Skip to main content
Matrix42 Self-Service Help Center

Silversync Guide VIII: Configuring User Based Authentication Manually

Overview

In some environments, it may not be possible to provide domain administrator credentials to a third application. The system needs these credentials because it needs to establish trust in the Active Directory domain so that the server can access files as a user. This allows Silverback to determine if the user actually has permissions to the file. If you do not want to provide domain administrator credentials, you will need to provide delegations and SPNs manually. To perform this process, you need to have Domain Administrator privileges. Complete these steps for any local or remote content location.

Configure Delegation

  • Login to your Active Directory server
  • Open Active Directory Users and Computers
  • Navigate to the Silversync Server computer object
  • Double-click on the computer object
  • Navigate to Delegation
  • Select Trust this computer for delegation to specified services only
    • Select Use any authentication protocol
  • Click Apply 

Allow Delegation of permissions for local paths

There are two difference types of delegation. One for local files on the Silversync server (C:\Files) and remote network shares (\\FILESERVER\Remote Fileshare). These require slightly different processes, which will be covered both in the examples below.

  • Navigate to Silverback Management Console
  • Login as an Administrator
  • Navigate to Admin
  • Navigate to Silversync
  • Click Edit 
  • Navigate to Content Locations
  • Click Add
  • Enter your local path , e.g C:\Files
  • Click Save
  • When prompted to provide Domain Admin Credentials, click Skip Credentials

Add SPN for local paths

  • Navigate back to your Active Directory Users and Computers
  • Click Add
  • Click Users or Computers
  • Search for your Silversync server computer object
  • Click OK
  • Scroll down to HTTP service and select it
  • Click OK

Allow Delegation of permissions for network paths

  • Navigate to Silverback Management Console
  • Login as an Administrator
  • Navigate to Admin
  • Navigate to Silversync
  • Click Edit 
  • Navigate to Content Locations
  • Click Add
  • Enter your network path (e.g.\\FILESERVER\Remote Fileshare)
  • Click Save
  • When prompted to provide Domain Admin Credentials, click Skip Credentials

Add SPN for network paths

  • Navigate back to your Active Directory Users and Computers
  • You should still have the Silversync Computer Object Properties open
  • Click Add
  • Click Users or Computers
  • Search for your Fileserver computer object
  • Click OK
  • Select cifs

This will create the link between this server and the remote server for delegation

  • Click OK

If you are directing users to a DFS share, you must add the delegation for ALL members of the DFS environment individually. Repeat these steps for all members.

 

  • Was this article helpful?