Novell iFolder 3.x Administration Guide
Novell
®
iFolder
novdocx (ENU) 01 February 2006
3.x
August 15, 2006
www.novell.com
ADMINISTRATION GUIDE
Legal Notices
Novell, Inc., makes no representations or warranties with respect to the contents or use of this documentation, and
specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose.
Further, Novell, Inc., reserves the right to revise this publication and to make changes to its content, at any time,
without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc., makes no representations or warranties with respect to any software, and specifically disclaims
any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc.,
reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to
notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the
trade laws of other countries. You agree to comply with all export control regulations and to obtain any required
licenses or classification to export, re-export, or import deliverables. You agree not to export or re-export to entities
on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export
laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses.
Please refer to www.novell.com/info/exports/ for more information on exporting Novell software. Novell assumes no
responsibility for your failure to obtain any necessary export approvals.
Copyright © 2005-2006 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied,
stored on a retrieval system, or transmitted without the express written consent of the publisher.
novdocx (ENU) 01 February 2006
Novell, Inc., has intellectual property rights relating to technology embodied in the product that is described in this
document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S.
patents listed at http://www.novell.com/company/legal/patents/ and one or more additional patents or pending patent
applications in the U.S. and in other countries.
Novell, Inc.
404 Wyman Street, Suite 500
Waltham, MA 02451
U.S.A.
www.novell.com
Online Documentation: To access the online documentation for this and other Novell products, and to get
updates, see www.novell.com/documentation.
Novell Trademarks
For a list of Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/
legal/trademarks/tmlist.html).
Third-Party Materials
All third-party trademarks are the property of their respective owners.
novdocx (ENU) 01 February 2006
novdocx (ENU) 01 February 2006
Contents
About This Guide 11
1 Overview of Novell iFolder 3.x 13
1.1 Benefits of iFolder for the Enterprise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
1.1.1 Seamless Data Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
1.1.2 Data Safeguards and Data Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
1.1.3 Reliable Data Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
1.1.4 Productive Mobile Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.1.5 Cross-Platform Client Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.1.6 Scalable Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.1.7 Simple Data and Account Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.1.8 No Training Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.2 Benefits of iFolder for Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.3 Enterprise Server Sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
1.4 Key Components of iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
1.4.1 iFolder Enterprise Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
1.4.2 Novell iFolder 3 Plug-in to Novell iManager 2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.4.3 iFolder Web Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.4.4 The iFolder Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.4.5 Shared iFolders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.4.6 iFolder Access Rights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.4.7 Account Setup for Enterprise Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
1.4.8 Access Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
1.4.9 File Synchronization and Data Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
1.4.10 Synchronization Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
1.4.11 iFolder Client APIs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
1.5 What’s Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
novdocx (ENU) 01 February 2006
2What’s New 21
2.1 What’s New in Novell iFolder 3.2 (OES SP2 Linux). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.2 What’s New in Novell iFolder 3.1 (OES SP1 Linux). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.3 What’s New in Novell iFolder 3.0 (OES Linux) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.4 Comparison of 2.1x and 3.x Server Features and Capabilities . . . . . . . . . . . . . . . . . . . . . . . . 22
2.5 Comparison of 2.1x and 3.x Client Features and Capabilities. . . . . . . . . . . . . . . . . . . . . . . . . 25
2.6 Comparison of 2.1x and 3.x Web Access Features and Capabilities . . . . . . . . . . . . . . . . . . . 28
3 Planning iFolder Services 31
3.1 Security Considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3.2 Server Workload Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3.3 Naming Conventions for Usernames and Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
3.4 Admin User Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
3.5 iFolder User Account Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
3.5.1 Preventing the Propagation of Viruses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
3.5.2 Provisioning User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
3.5.3 Setting Account Quotas. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
3.6 iFolders Data and Synchronization Considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
3.6.1 Naming Conventions for an iFolder and Its Folders and Files. . . . . . . . . . . . . . . . . . 36
5
3.6.2 Guidelines for File Types and Sizes to Be Synchronized . . . . . . . . . . . . . . . . . . . . . 36
3.7 Management Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
3.7.1 iFolder Configuration Plug-Ins for YaST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
3.7.2 Novell iFolder 3 Plug-In for Novell iManager 2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
3.7.3 Web Access Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
4 Coexistence and Migration Issues 41
4.1 Coexistence of iFolder 3.x and 2.1x Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
4.2 Coexistence of the iFolder Client with Novell iFolder 1.x and 2.x Clients. . . . . . . . . . . . . . . . . 42
4.3 Migrating from iFolder 2.1x to 3.x Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
4.4 Migrating User Files from an iFolder 2.1x to a 3.x Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
5 Prerequisites and Guidelines 45
5.1 File System. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
5.2 Enterprise Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
5.2.1 Prerequisites for the Operating System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
5.2.2 Install Guidelines When Using an NSS Volume to Store iFolder Data . . . . . . . . . . . 46
5.2.3 Install Guidelines When Using a Linux Traditional Volume to Store iFolder Data . . . 47
5.2.4 Install Guidelines for Other Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
5.2.5 Installing the OES Linux Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
5.3 Novell eDirectory 8.7.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
5.4 Novell iManager 2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
5.5 Mono. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
5.6 Client Computers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
5.7 Web Browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
novdocx (ENU) 01 February 2006
6 Installing and Configuring iFolder Services 51
6.1 Installing iFolder on an Existing OES Linux Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
6.2 Configuring the iFolder Enterprise Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
6.3 Configuring the iFolder Web Access Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
6.4 Installing the Novell iFolder 3 Plug-In for iManager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
6.4.1 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
6.4.2 Installing a Plug-In When RBS Is Not Configured . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
6.4.3 Installing a Plug-In When RBS Is Configured . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
6.5 Accessing iManager and the Novell iFolder 3 Plug-In . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
6.6 Provisioning Users and iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
6.6.1 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
6.6.2 Configuring the Search DNs for Provisioning Users . . . . . . . . . . . . . . . . . . . . . . . . . 61
6.6.3 Synchronizing the List of Provisioned Users with the LDAP Directory. . . . . . . . . . . . 62
6.7 Distributing the iFolder Client to Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
6.7.1 Configuring the iFolder 3.x Welcome Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
6.7.2 Accessing the iFolder 3.x Welcome Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
6.7.3 Downloading the iFolder Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
6.7.4 Installing the iFolder Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
6.8 Updating Novell iFolder 3.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
6.9 Updating Mono for the Server and Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
6.10 Uninstalling the iFolder 3.x Enterprise Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
6.11 What’s Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
7 Managing an iFolder Enterprise Server 67
7.1 Starting iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
6 Novell iFolder 3.x Administration Guide
7.2 Stopping iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
7.3 Restarting iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
7.4 Managing the Simias Log and Simias Access Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
7.5 Backing Up the iFolder Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
7.6 Backing Up the iFolder Store with the TSAIF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
7.6.1 Understanding TSAIF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
7.6.2 Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
7.6.3 iFolder Path Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
7.6.4 iFolder Path Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
7.6.5 SMSConfig Options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
7.6.6 TSAIF and SMSConfig Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
7.6.7 NBackup Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
7.6.8 TSAIF and NBackup Examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
7.6.9 Additional Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
7.7 Recovering from a Catastrophic Loss of the iFolder Server . . . . . . . . . . . . . . . . . . . . . . . . . . 77
7.8 Recovering Individual Files or Directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
7.9 Moving iFolder Data from One iFolder Server to Another . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
8 Managing iFolder Services 81
8.1 Accessing the Novell iFolder 3 Plug-In for iManager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
8.2 Connecting to the iFolder Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
8.3 Viewing General System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
8.4 Configuring the LDAP Settings for an iFolder Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
8.4.1 Viewing the Current LDAP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
8.4.2 Modifying the iFolder LDAP Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
8.4.3 What to Do If the iFolder Admin User Is Deleted from LDAP . . . . . . . . . . . . . . . . . . 88
8.4.4 Securing Access to the iFolder Proxy User Password . . . . . . . . . . . . . . . . . . . . . . . 88
8.4.5 Modifying the iFolder Proxy User Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
8.4.6 Synchronizing the iFolder User List with the LDAP Server . . . . . . . . . . . . . . . . . . . . 89
8.5 Configuring System Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
8.5.1 Viewing the Current System Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
8.5.2 Modifying iFolder System Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
8.6 Configuring iFolder Administrators. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
8.6.1 Understanding the iFolder Admin User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
8.6.2 Adding the iFolder Admin Right for a User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
8.6.3 Removing the iFolder Admin Right for a User. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
8.7 Securing Enterprise Server Communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
8.7.1 Using SSL for Secure Communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
8.7.2 Configuring the SSL Cipher Suites for the Apache Server . . . . . . . . . . . . . . . . . . . . 95
8.7.3 Configuring the Enterprise Server for SSL Communications with the LDAP Server . 95
8.7.4 Configuring the Enterprise Server for SSL Communications with the iFolder Client. 96
8.7.5 Configuring the Enterprise Server for SSL Communications with the Web Access
Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
8.7.6 Configuring an SSL Certificate for the Enterprise Server . . . . . . . . . . . . . . . . . . . . . 96
novdocx (ENU) 01 February 2006
9 Managing an iFolder Web Access Server 97
9.1 Starting iFolder Web Access Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
9.2 Stopping iFolder Web Access Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
9.3 Distributing the Web Access Server URL to Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
9.4 Configuring the HTTP Runtime Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
9.5 Securing Web Access Server Communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
9.5.1 Using SSL for Secure Communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
9.5.2 Configuring the SSL Cipher Suites for the Apache Server . . . . . . . . . . . . . . . . . . . . 99
7
9.5.3 Configuring the Web Access Server for SSL Communications with the Enterprise
Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
9.5.4 Configuring the Web Access Server for SSL Communications with Web Browsers 101
9.5.5 Configuring an SSL Certificate for the Web Access Server . . . . . . . . . . . . . . . . . . . 101
10 Managing iFolder Users 103
10.1 Provisioning Users for iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
10.2 Searching for a User Account. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
10.3 Viewing General User Account Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
10.4 Configuring User Account Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
10.4.1 Viewing the Current User Account Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
10.4.2 Modifying User Account Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
10.5 Enabling and Disabling iFolder User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
10.6 Setting a User Account Quota . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
11 Managing iFolders 109
11.1 Creating an iFolder for a User’s Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
11.1.1 Creating an iFolder from the iFolders Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
11.1.2 Creating an iFolder from the User Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
11.2 Searching for an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
11.3 Viewing Information about an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
11.4 Configuring Policies for an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
11.5 Sharing an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
11.5.1 Adding a Member. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
11.5.2 Setting the iFolder Access Right for a Member . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
11.5.3 Removing a Member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
11.6 Deleting an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
11.7 Transferring Ownership of an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
11.8 Enabling and Disabling Synchronization for an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
11.9 Managing Orphaned iFolders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
novdocx (ENU) 01 February 2006
A Configuration Files 117
A.1 Simias.config File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
A.2 Web.config File for the Enterprise Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
A.3 Web.config File for the Web Access Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
B Clustering iFolder 3.x Servers with Novell Cluster Services for Linux 125
B.1 Prerequisites for Clustering iFolder 3.x Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
B.2 Installing Novell Cluster Services for Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
B.3 Configuring iFolder 3.x Services on an NCS for Linux Cluster . . . . . . . . . . . . . . . . . . . . . . . . 126
B.4 Creating the iFolder 3.x Cluster Resource . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
B.5 Managing the iFolder 3.x Cluster Resource . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
B.6 Sample Load Scripts for iFolder 3.x Clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
B.6.1 Linux Traditional File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
B.6.2 NSS File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
B.7 Sample Unload Scripts for iFolder 3.x Clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
B.7.1 Linux Traditional File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
B.7.2 NSS File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
B.7.3 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
8 Novell iFolder 3.x Administration Guide
C Managing SSL Certificates for Apache 133
C.1 Generating an SSL Certificate for the Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
C.2 Generating a Self-Signed SSL Certificate for Testing Purposes . . . . . . . . . . . . . . . . . . . . . . 134
C.3 Configuring Apache to Point to an SSL Certificate on an iFolder Server. . . . . . . . . . . . . . . . 135
C.4 Configuring Apache to Point to an SSL Certificate on a Shared Volume for an iFolder
Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
D Product History of iFolder 3 137
D.1 Version History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
D.2 Network Operating Systems Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
D.3 Directory Services Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
D.4 Workstation Operating Systems Support for the iFolder Client . . . . . . . . . . . . . . . . . . . . . . . 138
D.5 Web Server Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
D.6 iFolder User Access Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
D.7 Management Tools Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
E Documentation Updates 141
novdocx (ENU) 01 February 2006
E.1 August 15, 2006. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
E.1.1 Installing and Configuring iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
E.1.2 Managing an iFolder Enterprise Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
E.1.3 Managing iFolders. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
E.1.4 Clustering iFolder 3.x Servers with Novell Cluster Services for Linux. . . . . . . . . . . 142
E.1.5 Managing the SSL Certificate for the Apache Web Server . . . . . . . . . . . . . . . . . . . 143
E.1.6 Product History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
E.2 May 24, 2006 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
E.2.1 Prerequisites and Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
E.3 December 23, 2005 (Novell iFolder 3.2 for OES SP2 Linux). . . . . . . . . . . . . . . . . . . . . . . . . 143
E.3.1 What’s New . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
E.3.2 Planning iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
E.3.3 Installing and Configuring iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
E.3.4 Managing iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
E.3.5 Managing iFolder Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
E.3.6 Managing iFolders. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
E.3.7 Product History of iFolder 3.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
E.4 August 19, 2005 (Novell iFolder 3.1 for OES SP1 Linux) . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
E.4.1 What’s New . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
E.4.2 Coexistence and Migration Issues for Novell iFolder 3.x. . . . . . . . . . . . . . . . . . . . . 146
E.4.3 Planning iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
E.4.4 Prerequisites and Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
E.4.5 Installing and Configuring iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
E.4.6 Managing an iFolder Enterprise Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
E.4.7 Managing iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
E.4.8 Clustering iFolder 3.x with Novell Cluster Services for Linux . . . . . . . . . . . . . . . . . 147
E.4.9 Managing SSL Certificates for Apache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
E.4.10 Product History of iFolder 3.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
9
novdocx (ENU) 01 February 2006
10 Novell iFolder 3.x Administration Guide
About This Guide
novdocx (ENU) 01 February 2006
This guide describes how to install, configure, and manage the Novell® iFolder® 3.x enterprise
server, the iFolder 3.x Web Access server, and the iFolder
following sections:
• Chapter 1, “Overview of Novell iFolder 3.x,” on page 13
• Chapter 2, “What’s New,” on page 21
• Chapter 3, “Planning iFolder Services,” on page 31
• Chapter 4, “Coexistence and Migration Issues,” on page 41
• Chapter 5, “Prerequisites and Guidelines,” on page 45
• Chapter 6, “Installing and Configuring iFolder Services,” on page 51
• Chapter 7, “Managing an iFolder Enterprise Server,” on page 67
• Chapter 8, “Managing iFolder Services,” on page 81
• Chapter 9, “Managing an iFolder Web Access Server,” on page 97
• Chapter 10, “Managing iFolder Users,” on page 103
• Chapter 11, “Managing iFolders,” on page 109
• Appendix A, “Configuration Files,” on page 117
• Appendix B, “Clustering iFolder 3.x Servers with Novell Cluster Services for Linux,” on
page 125
• Appendix C, “Managing SSL Certificates for Apache,” on page 133
TM
Client. This guide is divided into the
• Appendix D, “Product History of iFolder 3,” on page 137
• Appendix E, “Documentation Updates,” on page 141
Audience
This guide is intended for system administrators.
Feedback
We want to hear your comments and suggestions about this manual and the other documentation
included with this product. Please use the User Comment feature at the bottom of each page of the
online documentation, or go to www.novell.com/documentation/feedback.html and enter your
comments there.
Documentation Updates
For the most recent version of the Novell iFolder 3.x Administration Guide, visit the Novell iFolder
3.x documentation Web site (http://www.novell.com/documentation/ifolder3/index.html).
For emerging issues with Novell iFolder 3.x and the iFolder client, see the Novell iFolder 3.x
Readme (http://www.novell.com/documentation/ifolder3/readme/data/readme.html).
11
Additional Documentation
For information, see the following:
• Novell iFolder 3.x Security Administrator Guide (http://www.novell.com/documentation/
ifolder3/security/data/front.html)
• iFolder User Guide for Novell iFolder 3.x (http://www.novell.com/documentation/ifolder3/
user/data/front.html).
• Novell iFolder 3.x documentation (http://www.novell.com/documentation/ifolder3/index.html)
• Novell Open Enterprise Server product site (http://www.novell.com/products/
openenterpriseserver)
• Novell Open Enterprise Server documentation (http://www.novell.com/documentation/oes/
index.html)
• Novell eDirectory
TM
8.7.3 documentation (http://www.novell.com/documentation/edir873/
treetitl.html)
• Novell iManager 2.5 documentation (http://www.novell.com/documentation/imanager25/
treetitl.html)
• Novell Linux Desktop 9 product site (http://www.novell.com/products/desktop/)
• Novell Linux Desktop 9 documentation (http://www.novell.com/documentation/nld/
treetitl.html)
• Novell Technical Support (http://www.novell.com/support)
novdocx (ENU) 01 February 2006
Documentation Conventions
In Novell documentation, a greater-than symbol (>) is used to separate actions within a step and
items in a cross-reference path.
A trademark symbol (
®
, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party
trademark.
When a single pathname can be written with a backslash for some platforms or a forward slash for
other platforms, the pathname is presented with a backslash. Users of platforms that require a
forward slash, such as Linux* or UNIX*, should use forward slashes as required by your software.
12 Novell iFolder 3.x Administration Guide
1
Overview of Novell iFolder 3.x
Novell® iFolder® 3.x is the next generation of iFolder, supporting multiple iFolders per user, usercontrolled sharing, and a centralized network server for file storage and secure distribution. With
iFolder, users’ local files automatically follow them everywhere—online, offline, all the time—
across computers. Users can share files in multiple iFolders, and share each iFolder with a different
group of users. Users control who can participate in an iFolder and their access rights to the files in
it. Users can also participate in iFolders that others share with them.
This section familiarizes you with the various benefits and features of iFolder and its main
components:
• Section 1.1, “Benefits of iFolder for the Enterprise,” on page 13
• Section 1.2, “Benefits of iFolder for Users,” on page 15
• Section 1.3, “Enterprise Server Sharing,” on page 17
• Section 1.4, “Key Components of iFolder,” on page 17
• Section 1.5, “What’s Next,” on page 20
novdocx (ENU) 01 February 2006
1
1.1 Benefits of iFolder for the Enterprise
Benefits of iFolder to the enterprise include the following:
• “Seamless Data Access” on page 13
• “Data Safeguards and Data Recovery” on page 14
• “Reliable Data Security” on page 14
• “Productive Mobile Users” on page 15
• “Cross-Platform Client Support” on page 15
• “Simple Data and Account Management” on page 15
• “No Training Requirements” on page 15
1.1.1 Seamless Data Access
Novell iFolder greatly simplifies the IT department’s ability to keep users productive. It empowers
users by enabling their data to follow them wherever they go.
The days of users e-mailing themselves project files so they can work on them from home are gone,
along with the frustration associated with sorting through different versions of the same file on
different machines. iFolder stores and synchronizes users’ work in such a way that no matter what
client or what location they log in from, their files are available and in the condition that they expect
Overview of Novell iFolder 3.x
13
them to be. Users can access the most up-to-date version of their documents from any computer
using the iFolder client or Web access.
Figure 1-1 Novell iFolder 3.x Access Methods
Access Methods Authentication/File Encryption iFolder 3.x Services
HTTPS
iFolder Client
for Novell Linux Desktop
novdocx (ENU) 01 February 2006
iFolder Client
for Macintosh OS X 10.3x
iFolder Client
for Windows 2000/XP
iFolder 3.x Web Access
via a Web browser
HTTPS
HTTPS
HTTPS
Sync
Upload or Download
eDirectory LDAP
server on the
same or different
OES server
eDirectory
LDAP server
iFolder 3.x
Enterprise servers
HTTPS
OES Linux
server
iFolder 3.x Web Access
server on the same
or different OES server
1.1.2 Data Safeguards and Data Recovery
With Novell iFolder, data stored on the server can be easily safeguarded from system crashes and
disasters that can result in data loss. When a user saves a file locally, the iFolder client can
automatically update the data on the iFolder server, where it immediately becomes available for an
organization’s regular network backup operations. iFolder makes it easier for IT managers to ensure
that all of an organization’s critical data is protected.
1.1.3 Reliable Data Security
With Novell iFolder, LDAP-based authentication for access to stored data helps prevent
unauthorized network access.
14 Novell iFolder 3.x Administration Guide
1.1.4 Productive Mobile Users
A Novell iFolder solution makes it significantly easier to support mobile users. VPN connections
are no longer needed to deliver secure data access to mobile users. Authentication and data transfer
use Secure Sockets Layer (SSL) technology to protect data on the wire.
Users do not need to learn or perform any special procedures to access their files when working
from home or on the road. iFolder does away with version inconsistency, making it simple for users
to access the most up-to-date version of their documents from any connected desktop, laptop, Web
browser, or handheld device.
In preparation to travel or work from home, users no longer need to copy essential data to their
laptops from various desktop and network locations. The iFolder client can automatically update a
user’s local computer with the most current file versions. Even when a personal computer is not
available, users can access all their files via Web access with any computer connected to the
Internet.
1.1.5 Cross-Platform Client Support
novdocx (ENU) 01 February 2006
The iFolder client is available for Linux, Windows*, and Macintosh* desktops. The Novell iFolder
3.x Web Access server provides a Web interface that allows users to access their files on the
enterprise server with a Web browser from any computer with an active network or Internet
connection.
1.1.6 Scalable Deployment
iFolder easily scales from small to large environments. You can install iFolder on multiple servers,
allowing your iFolder environment to grow with your business. A single iFolder enterprise server
handles up to about 1,000 user accounts, depending on the amount of memory and storage available.
Users in an LDAP context can be concurrently provisioned for iFolder services simply by assigning
the context to an iFolder server.
1.1.7 Simple Data and Account Management
Management of all iFolder enterprise servers is centralized through the Novell iFolder 3 plug-in to
Novell iManager 2.5. Novell iFolder allows management from any location, using a standard Web
browser. iFolder also frees IT departments from routine maintenance tasks by providing secure,
automatic synchronization of local files to the server.
1.1.8 No Training Requirements
IT personnel no longer need to condition or train users to perform special tasks to ensure the
consistency of data stored locally and on the network. With Novell iFolder, users simply store their
files in the local iFolder directory. Their files are automatically updated to the iFolder server and any
other workstations that share the iFolder. iFolder works seamlessly behind the scenes to ensure that
data is protected and synchronized.
1.2 Benefits of iFolder for Users
Typically, when users work in multiple locations or in collaboration with others, they must
conscientiously manage file versions. With iFolder, the most recent version of a user’s files can
Overview of Novell iFolder 3.x 15
follow the user to any computer where the iFolder client is installed and a shared iFolder is set up.
iFolder also allows users to share multiple iFolders and their separate content with other users of the
iFolder system. Users decide who participates in each shared iFolder and their level of access.
Similarly, users can participate in shared iFolders that are owned by others in the collaboration
environment.
In the following example, Ulrik owns an iFolder named Denmark and shares it via his iFolder
enterprise account with Nigel, Luc, and Alice. Nigel travels frequently, so he also set up the iFolder
on his laptop. Any iFolder member can upload and download files from the Denmark iFolder from
anywhere, using the iFolder Web Access server. In addition, Alice shares a non-work iFolder named
Scooters with her friend Ulrik.
Figure 1-2 Collaboration and Sharing with iFolder
novdocx (ENU) 01 February 2006
Nigel's Desktop
Denmark
Liverpool
MyDocs
Luc's Desktop
Denmark
HR
Mtn Biking
* iFolder Owner
iFolder 3.x
Enterprise Server
Alice's Desktop
Denmark
Scooters*
Utah
Storage
iFolder 3.x
Web Access
Server
Ulrik's Desktop
Denmark*
Scooters
MyStuff
Internet
* iFolder Owner
Nigel's Laptop
Denmark
TeamOne
Customers
Kiosk
iFolder 3.
Web Access
x
With an enterprise server, the iFolders are stored centrally for all iFolder members. The iFolder
server synchronizes the most recent version of documents to all authorized users of the shared
iFolder. All that the iFolder owner and iFolder members need is an active network connection and
the iFolder client.
Novell iFolder provides the following benefits:
• Guards against local data loss by automatically backing up local files to the iFolder server and
multiple workstations
• Transparently updates a user’s iFolder files to the iFolder enterprise server and multiple
member workstations with the iFolder client
• Tracks and logs changes made to iFolder files while users work offline, and synchronizes those
changes when they go online
• Provides access to user files on the iFolder server from any workstation without the iFolder
client, using a Web browser and an active Internet or network connection
• With SSL encryption enabled, protects data as it travels across the wire
• Makes files on the iFolder server available for regularly scheduled data backup
16 Novell iFolder 3.x Administration Guide
For more information, see “Benefits of iFolder” in the iFolder User Guide for Novell iFolder 3.2.
1.3 Enterprise Server Sharing
The iFolder client included in this release supports synchronization across multiple computers
through a central Novell iFolder 3.x enterprise server.
• Users can share files across computers.
• Users can share files with others.
• Each user can own multiple iFolders.
• Each user can participate in multiple iFolders owned by other users.
• Files can be synchronized via the central server at any time and with improved availability,
reliability, and performance.
• Data is transferred securely over the wire using SSL connections.
• Users are autoprovisioned for iFolder services based on their assignment to administratorspecified LDAP containers and groups.
• A list of iFolder users is synchronized at regular intervals with the LDAP directory services.
• Local files are automatically backed up to the server at regular intervals and on demand.
novdocx (ENU) 01 February 2006
• iFolder data on the server can be backed up to backup media and restored.
• Administrators can manage the iFolder system, user accounts, and user iFolders using the
Novell iFolder 3 plug-in to iManager.
1.4 Key Components of iFolder
• Section 1.4.1, “iFolder Enterprise Server,” on page 17
• Section 1.4.2, “Novell iFolder 3 Plug-in to Novell iManager 2.5,” on page 18
• Section 1.4.3, “iFolder Web Access,” on page 18
• Section 1.4.4, “The iFolder Client,” on page 18
• Section 1.4.5, “Shared iFolders,” on page 18
• Section 1.4.6, “iFolder Access Rights,” on page 18
• Section 1.4.7, “Account Setup for Enterprise Servers,” on page 19
• Section 1.4.8, “Access Authentication,” on page 19
• Section 1.4.9, “File Synchronization and Data Management,” on page 19
• Section 1.4.10, “Synchronization Log,” on page 19
• Section 1.4.11, “iFolder Client APIs,” on page 20
1.4.1 iFolder Enterprise Server
The iFolder enterprise server is a central repository for storing iFolders and synchronizing files for
enterprise users.
Overview of Novell iFolder 3.x 17
1.4.2 Novell iFolder 3 Plug-in to Novell iManager 2.5
The Novell iFolder 3 plug-in to Novell iManager 2.5 is an administrative tool used to manage the
iFolder system, user accounts, and user iFolders and data.
1.4.3 iFolder Web Access
The iFolder 3.x Web Access server provides an interface to allow users remote access to iFolders on
the enterprise server.
For information about using Web Access, see “Using Novell iFolder 3.x Web Access” in the iFolder
User Guide for Novell iFolder 3.2.
1.4.4 The iFolder Client
The iFolder client integrates with the user’s operating system to provide iFolder services in a native
desktop environment. It supports the following client operating systems:
• Novell Linux Desktop 9
• Windows 2000/XP
novdocx (ENU) 01 February 2006
• Macintosh OS X v10.3 or later
An iFolder session begins when the user logs in to an iFolder services account and ends when the
user logs out of the account or exits the iFolder client. The iFolders synchronize files with the
enterprise server only when a session is active and the computer has an active connection to the
network or Internet. Users can access data in their local iFolders at any time; it does not matter if
they are logged in to their server accounts or if they are connected to the network or Internet.
The iFolder client allows users to create and manage their iFolders. For information, see the iFolder
User Guide for Novell iFolder 3.2.
1.4.5 Shared iFolders
An iFolder is a local directory that the user selectively shares with other users in a collaboration
environment. The iFolder files are accessible to all members of the iFolder and can be changed by
those with the rights to do so. Users can share iFolders across multiple workstations and with others.
Because the iFolder client is integrated into the operating environment, users can work with iFolders
directly in a file manager or in the My iFolders window. Within the iFolder, users can set up any
subdirectory structure that suits their personal or corporate work habits. The subdirectory structure is
constant across all member iFolders. Each workstation can specify a different parent directory for
the shared iFolder.
1.4.6 iFolder Access Rights
The iFolder client provides four levels of access for members of an iFolder:
•Owner: Only one user serves as the owner. This is typically the user who created the iFolder.
The owner or an iFolder administrator can transfer ownership status from the owner to another
user.
18 Novell iFolder 3.x Administration Guide
The owner of an iFolder has the Full Control right. This user has read/write access to the
iFolder, manages membership and access rights for member users, and can remove the Full
Control right for any member. With an enterprise server, the disk space used by the owner’s
iFolders count against the owner’s user disk quotas on the enterprise server.
If a user is deleted as a user for the iFolder system, the iFolders owned by the user are
orphaned. Orphaned iFolders are assigned temporarily to the iFolder Admin user, who becomes
the owner of the iFolder. Membership and synchronization continues while the iFolder Admin
user determines whether an orphaned iFolder should be deleted or assigned to a new owner.
• Full Control: A member of the shared iFolder, with the Full Control access right. The user
with the Full Control right has read/write access to the iFolder and manages membership and
access rights for all users except the owner.
•Read/Write: A member of the shared iFolder, with the Read/Write access right to directories
and files in the iFolder.
•Read Only: A member of the shared iFolder, with the Read Only access right to directories
and files in the iFolder. This member can copy an iFolder file to another location and modify it
outside the iFolder.
When used with an enterprise server account, the server hosts every iFolder created for that account.
Users create an iFolder and the enterprise server makes it available to the specified list of users. A
user can have a separate account on each enterprise server. A user’s level of membership in each
shared iFolder can differ.
novdocx (ENU) 01 February 2006
1.4.7 Account Setup for Enterprise Servers
The iFolder client allows you to set up multiple accounts, with one each allowed per enterprise
server. Users specify the server address, username, and password to uniquely identify an account.
On his or her computer, a user sets up accounts while logged in as the local identity he or she plans
to use to access that account and its iFolders. Under the local login, the user can set up multiple
iFolder accounts, but each account must belong to a different iFolder enterprise server.
1.4.8 Access Authentication
Whenever iFolder connects to an enterprise server to synchronize files, it connects with HTTP
BASIC and SSL connections to the server, and the server authenticates the user against the LDAP
directory service.
1.4.9 File Synchronization and Data Management
When you set up an iFolder account, you can enable Remember Password so that iFolder can
synchronize iFolder invitations and files in the background as you work. The iFolder client runs
automatically each time you log in to your computer’s desktop environment. The session runs in the
background as you work with files in your local iFolders, tracking and logging any changes you
make. With an enterprise server, you can synchronize the files at specified intervals or on demand.
1.4.10 Synchronization Log
The log displays a log of your iFolder background activity.
Overview of Novell iFolder 3.x 19
1.4.11 iFolder Client APIs
As part of the iFolder project, APIs are available for the client. For iFolder Client developer
documentation, see the iFolder Software Developers Kit (http://forge.novell.com/modules/xfmod/
docman/?group_id=1372).
1.5 What’s Next
Before you install iFolder, review the following sections:
• “What’s New” on page 21
• “Planning iFolder Services” on page 31
• “Coexistence and Migration Issues” on page 41
• “Prerequisites and Guidelines” on page 45
When you are done, install and configure your iFolder enterprise server and Web Access server. For
information, see “Installing and Configuring iFolder Services” on page 51.
novdocx (ENU) 01 February 2006
20 Novell iFolder 3.x Administration Guide
2
What’s New
Novell® iFolder® 3.x and the iFolderTM client offer many new capabilities as compared to Novell
Novell iFolder 2.1x. This section discusses the following:
• Section 2.1, “What’s New in Novell iFolder 3.2 (OES SP2 Linux),” on page 21
• Section 2.2, “What’s New in Novell iFolder 3.1 (OES SP1 Linux),” on page 21
• Section 2.3, “What’s New in Novell iFolder 3.0 (OES Linux),” on page 21
• Section 2.4, “Comparison of 2.1x and 3.x Server Features and Capabilities,” on page 22
• Section 2.5, “Comparison of 2.1x and 3.x Client Features and Capabilities,” on page 25
• Section 2.6, “Comparison of 2.1x and 3.x Web Access Features and Capabilities,” on page 28
2.1 What’s New in Novell iFolder 3.2 (OES SP2 Linux)
novdocx (ENU) 01 February 2006
2
The following features are new in iFolder 3.2 for OES SP2 Linux:
• Localized user help for the iFolder client
• Support for users to log in to the iFolder server with their common name or e-mail address. The
iFolder Admin User configures the option during installation and the setting applies to all
users. For information, see Section 6.2, “Configuring the iFolder Enterprise Server,” on
page 53.
2.2 What’s New in Novell iFolder 3.1 (OES SP1 Linux)
The following features are new in iFolder 3.1 for OES SP1 Linux:
TM
• Support for the iFolder data store on Novell Storage Services
TM
• Support for Novell Cluster Services
• Support for iFolder data store backup with the Target Service Agent for iFolder (TSAIF) with
NBackup, a Novell Storage Management Services command line utility
• Support for Mono 1.1.7.7x
• Interoperability for Novell iChain, Novell BorderManager, and Novell Security Manager
• Support for the OES patch channel
for Linux
(NSS) volumes on Linux
2.3 What’s New in Novell iFolder 3.0 (OES Linux)
Novell iFolder 3.0 includes several important new features.
• Multiple iFolders: A user creates as many iFolders as desired and manages each one
separately. Each iFolder functions independently to synchronize its own set of files. Users
specify the local path for each iFolder.
What’s New
21
• Shared iFolders: Each iFolder can be kept private or shared with a different group of users.
For a shared iFolder, the owner or a member with the Full Control right controls who
participates in the iFolder and the level of access granted to each member, such as Full Control,
Read/Write, or Read Only.
• Centralized iFolder Synchronization and Storage: iFolder data is automatically
synchronized by the iFolder client to the iFolder enterprise server over an IP network. The
enterprise server stores files for each iFolder, then synchronizes them to other member
computers. Encryption is supported for data transfers. Administrators control whether data is
transported securely with HTTPS (SSL) connections during synchronization, or if data is
transported with standard HTTP BASIC connections.
• Multiple iFolder Accounts: Users can concurrently access iFolder accounts on different
servers.
• Web Access to iFolders: Users access their iFolder enterprise server accounts from any
computer with Internet access. They create subdirectories, upload files, and download files to
any of their iFolders. All iFolders for the account are available, whether the user is the owner or
a member.
• Remote and Policy-Based Administration: Administrators manage iFolder services with the
Novell iFolder 3 plug-in to Novell iManager, which is the central management console for
Novell Open Enterprise Server. The tool supports policy-based management of the iFolder
system, user accounts, and users’ iFolders.
• Client-Side APIs: Almost every function an end user can accomplish through the UI is
exposed as an API. This allows third-party developers to more easily integrate their
applications with iFolder and gives organizations the tools they need to customize iFolder.
novdocx (ENU) 01 February 2006
For information about key features of the iFolder client, see the iFolder User Guide for Novell
iFolder 3.2.
2.4 Comparison of 2.1x and 3.x Server Features and Capabilities
Feature or Capability Novell iFolder 2.1x Server Novell iFolder 3.x Enterprise Server
Server management iFolder Administration tool
http://serveraddress/
iFolderServer/
iFolder.html
You can also access the iFolder
Administration tool from iManager by
selecting iFolder 2.1x from Roles
and Tasks.
Novell iFolder 3 plug-in to iManager
For information, see Section 8.1,
“Accessing the Novell iFolder 3
Plug-In for iManager,” on page 81.
22 Novell iFolder 3.x Administration Guide
Feature or Capability Novell iFolder 2.1x Server Novell iFolder 3.x Enterprise Server
novdocx (ENU) 01 February 2006
Automatic provisioning of
iFolder services
Maximum iFolders per
username
Allows administrators to
create an iFolder for a user
Allows administrators to
share an iFolder and
specify its member users
Allows administrators to
transfer ownership of a
shared iFolder to another
user
No
The administrator enables iFolder
services for users, requires users to
log in to activate the account, and
then creates the iFolder on the
server.
One Multiple. Virtually unlimited number
No Yes
No Yes
No Yes
Yes
iFolder automatically provisions
iFolder users based on LDAP
containers, groups, or users the
administrator specifies. The server
periodically polls your LDAP server
for a list of authorized network users
in those contexts and updates the
iFolder users accordingly.
of iFolders as an owner or member.
• For each iFolder, specify a list
of users, which can be further
modified by the iFolder owner.
• For each member of an iFolder,
specify the user’s level of
access with Full Control, Read/
Write, and Read Only rights.
Detects orphaned iFolders
and allows the iFolder
Admin user to manage
them
Maximum file size Software limits file size to 4 GB.
Maximum number of
directories
No Yes
Below 4 GB, the maximum file size
depends on the server’s and clients’
local file systems.
For example, on Windows clients,
FAT32 limits file sizes to 4 GB. On
Linux, EXT2 limits file sizes to 2 GB.
32,765 No software restrictions; depends on
There are no software restrictions,
but the administrator can specify the
maximum file size that users can
synchronize as a system-wide
policy.
Below the administrative maximum,
the practical maximum file size
depends on the server’s and clients’
local file systems.
the server’s and clients’ local file
systems
What’s New 23
Feature or Capability Novell iFolder 2.1x Server Novell iFolder 3.x Enterprise Server
novdocx (ENU) 01 February 2006
Disk quotas The administrator can specify a
default user quota that applies
system-wide, and specify individual
user quotas for iFolder accounts.
Minimum synchronization
interval
Allows administrators to
specify which file types to
synchronize
The administrator can set minimum
synchronization intervals to apply
system-wide and for individual
users.
No Yes
The administrator can specify a
default account quota that applies
system-wide, individual user account
quotas, and individual iFolder
quotas.
An owner can also specify a quota
for an individual iFolder, but the total
combined quotas for all the iFolders
the user owns cannot exceed the
system-wide account quota or the
user’s individual account quota,
whichever is less.
An iFolder member can specify a
quota for the iFolder on each client.
The quota cannot exceed the
iFolder’s quota or that user’s own
quota for his or her account.
The administrator can set minimum
synchronization intervals to apply
system-wide, for individual users, or
for an individual iFolder.
Administrator can specify file types
to include or exclude by setting
system-wide, individual account, or
individual iFolder policies.
Allows administrators to
enable or disable the
iFolder synchronization
Authenticated access Yes, using the Admin username and
Encrypted data transfer Yes, with the encrypted iFolder
iFolder data stored
encrypted on server
Yes, by temporarily disabling iFolder
services for the user account.
password for the iFolder
Management tool
option
The Blowfish algorithm is applied
with a user-specified passphrase.
The admin user determines whether
encryption services are available to
users.
Yes, with the encrypted iFolder
option
The user must specify a passphrase
when first creating the iFolder
account.
Yes, by using the iFolder Enable/
Disable User function to temporarily
disable login for the user to the
user’s iFolder account.
Yes. The Admin user logs in to
iManager, then must use credentials
equivalent to the iFolder Admin user
to connect to the iFolder server.
Yes, with automatic HTTPS (SSL)
connections. The iFolder Admin user
or equivalent determines whether
secure or insecure connections are
used.
No. Data is stored unencrypted for
all iFolders.
24 Novell iFolder 3.x Administration Guide
Feature or Capability Novell iFolder 2.1x Server Novell iFolder 3.x Enterprise Server
novdocx (ENU) 01 February 2006
Backup of local files to a
network server
Backup support to restore
deleted files
Files in users’ local iFolders are
backed up on the iFolder server.
Entire iFolder contents must be
backed up and restored.
Files in users’ local iFolders are
backed up on the iFolder enterprise
server.
Individual files, directories, and
iFolders can be backed up and
restored.
2.5 Comparison of 2.1x and 3.x Client Features and Capabilities
Feature or Capability Novell iFolder 2.1x Client
Download location The iFolder download page is
http://serveraddress/
iFolder
Replace serveraddress with the
IP address or DNS name of your
iFolder server. For example,
192.168.1.1 or
nifsvr1.example.com. The
path is case sensitive.
iFolder Client with a Novell iFolder
3.x Enterprise Server
The administrator provides a
download site where users can
download the iFolder client, such
as the iFolder 3.x Welcome page
on the OES Linux server.
Default location of the iFolder
directory on a client
Connect to server Log in to one account at a time. Set up accounts for multiple
Authenticated access Yes, with username and
Encrypted data transfer Yes, with the encrypted iFolder
iFolder data stored encrypted on
server
Windows: C:\Documents and
Settings\username\My
Documents\iFolder\userna
me\Home
Linux: /home/userid/
ifolder/userid
Macintosh: Not supported
password authentication via your
LDAP server.
option.
The Blowfish algorithm is applied
with a user-specified passphrase.
Yes, with encrypted iFolder option
The user must specify a
passphrase when first creating
the iFolder account.
Anywhere the user wants to
create an iFolder on his or her
Windows, Linux, or Macintosh
computers.
iFolder servers and log in to one
or more as desired.
Yes, with username and
password authentication via your
LDAP server.
Yes, with automatic HTTPS (SSL)
connections.
Administrators control whether
connections use HTTPS or HTTP.
No
Data is stored unencrypted on the
server.
What’s New 25
novdocx (ENU) 01 February 2006
Feature or Capability Novell iFolder 2.1x Client
iFolder data stored encrypted on
clients
No
iFolder data is stored
unencrypted on the client. Use
third-party local encryption
options, if needed.
Create an iFolder Yes, by logging in to the server for
the first time after being
provisioned for iFolder services.
iFolder Client with a Novell iFolder
3.x Enterprise Server
No
iFolder data is stored
unencrypted on the client. Use
third-party local encryption
options, if needed.
Yes, by selecting any local
directory and making it an iFolder.
A user can create multiple
iFolders in each iFolder account.
Maximum iFolders per username One Multiple. Virtually unlimited
number of iFolders as an owner
or member.
Share an iFolder across multiple
computers
Yes, by logging in to an iFolder
server from a computer with the
iFolder client, or by accessing the
iFolder via the Web with
NetStorage.
Yes, by logging in to an iFolder
account from another computer
with an iFolder client and setting
up the available iFolder.
You can select which of the
iFolders you own or participate in
to set up on each computer,
according to your needs at each
location.
Share an iFolder with other users Not as designed, but it is
possible.
The administrator can create a
username for this purpose.
Membership in the iFolder is
determined by who has access to
the password for that username
and its iFolder account.
Participate in a shared iFolder
owned by another user
Not as designed, but it is possible
if the iFolder’s owner shares his
or her username and password.
IMPORTANT: Sharing a
password is a security risk and is
never recommended.
Allows the owner of a shared
No Yes
iFolder to transfer ownership of a
shared iFolder to another user
Yes, as the owner user or a
member user with the Full Control
right.
• For each iFolder, specify a
list of users.
• For each member of an
iFolder, specify different
levels of access with the Full
Control, Read/Write, or
Read Only right.
Yes, if the owner adds you as a
member.
After the owner makes you a
member of the iFolder, the server
notifies you by making the iFolder
available in your My iFolders
window. Use the iFolder Setup
function to activate the iFolder on
one or more computers where
you want to participate.
26 Novell iFolder 3.x Administration Guide
novdocx (ENU) 01 February 2006
Feature or Capability Novell iFolder 2.1x Client
Allows the iFolder owner to
No Yes
iFolder Client with a Novell iFolder
3.x Enterprise Server
transfer ownership the iFolder to
another user
Maximum file size Software limits file size to 4 GB.
Below 4 GB, the maximum file
size depends on the server’s and
clients’ local file systems.
For example, on Windows clients,
FAT32 limits file sizes to 4 GB. On
Linux, EXT2 limits file sizes to 2
GB.
There are no software
restrictions, but the administrator
can specify the maximum file size
that users can synchronize as a
system-wide policy.
Below the administrative
maximum, the practical maximum
file size depends on the server’s
and clients’ local file systems.
Restrict synchronization by
including or excluding files by file
type, such as .mp3
No Yes, with policies set by the
administrator that can apply
system-wide, to individual user
accounts, or to individual
iFolders.
Maximum number of directories 32,765 No software restrictions; depends
on the server’s and clients’ local
file systems.
Disk quotas No An owner can specify a quota for
each iFolder, but the total
combined administrative quotas
for all owned iFolders cannot
exceed the user’s quota, or the
system-wide quota if there is no
user quota.
An iFolder member can specify a
quota for the iFolder on each
computer where the iFolder is set
up.
Minimum synchronization interval The user sets a synchronization
interval for each workstation. The
value cannot be less than the
system-wide setting or individual
The user sets a synchronization
interval for each computer that
applies to all iFolders in all
accounts on that computer.
user setting.
Allows users to suspend
synchronization for a given client
Yes, using any of the following
methods:
Yes, using any of the following
methods:
computer
• Log out of the iFolder server
• Disable Automatic
Synchronization in the
Preferences tab. You can
remain logged in, and then
synchronization when you
want with the
• Log out of the iFolder server
account
• Disable Automatic Sync
• Disable the account in the
Account window (deselect
Enable Account)
Synchronization Now
option.
What’s New 27
novdocx (ENU) 01 February 2006
Feature or Capability Novell iFolder 2.1x Client
Remote access to iFolder data on
the server
Backup of local files to a network
server
Backup support to restore deleted
files
Yes, using NetStorage.
Your administrator must configure
NetStorage for iFolder services.
Files in users’ local iFolders are
backed up on the iFolder server.
Administrators must back up and
restore the entire iFolder
contents.
iFolder Client with a Novell iFolder
3.x Enterprise Server
Yes, using iFolder 3.x Web
Access
Files in users’ local iFolders are
backed up on the iFolder
enterprise server.
Administrators can back up the
entire iFolder data store. They
can restore individual files,
directories, or iFolders.
2.6 Comparison of 2.1x and 3.x Web Access Features and Capabilities
Feature or Capability Novell iFolder 2.1x Web Access Novell iFolder 3.x Web Access
Web access method For iFolder 2.1.4 and earlier, the
Java* applet or Novell NetStorage
(for NetWare
®
servers only)
iFolder 3.x Web Access for Novell
Open Enterprise Server for Linux
For iFolder 2.1.5 and later, Novell
NetStorage for Novell Open
Enterprise Server (both Linux and
NetWare servers)
Web access location http://serveraddress/iFolder
Replace serveraddress with
the IP address or DNS name of
your iFolder server. For example,
192.168.1.1 or
nifsvr1.example.com. The
path is case sensitive.
Connect to server The user has only one iFolder per
username. The user accesses
the iFolder server where his or
her files are located for that
username.
http://serveraddress/
webalias
Replace serveraddress with
the IP address or DNS name of
your iFolder server. For example,
10.10.1.1 or
nifsvr1.example.com.
Replace webalias with the
administrator-specified path. The
default path is /ifolder. The
path is case sensitive. For
example:
http://10.10.1.1/
ifolder
Users separately access the
different servers where you have
accounts. All iFolders for the
individual account are available.
28 Novell iFolder 3.x Administration Guide
Feature or Capability Novell iFolder 2.1x Web Access Novell iFolder 3.x Web Access
novdocx (ENU) 01 February 2006
Authenticated access Yes, with username and
password authentication via your
LDAP server.
Encrypted data transfer Yes, with the encrypted iFolder
option.
The Blowfish algorithm is applied
with a user-specified passphrase.
WebDAV protocol support Yes, allows WebDAV clients,
such as Microsoft Explorer, to
seamlessly access folders and
files on an iFolder 2.1x server.
Yes, with username and
password authentication via your
LDAP server.
Yes, with HTTPS (SSL)
connections for data transfer.
No
What’s New 29
novdocx (ENU) 01 February 2006
30 Novell iFolder 3.x Administration Guide
Loading...