Active Directory File Sharing

White Paper

Give your employees a cloud file sharing solution secured by native active directory and file server access control.

active directory file sharing illustration

Solution Highlights


Gladinet CentreStack provides secure file sharing service that integrates with Active Directory users and existing file server shares. Employees, customers and partners can then easily share files and folders from the existing file server without violating existing security rules and permissions. In addition, secure file sharing can be done in the cloud, without VPN and also the access methods can be extended from traditional PC and Mac to web browsers and mobile devices.

Installable Sync and Share

Gladinet provides a Windows Installer package that creates on-premise private file sharing servers based on Microsoft server technology. It’s easy to install, manage, and scale. Cloud hosted option is available too.

Active Directory Integration

Automatically use existing identities and home shares from Active Directory. Employees can use their existing Active Directory credentials for the file sharing server and their file sharing access control is mirrored after the existing file server access control.

Complete Control

The entire solution can be deployed and managed on-premise, or from private cloud storage to orchestration to clients. For example, the solution can be self-hosted by the business in the Amazon VPC data center and connecting to the business's own active directory and file server shares.

DFS Integration

Leverage DFS, file shares or any other local storage platform. If the file shares are protected by Active Directory, the combined file sharing solution is protected by the same Active Directory.

Online File Server

Provide remote access to files stored behind the firewall using any device without using a VPN or public cloud.

Amazon, Azure, OpenStack Integration

Create a private sync and share solution based on object storage like OpenStack Swift, any S3 compatible, Microsoft Azure and more.

Challenges of Consumer File Sharing


Without providing a secure file sharing service to employees, they may select consumer cloud file sharing solutions like Dropbox. This approach leads to questions like, “Where, exactly, is my data? Who has access to it? What will they do with it?” And these concerns don’t just involve cyber-threats and hackers but competitors, foreign nationals, and even governments.

File Sharing with Active Directory


CentreStack eliminates the common drawbacks of remote file server access and cloud file sharing solutions and provides the best of both worlds – the privacy, security and control of legacy file servers secured by Active Directory, combined with the efficiency and productivity gains of cloud file sharing.

Co-Editing

CentreStack integrates with Office 365 for web-based co-editing and co-authoring.

Large Folders

Use Outlook integration to transfer large folder or files as web links via email.

Link Sharing

Use web links to share files and folders with recipients or to receive files.

Folder Permissions

Define different permissions for folders at different levels of the directory structure.

Secure Data Room

Web based secure data room allows view-only access with download disabled.

User Rights

From internal Active Directory users to external clients and partners, you can define user rights for folder sharing.

Use Cases


Cloud migration may seem increasingly inevitable, making it difficult to manage the tensions between productivity benefits and data privacy threats. But CentreStack offers a solution for thought leaders seeking to simplify the way people work without compromising data privacy.

Whether it's private sharing for on-prem and remote workers, external clients, partners or guest users in general, CentreStack has the flexibility to provide a great solution!

Lab Setup


To show how it is done, we have a lab setup with one Gladinet Cloud Enterprise (CentreStack) Server, One Active Directory Server and One Windows File Server. For demonstration purpose, the Active Directory Server and the File Server can co-exist on the same Windows 2012 server. As shown below, Gladinet Cloud Enterprise is running at “Windows 2012 R2 Gladinet (11)”, which it will have a public IP Address and DNS name. The Active Directory and File Server are running at the “Windows 2012 R2 AD (10)”. This Active Directory server can be behind the second firewall of a DMZ.

The Gladinet Cloud Enterprise is running with GCE version 6.4.1802 as shown below in the copyright section

Active Directory Setup

We will setup two users t2e200@tsys.gladinet.com and t2e201@tsys.gladinet.com

File Server Setup

We will setup 3 network shares. One is for the group share, one is for the t2e200 user’s home directory, and one is for t2e201 user’s home directory.

Group Share

image

As shown below, both t2e200 and t2e201 users are added to the group share.

image

For Share Permission to be imported seamlessly, we also setup share permission.

image

We will also connect the user’s home directory in Active Directory.

image image

Now it is all set. Our goal is to import the Group Share (testshare3) and also user’s home directory when the users are imported to the Gladinet Cloud Enterprise.

Import the Group Share

We can start importing the Group Share from the web portal->Management Console->Collaboration->Team Folder

image

Once the dialog shows up, use the “Convert Existing File Share as Team Folder” option. In the lab setup, we need to make sure the Gladinet Cloud Enterprise server can access the File Server via two different protocols. SMB/CIFS for the file server share and also WMI for importing

image

Use an Active Directory that has enough permission to read the share and also read the share’s permission over WMI.

image

After it is done, check the imported team folder’s property.

image

You can see t2e200 and t2e201 users are all imported. So the imported Team Folder gets the same set of users that are assigned to the network share’s share permission.

image

Check the user manager, you can see that the users are imported as well.

image

Now, Login as the AD User t2e200

As you can see here, the user’s home directory and the user’s group share are all showing up.

image

and on mobile device as well.

image

 

Summary

We turned a normal Windows File Server network share into a Gladinet Cloud Enterprise Group Share Team Folder. After that, users can collaboration over different kind of devices over the Internet. Here is the video for the Group Share with Active Directory:

YouTube Video


Benefits


CentreStack eliminates the common drawbacks of traditional file server access and cloud collaboration/folder sharing solutions.

Guarantee Data Privacy

Businesses can address data privacy concerns by using CentreStack to provide access to internal file servers. It’s common to talk about replacing existing file servers with cloud solutions to reduce costs and administrative overhead, and CentreStack can facilitate that in any private cloud, but CentreStack offers the unique option of using existing file servers to replace cloud file sharing!

Mobile Access to File Servers

Simplify remote access to file shares with familiar interfaces on any computer or device. Windows and Mac desktops display natively mapped drives in Explorer and Finder. That same experience is presented on iOS and Android devices like iPads, iPhones and Pixels or can be viewed from popular web browsers like Chrome, Firefox, and Internet Explorer.

Simplify Collaboration

Easily collaborate with business partners by providing them with access to a limited set of internal files or folders. Share files with non-AD users while maintaining administrative controls. Simplify multi-site collaboration with automatic version controls and file locking.

Reduce Costs with a Simple VPN Alternative

Eliminate the overhead and support tickets commonly associated with VPN file sharing, Always On VPN or Direct Access. Automatically use existing users and permissions to save setup time and money.

Simplify Management

Centrally manage users, access controls, and storage for each tenant. Easily keep track of where the data is, who has access and how it’s being shared.

Centrally Manage Granular Folder Permissions

For complete control and visibility, permissions can be managed from the file server that was their source, or natively with CentreStack.

Maintain Compliance

Centrally manage users, access controls, and storage for each tenant. Admins can perform audits of GDPR and HIPAA compliance or keep track of any changes that have been made to individual files.

Increase Productivity

Provide an always-on mapped drive that works anywhere on any device and allows mobile users to easily access internal file shares or cloud file servers

Enhance Data Security

Files are secured at rest and in transit with military grade encryption, secure connections and more. Automatically use existing users and permissions to save setup time and money.

On-Demand Synchronization

Mapped drives display directory structure but delay downloads until a file is used to reduce bandwidth usage and endpoint storage consumption.

White Labeled File Sharing Solution

CentreStack provides a white labeled platform that makes it easy for MSP partners to build a private cloud file server solution based on infrastructure from Amazon, Azure or Wasabi.

On-Premises Alternative to Dropbox and SharePoint

CentreStack has the flexibility to provide an on-premises alternative to Dropbox and SharePoint using existing file servers.