Is There a Way to Bulk Upload Files Into Sharefile?

After being involved in several small an midsize Sharefile environments I recently migrated a Enterprise customer to ShareFile. They had a bang-up vision in terms of flexible working, which was really nice, but very challenging from a technical perspective. Beside the number of users, this customer didn't kickoff with ShareFile as a greenfield environment, but decided to migrate all information into ShareFile. The customer didn't desire to employ CIFS or ShareFile connectors, all data had to be placed into on premise Storage Zones.

Information would be accessible only through ShareFile, no other file services would be offered

Clients

Although Citrix ShareFile offers a client for almost every platform, the different clients don't have the aforementioned functionality. For example the Windows and Mac OSX Client are not able to brandish the ShareFile CIFS connector. We were told Citrix has a different vision/idea about a classic Windows/Mac OSX client, on these clients users are supposed to employ a archetype bulldoze mapping. From a user perspective I hope ShareFile volition add this functionality in a upcoming release of the Windows and MAC OSx clients, one interface for all information across all clients is much simpler and transparent for terminate users!

The "Sync for Windows" & "Sync for Mac" client don't support CIFS Share integration

For Mac OSX and mobile devices the client to choose is axiomatic. There is only 1 option. For Windows it is a dissimilar ball game. Windows has several options bachelor:

• Sync for Windows
• Enterprise Sync Manager
• Control Line Interface
• Bulldoze Mapping
• Desktop Widget

In our case we have chosen to utilise the "Sync for Windows" customer on all Windows devices in the surroundings. An surroundings which exists of desktops, laptops and a Citrix XenDesktop farm. For desktop and laptops the installation was pretty straight forward and we didn't need to customize much. With the ShareFile preferences GUI, users are able to determine which folders need to be available for them, later on which the selected files are cached offline. For a desktop or laptop I don't mind the files being cached offline, for my Citrix XenDesktop server all the same I don't want all users caching all files locally. Lucky the Sync for Windows client is RDS aware and behaves unlike, in this case on-demand sync is used! Because of the on-demand sync, we wanted to nowadays all files and folder a user was authorized for. This could hands be accomplished by using the ShareFileOn-demand.admx to configure the Sync for Windows client on an RDS server. We added all root RemoteFolderId'south to the On-demandFolderIds part of the policy. Users are presented a full listing of files and folders to which they take access and are simply synchronized when accessed.

ShareFile On-Demand Sync is designed for integration with hosted desktops and applications running in XenApp and XenDesktop environments. Unfortunately the on-demand sync options is non available on desktops or laptops, in my opinion this would be a prissy addition

XenMobile

Companies who purchase XenMobile Enterprise are entitled to use Citrix ShareFile besides. The integration of ShareFile and XenMobile creates whole new challenges, which I won't discuss in the article. I'grand currently writing a separate blog about the XenMobile / ShareFile integration.

XenMobile Enterprise are entitled to use Citrix ShareFile every bit well

Shared Folders

Every shared folder within ShareFile may comprise other authorizations, which makes it very flexible as collaboration platform. Granting users access to folders however tin can be a very time consuming process and painful process. The most obvious method would be through the ShareFile website (Control Aeroplane), just in our case information technology took up to 3 minutes to add a single user or distribution group to a folder. This was mainly caused past the large corporeality of distribution groups we initially used. With the default management tools it'south a real nightmare when 800+ folders have to exist modified, lucky we were able to create a more efficient method. Subsequently I will explain how we were able to automate and speed-up several ShareFile tasks.

Limit the number of distribution groups in your ShareFile account to foreclose the control plane from a decreased performance

Distribution Groups

To simplify the folder authorisation process ShareFile offers "Distribution Groups" which are similar to agile directory groups. When distribution groups are being added to shared folder users simply have to be member of the corresponding groups to get access to shared folders. Creating and maintaining Distribution Groups via the ShareFile website (Control Airplane) can be done for pocket-sized environments merely is very labor intensive for enterprise accounts when the enterprise environment needs a lot of distribution groups and has a lot of users! In an enterprise surroundings I desire the "Distribution Groups" to exist in sync with linked active directory groups. For this, and several other tasks Citrix Sharefile offers a User Management Tools (UMT) which can be used to automatically synchronize those groups. In our instance we used a different method which I will talk over later on.

Brand use of UMT to synchronize ShareFile distribution groups with Active Directory groups!

User Direction Tool (UMT)

As only discussed the User Management Tool (UMT) can be used to simplify some ShareFile administration tasks. UMT tin can be used to provision new ShareFile user accounts, create distribution groups, link distribution groups to AD groups and accordingly update group membership of distribution groups. Unfortunately nosotros experienced some bug with the User Direction Tool one.7 and initially weren't able to make use of it. Despite the fact that all groups were visible in the logs files, several AD groups were non visible in the GUI, without this nosotros weren't able to create new rules for those. UMT Rules are used to create and maintain membership of distribution groups, according the linked Ad groups. The UMT Rules which were in place, didn't update the groups membership correctly in several cases.

Finally nosotros discovered why several Advert Groups were non being displayed in the UMT GUI. UMT uses the grouping displayname when information technology's available, in our example we had several active directory groups with a dissimilar displayname (Previously someone renamed them renamed incorrectly). Second affair we institute out was that UMT can but manage distribution groups and sharefile users which were created past UMT itself.

Using UMT to manage distribution groups without too creating and updating ShareFile users is a non-supported selection for the tool.

Don't worry if you are currently running in à mixed mode were accounts are created by both thé App Controller and UMT. The missing UMT attribute in the ShareFile user account (within the Command Plane) tin be updated afterwards by running a created new user account rule. Existing accounts won't be overwritten or created twice, only the existing account will be updated and will be manageable from UMT later on.

UMT versus AppC Auto Provisioning

So here we have a dilemma, nosotros are using the XenMobile AppController for ShareFile SSON and motorcar provisioning, but in fact we should be using the UMT tool. What will happen with ShareFile SSON within XenMobile if were are switching over to UMT? This raises some challenges, how where we going to manage this enterprise account?

Disable AppC Auto Provisioning

ShareFile Support informed us of a non official workaround which would disable the XenMobile Appcontroller auto provisioning.

1. Create a ShareFile user account with express permission. The required admin priviliges are "Modify account-broad policies" and "Configure unmarried sign-on settings
2. Within the AppController create a Roles, for example "APP-XAM-ShareFile" and add the AD Group containing all ShareFile users.
   
   
   
3. Inside the AppController on the Apps & Docs tab configure ShareFile. Assign the previously created ShareFile user and Part.
   
4. Bank check the SSON url within the ShareFile control plane, update ShareFile settings in the AppController causes SSON url reset !
   

The mode the App Controller is designed, AppC will still effort to provision the users in ShareFile. Checking at the backend logs from the AppC database, information technology can be seen that the AppC is under the impression that it has successfully provisioned the users in SF and go a success condition. Notwithstanding, because of the way the PseudoSuperUser permissions are configured, information technology actually fails at the ShareFile end based on user permissions. This achieves the purpose of stopping provisioning.

Exist enlightened updating the ShareFile configuration in the AppController will reset the Login URL on the control aeroplane!

If user are non able to logon through SAML and receives a fault message "ShareFile SAML is no longer accessible to you" cheque the users group membership assigned in bullet three.

Update Mirror Listing

Independently of the tool used to provision new ShareFile users, u are dependent of mirror list to go updated by the ShareFile Control Airplane The mirror listing is updated once a 24-hour interval at 02:00! This schedule can non be adjusted of forced manually. So fifty-fifty though the provisioning of a new ShareFile user can be triggered manually, SAML users won't exist able to logon until 02:00 the adjacent morning. We were told the ShareFile team is working on a global update, which would increment the frequency of the mirror list sync jobs, unfortunately they didn't gave us an ETA

The ShareFile_SAM_SP mirror listing is only update once a day at 02:00 and cannot be forced manually!

At first we configured our ShareFile / XenMobile setup according to Citrix documentation Configure ShareFile Single Sign-On with XenMobile. In this instance we are dependant of the 02:00 Command Plane synchronization which prevents new ShareFile users from using their account right abroad. All the same if y'all forget this and configure information technology exactly as nosotros described in the section "Disable AppS Auto Provisioning" you are not affected by the 02:00 sync! In this example you are only making use of the ShareFile SAML mirror list within the App Controller, which can exist synchronized manually. Provisioning a new ShareFile SAML user can exist done in minutes !

1. Add new agile directory user to corresponding active directory ShareFile group
2. Refresh and Commit changes in UMT (Manually in GUI, or through scheduled chore)
3. Sync ShareFile Configuration in AppController
4. Just to be sure bank check if user exists on ShareFile_SAML mirror listing and user is proficient to get!

For abyss the App Controller mirror list tin be accessed through https:/AppCFQDN:4443/admin/

Make it easy on yourself, don't use the ShareFile_SAML_SP awarding for SSON in a XenMobile / ShareFile setup!

Reconcile-User

Despite a active directory user is member of the correct ShareFile group, and a ShareFile account is provisioned in the Control Plane a user sometimes still isn't able to logon through SAML. Depending of the ShareFIle client being used all kind of weird error letters are existence reported. Subsequently the obvious causes accept been checked which are:

• Does a ShareFile account exists in the Command Plane;
• Has the AD user object a similar email and UPN name;
• Is the AD user member of the correct AD ShareFile security grouping

Virtually likely something is wrong with the "Active Directory" of "ShareFile" mirror list within the App Controller. Logon to the admin console https:/AppCFQDN:4443/admin/ and bank check both mirror lists. Even do everything looks correct, former you need to reconcile the user from both mirror lists to get it working again.

Upload Data

From a user perspective ShareFile did a great jobs to facilitate users with a easy way to drift their data. In our situation the instance was slightly dissimilar, the Information technology department was supposed to drift all existing shared and personal data into ShareFile. After examining the diverse methods we decided the ShareFile Sync for PowerShell would be our all-time option. Unfortunately there is non that many information on this, Helge Klein wrote a nice weblog almost this. Simply challenge with this is the RemoteFolderName which needs to be extracted, binder past binder, not something you would like to manually. Lucky we were able to automate this, which I will hash out later.

RemoteFolderName My Files & Folders

Only similar the 'shared folders' the 'my files and folder' (personal folder) too contains a RemoteFoldersName. You lot will need this RemoteFolderName to upload all personal userdata into ShareFile. The personal folder is beingness created shortly as the users logs on the first fourth dimension, not when the account is beingness provisioned. So therefore, y'all (the migration squad), have to logon with all ShareFile user accounts just to get the personal folder created. To our knowledge there currently is no other option, so again we had to remember of another trick.

The My Files & Folder is created on starting time user admission! Every ShareFile user needs to logon once earlier information can be uploaded

MaxDirSize Netapp

When we started the projection we used a CIFS share hosted on a NetApp. After a while ShareFile suddenly stopped adding new files. Files were being upload to the temp folder, but not moved to the persistentstorage folder anymore, even tho we had plenty of storage available. It took us a while to figure out what was causing the outcome. Fortunately ShareFile support came with the answer it probably had to do with the default MaxDirSize value of the NetApp. Afterwards uploading ShareFile moves all information into i single binder, in our example that binder contained 500.000 + files, which exceeded the maximum default number of files on a NetApp. After nosotros increased this limit nosotros were good to go once again.

The log files were misleading, and first we misinterpreted those.

ERROR in MoveLocalFileToCache \NetAppShare$filesul-api-xxxx to \s3sf-eu-1xx

System.ApplicationException: Failure moving file '\NetAppShare$filesul-api-xxxx' to cache location '\NetAppShare$persistentstoragesf-eu-1xxxx'! —> System.IO.IOException: At that place is non enough infinite on the disk.

No changes to the file system are required since NTFS supports more 4 billion files in one folder. In practice, according to ShareFile support, ane customers had an issue on NTFS because of the 8.3 file names. In that location is an article that provides some recommendations for Windows file servers: http://blogs.technet.com/b/josebda/archive/2012/11/13/windows-server-2012-file-server-tip-disable-eight-3-naming-and-strip-those-short-names-too.aspx . Unfortunately, ShareFile back up do not have much real-life information on that and cannot verify if the change is required/useful. ShareFile back up noticed a operation subtract on Windows Server 2008 with i.5M files, although this acquired no zone corruption.

ShareFile stores all data into one folder called persistentstorage, make certain that information technology can contain (very)many files

Limited Admission

Somewhere during the project nosotros noticed several settings were suddenly grayed out and couldn't be inverse anymore. For example nosotros were not able to change a user'southward default StorageZone. After some investigation we noticed the StorageZones were not healthy, which was normal because the secondary on premise storagezone controller where offline for maintenance. Soon as the Storage Zone were reporting healthy over again, all grayed out fields were editable again

Cheque your StorageZone health status if access to ShareFile administrative settings are limited

Spinning Icon

Afterwards we migrated several users from the public to the on premise storage zone, ShareFile was reporting "File operation in progress" for e'er, even with completely empty accounts.

Later consulting the detailed information, nosotros noticed all migrations seemed to be stuck at 100%. Hit the cancel button stopped "File functioning in progress", merely somehow this didn't felt ok. We contacted ShareFile back up and were told this currently is a know result, for which a solution would be bachelor shortly

FINRA Archiving

ShareFile is FINRA compliant, simply but in case cloud storage is existence used, the cannot be used with on-premise storage. There currently is no fashion for Citrix to enable Archiving since they practise not control the data that is stored in your private zone. Archiving is used for compliance on ShareFile Financial accounts and that selection is non available on this Enterprise business relationship.

Data Backup and Restore

To backup all ShareFile data nosotros daily backup the persistancestorage folder to an offsite location. This fashion nosotros are able to meet the client'due south requirement to restore files seven years back in fourth dimension. Files deleted in ShareFile remain in the persistent storage seven days, earlier actually removed. The file meta data, which exists in the ShareFile command plane is kept for 2 years past Citrix. This tin be a challenge because without the metadata we don't know which file we demand. We asked ShareFile support if we are able to backup the metadata our cocky, or if ShareFile is able to proceed the meta data for at least 7 years, but until now we are still awaiting the answer. More than information regarding ShareFile backups can be found within the eDocs.

http://support.citrix.com/proddocs/topic/sharefile-storagezones-22/sf-storage-centre-recovery.html

http://back up.citrix.com/proddocs/topic/sharefile-storagezones-22/sf-manage-recover.html

Enterprise Ready Toolkit

Going this weblog articles I very oft wrote I would reveal our automated tips and tricks after on, well now that time has come! While discussing our ShareFile challenges with a community member Daniel Nikolic, we realised in that location was a gab between services ShareFile offered out-of-the-box and Enterprise requirements. I'm able to indicate what I would similar, in terms of functionality but unfortunately my programming skills are quite express. Luckily visual studio is a slice of block for Daniel. Daniel has invested a considerable amount of costless time to write a application, which was our lifesaver. With the use of this application, which makes use of the ShareFile API we were able to automate and speed up several challenges nosotros were facing. Our Enterprise Ready Toolkit currently is capable of:

• Automatically logon with all ShareFile accounts, then the personal folder is being created.
• Extract all RemoteFolderNames from shared and personal folders
• Extract all distribution groups
• Extract all shared folders (name / path)
• Automatically add distribution groups to shared folder, with the required authorizations (Excel Sail)
• Automatically add ShareFile account to distribution groups (Excel Sail)
• Automatically change settings like the default storage zone on multiple users, located in several OU's

Nosotros are planning to release this freeware toolkit somewhere effectually our E2EVC 2014 Barcelona ShareFile presentation, presented by Martijn Hulsman and Esther Barthel.

Success Managing director Program

Citrix offers a ShareFile success director program for customers with + thousand users. The purpose of the program is a single point of contact within Citrix ShareFile. Responsible for overseeing all phases of implementation and overall business relationship management. Making use of this program makes your life much easier! Quickstart Program Details

Summary

Despite the technical challenges we faced during this project I really like ShareFile, it certainly increase my ability to access my data from any device, from any place, in a secure way. By using our Enterprise Ready Toolkit upcoming ShareFile migrations will be going much smoother and we'll be able to serve our customers much improve. I do hope several needed features volition be added to upcoming releases of the User Management Tool, so anybody can turn a profit those. Finally I would similar to thank all Citrix ShareFile Support members and Success Managers who accept accompanied us to make this project a success! And practise not forget Daniel Nikolic for the time he invested in the Enterprise Ready Toolkit !

Useful links

I'thou not going into detail on the next subjects, but these articles were very helpful to me

• Custom Login Screen
• ShareFile Support 1-800-441-3453 (United states), (0800) 680-0621 (Great britain)
• support@sharefile.com
• Cognition Base of operations: https://www.sharefile.com/support
• Citrix eDocs: http://support.citrix.com/proddocs/topic/sharefile/sf-landing-page.html
• Tools and Software downloads: http://www.citrix.com/downloads/sharefile/
• ShareFile System Status http://status.sharefile.com/

Versions

At the fourth dimension written these versions were used:

• StorageZone Controller 2.ii.2
• User Management Tool 1.seven.12
• Sync for Windows ii.12.108.i

noonanyoucity.blogspot.com

Source: https://www.rinkspies.com/2014/09/01/citrix-sharefile-lessons-learned-in-real-life/

Share this post