
Notification Interval | e.g. 1 | How long in minutes the system should wait before sending another push to a user. This prevents the user from being notified multiple times when copying several files. This prevents the user from getting, for example five notifications instantly if you copy five files to the content location. |
Notification Message | e.g. Silversync content changed |
This is the message that is sent to the user when content changes are detected |
Content Refresh Interval | e.g. 12 |
How long until the system will refresh the entire content location for the users. In general, this can be left, as individual file changes are automatically detected. |
Allowed Extensions | e.g. .ai,.bmp,.csv,.doc,.docm,.docx,.dot,.dotm,.dotx,.gif,.htm,.html,.ico,.jfif,.jpe,.jpeg,.jpg,.log,.m3u,.mobileconfig,.mov,.mp4,.numbers,.pages,.pdf,.png,.pot,.potm,.potx,.pps,.ppsm,.ppsx,.ppt,.pptm,.pptx,.psd,.rtf,.svg,.svgz,.tif,.tiff,.txt,.wav,.xla,.xls,.xlsm,.xlsx,.xlt,.xltm,.xltx,.xml,.plist,.itmsp,.ibooks,.json,.key,.m4v,.webclip |
This lets you determine what file types should be recognised by Silversync. Files not on this list will be excluded which is helpful for filtering out system files, or file types that users might not be able to open. |
Days to retain logging | e.g. 30 | How many days should the Silversync logging be kept before being removed. |
Service Mappings
Service Mappings determine the location of web services for access by users and applications. It’s recommended to leave these as default, but also ensure you check that it matches the DNS entry for your Silversync server. It should be automatically populated with your server URL
Silversync admin console URL | e.g. https://silversync.imagoverum.com/syncadmin |
---|---|
DataProvider URL | e.g. https://silversync.imagoverum.com/syncdata |
MetaDataProvider URL | e.g. https://silversync.imagoverum.com/syncmetadata |
Personal File Management URL | e.g. https://silversync.imagoverum.com/pfm |
Personal File Management
Personal File Management lets users upload their own content into Silversync. Note that the files in normal Content Locations defined above are READ only. Personal File Management is a user’s own personal storage space. The settings on this page let you configure the requirements.
Personal File Management Content Location | e.g. C:\SilversyncPersonal | This is the location relative to the Silversync server to store Personal File Management uploads by users. Leave this blank if you do not wish to use PFM. |
---|---|---|
Maximum Server Storage Per User | e.g. 200 | The maximum size in megabytes that a user is allowed to consume on the server. This is per user, so keep this in mind when planning available storage, that this number should multiply with every new user in the system. |
Logo | Choose File | Lets you upload a logo file that will be shown to users in the PFM console. This helps with branding to give users a common feel with your other company pages. |
Logs
Logs doesn’t require you to configure anything, but its useful to know how to access this page. This is where logging can be found for your Silversync server. If you need to troubleshoot a problem, or confirm that new content is being picked up, you can check this page.