Novell IFOLDER 3 ADMINISTRATION GUIDE

Novell iFolder 3.x Administration Guide

Novell
®
iFolder
novdocx (ENU) 01 February 2006
3.x
August 15, 2006
www.novell.com
Legal Notices
Novell, Inc., makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes.
Further, Novell, Inc., makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes.
Any products or technical information provided under this Agreement may be subject to U.S. export controls and the trade laws of other countries. You agree to comply with all export control regulations and to obtain any required licenses or classification to export, re-export, or import deliverables. You agree not to export or re-export to entities on the current U.S. export exclusion lists or to any embargoed or terrorist countries as specified in the U.S. export laws. You agree to not use deliverables for prohibited nuclear, missile, or chemical biological weaponry end uses. Please refer to www.novell.com/info/exports/ for more information on exporting Novell software. Novell assumes no responsibility for your failure to obtain any necessary export approvals.
Copyright © 2005-2006 Novell, Inc. All rights reserved. No part of this publication may be reproduced, photocopied, stored on a retrieval system, or transmitted without the express written consent of the publisher.
novdocx (ENU) 01 February 2006
Novell, Inc., has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.novell.com/company/legal/patents/ and one or more additional patents or pending patent applications in the U.S. and in other countries.
Novell, Inc. 404 Wyman Street, Suite 500 Waltham, MA 02451 U.S.A. www.novell.com
Online Documentation: To access the online documentation for this and other Novell products, and to get
updates, see www.novell.com/documentation.
Novell Trademarks
For a list of Novell trademarks, see the Novell Trademark and Service Mark list (http://www.novell.com/company/
legal/trademarks/tmlist.html).
Third-Party Materials
All third-party trademarks are the property of their respective owners.
novdocx (ENU) 01 February 2006
novdocx (ENU) 01 February 2006
Contents
About This Guide 11
1 Overview of Novell iFolder 3.x 13
1.1 Benefits of iFolder for the Enterprise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
1.1.1 Seamless Data Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
1.1.2 Data Safeguards and Data Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
1.1.3 Reliable Data Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
1.1.4 Productive Mobile Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.1.5 Cross-Platform Client Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.1.6 Scalable Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.1.7 Simple Data and Account Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.1.8 No Training Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.2 Benefits of iFolder for Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
1.3 Enterprise Server Sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
1.4 Key Components of iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
1.4.1 iFolder Enterprise Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
1.4.2 Novell iFolder 3 Plug-in to Novell iManager 2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.4.3 iFolder Web Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.4.4 The iFolder Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.4.5 Shared iFolders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.4.6 iFolder Access Rights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.4.7 Account Setup for Enterprise Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
1.4.8 Access Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
1.4.9 File Synchronization and Data Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
1.4.10 Synchronization Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
1.4.11 iFolder Client APIs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
1.5 What’s Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
novdocx (ENU) 01 February 2006
2What’s New 21
2.1 What’s New in Novell iFolder 3.2 (OES SP2 Linux). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.2 What’s New in Novell iFolder 3.1 (OES SP1 Linux). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.3 What’s New in Novell iFolder 3.0 (OES Linux) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
2.4 Comparison of 2.1x and 3.x Server Features and Capabilities . . . . . . . . . . . . . . . . . . . . . . . . 22
2.5 Comparison of 2.1x and 3.x Client Features and Capabilities. . . . . . . . . . . . . . . . . . . . . . . . . 25
2.6 Comparison of 2.1x and 3.x Web Access Features and Capabilities . . . . . . . . . . . . . . . . . . . 28
3 Planning iFolder Services 31
3.1 Security Considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3.2 Server Workload Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
3.3 Naming Conventions for Usernames and Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
3.4 Admin User Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
3.5 iFolder User Account Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
3.5.1 Preventing the Propagation of Viruses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
3.5.2 Provisioning User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
3.5.3 Setting Account Quotas. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
3.6 iFolders Data and Synchronization Considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
3.6.1 Naming Conventions for an iFolder and Its Folders and Files. . . . . . . . . . . . . . . . . . 36
5
3.6.2 Guidelines for File Types and Sizes to Be Synchronized . . . . . . . . . . . . . . . . . . . . . 36
3.7 Management Tools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
3.7.1 iFolder Configuration Plug-Ins for YaST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
3.7.2 Novell iFolder 3 Plug-In for Novell iManager 2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
3.7.3 Web Access Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
4 Coexistence and Migration Issues 41
4.1 Coexistence of iFolder 3.x and 2.1x Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
4.2 Coexistence of the iFolder Client with Novell iFolder 1.x and 2.x Clients. . . . . . . . . . . . . . . . . 42
4.3 Migrating from iFolder 2.1x to 3.x Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
4.4 Migrating User Files from an iFolder 2.1x to a 3.x Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
5 Prerequisites and Guidelines 45
5.1 File System. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
5.2 Enterprise Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
5.2.1 Prerequisites for the Operating System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
5.2.2 Install Guidelines When Using an NSS Volume to Store iFolder Data . . . . . . . . . . . 46
5.2.3 Install Guidelines When Using a Linux Traditional Volume to Store iFolder Data . . . 47
5.2.4 Install Guidelines for Other Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
5.2.5 Installing the OES Linux Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
5.3 Novell eDirectory 8.7.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
5.4 Novell iManager 2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
5.5 Mono. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
5.6 Client Computers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
5.7 Web Browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
novdocx (ENU) 01 February 2006
6 Installing and Configuring iFolder Services 51
6.1 Installing iFolder on an Existing OES Linux Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
6.2 Configuring the iFolder Enterprise Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
6.3 Configuring the iFolder Web Access Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
6.4 Installing the Novell iFolder 3 Plug-In for iManager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
6.4.1 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
6.4.2 Installing a Plug-In When RBS Is Not Configured . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
6.4.3 Installing a Plug-In When RBS Is Configured . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58
6.5 Accessing iManager and the Novell iFolder 3 Plug-In . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
6.6 Provisioning Users and iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
6.6.1 Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
6.6.2 Configuring the Search DNs for Provisioning Users . . . . . . . . . . . . . . . . . . . . . . . . . 61
6.6.3 Synchronizing the List of Provisioned Users with the LDAP Directory. . . . . . . . . . . . 62
6.7 Distributing the iFolder Client to Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
6.7.1 Configuring the iFolder 3.x Welcome Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
6.7.2 Accessing the iFolder 3.x Welcome Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
6.7.3 Downloading the iFolder Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
6.7.4 Installing the iFolder Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
6.8 Updating Novell iFolder 3.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
6.9 Updating Mono for the Server and Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
6.10 Uninstalling the iFolder 3.x Enterprise Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
6.11 What’s Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
7 Managing an iFolder Enterprise Server 67
7.1 Starting iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
6 Novell iFolder 3.x Administration Guide
7.2 Stopping iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
7.3 Restarting iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
7.4 Managing the Simias Log and Simias Access Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
7.5 Backing Up the iFolder Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
7.6 Backing Up the iFolder Store with the TSAIF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
7.6.1 Understanding TSAIF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
7.6.2 Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
7.6.3 iFolder Path Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
7.6.4 iFolder Path Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
7.6.5 SMSConfig Options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
7.6.6 TSAIF and SMSConfig Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
7.6.7 NBackup Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
7.6.8 TSAIF and NBackup Examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
7.6.9 Additional Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
7.7 Recovering from a Catastrophic Loss of the iFolder Server . . . . . . . . . . . . . . . . . . . . . . . . . . 77
7.8 Recovering Individual Files or Directories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
7.9 Moving iFolder Data from One iFolder Server to Another . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
8 Managing iFolder Services 81
8.1 Accessing the Novell iFolder 3 Plug-In for iManager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
8.2 Connecting to the iFolder Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
8.3 Viewing General System Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
8.4 Configuring the LDAP Settings for an iFolder Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
8.4.1 Viewing the Current LDAP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
8.4.2 Modifying the iFolder LDAP Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
8.4.3 What to Do If the iFolder Admin User Is Deleted from LDAP . . . . . . . . . . . . . . . . . . 88
8.4.4 Securing Access to the iFolder Proxy User Password . . . . . . . . . . . . . . . . . . . . . . . 88
8.4.5 Modifying the iFolder Proxy User Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
8.4.6 Synchronizing the iFolder User List with the LDAP Server . . . . . . . . . . . . . . . . . . . . 89
8.5 Configuring System Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
8.5.1 Viewing the Current System Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
8.5.2 Modifying iFolder System Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
8.6 Configuring iFolder Administrators. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
8.6.1 Understanding the iFolder Admin User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
8.6.2 Adding the iFolder Admin Right for a User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
8.6.3 Removing the iFolder Admin Right for a User. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
8.7 Securing Enterprise Server Communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
8.7.1 Using SSL for Secure Communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
8.7.2 Configuring the SSL Cipher Suites for the Apache Server . . . . . . . . . . . . . . . . . . . . 95
8.7.3 Configuring the Enterprise Server for SSL Communications with the LDAP Server . 95
8.7.4 Configuring the Enterprise Server for SSL Communications with the iFolder Client. 96
8.7.5 Configuring the Enterprise Server for SSL Communications with the Web Access
Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
8.7.6 Configuring an SSL Certificate for the Enterprise Server . . . . . . . . . . . . . . . . . . . . . 96
novdocx (ENU) 01 February 2006
9 Managing an iFolder Web Access Server 97
9.1 Starting iFolder Web Access Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
9.2 Stopping iFolder Web Access Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
9.3 Distributing the Web Access Server URL to Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
9.4 Configuring the HTTP Runtime Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
9.5 Securing Web Access Server Communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
9.5.1 Using SSL for Secure Communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
9.5.2 Configuring the SSL Cipher Suites for the Apache Server . . . . . . . . . . . . . . . . . . . . 99
7
9.5.3 Configuring the Web Access Server for SSL Communications with the Enterprise
Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
9.5.4 Configuring the Web Access Server for SSL Communications with Web Browsers 101
9.5.5 Configuring an SSL Certificate for the Web Access Server . . . . . . . . . . . . . . . . . . . 101
10 Managing iFolder Users 103
10.1 Provisioning Users for iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
10.2 Searching for a User Account. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
10.3 Viewing General User Account Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
10.4 Configuring User Account Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
10.4.1 Viewing the Current User Account Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
10.4.2 Modifying User Account Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
10.5 Enabling and Disabling iFolder User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
10.6 Setting a User Account Quota . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
11 Managing iFolders 109
11.1 Creating an iFolder for a User’s Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
11.1.1 Creating an iFolder from the iFolders Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
11.1.2 Creating an iFolder from the User Page . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
11.2 Searching for an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
11.3 Viewing Information about an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
11.4 Configuring Policies for an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
11.5 Sharing an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
11.5.1 Adding a Member. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
11.5.2 Setting the iFolder Access Right for a Member . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
11.5.3 Removing a Member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
11.6 Deleting an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
11.7 Transferring Ownership of an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
11.8 Enabling and Disabling Synchronization for an iFolder . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
11.9 Managing Orphaned iFolders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116
novdocx (ENU) 01 February 2006
A Configuration Files 117
A.1 Simias.config File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
A.2 Web.config File for the Enterprise Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
A.3 Web.config File for the Web Access Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
B Clustering iFolder 3.x Servers with Novell Cluster Services for Linux 125
B.1 Prerequisites for Clustering iFolder 3.x Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
B.2 Installing Novell Cluster Services for Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
B.3 Configuring iFolder 3.x Services on an NCS for Linux Cluster . . . . . . . . . . . . . . . . . . . . . . . . 126
B.4 Creating the iFolder 3.x Cluster Resource . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
B.5 Managing the iFolder 3.x Cluster Resource . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
B.6 Sample Load Scripts for iFolder 3.x Clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
B.6.1 Linux Traditional File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
B.6.2 NSS File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
B.7 Sample Unload Scripts for iFolder 3.x Clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
B.7.1 Linux Traditional File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
B.7.2 NSS File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
B.7.3 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
8 Novell iFolder 3.x Administration Guide
C Managing SSL Certificates for Apache 133
C.1 Generating an SSL Certificate for the Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
C.2 Generating a Self-Signed SSL Certificate for Testing Purposes . . . . . . . . . . . . . . . . . . . . . . 134
C.3 Configuring Apache to Point to an SSL Certificate on an iFolder Server. . . . . . . . . . . . . . . . 135
C.4 Configuring Apache to Point to an SSL Certificate on a Shared Volume for an iFolder
Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
D Product History of iFolder 3 137
D.1 Version History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
D.2 Network Operating Systems Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
D.3 Directory Services Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
D.4 Workstation Operating Systems Support for the iFolder Client . . . . . . . . . . . . . . . . . . . . . . . 138
D.5 Web Server Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
D.6 iFolder User Access Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
D.7 Management Tools Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
E Documentation Updates 141
novdocx (ENU) 01 February 2006
E.1 August 15, 2006. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
E.1.1 Installing and Configuring iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
E.1.2 Managing an iFolder Enterprise Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
E.1.3 Managing iFolders. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
E.1.4 Clustering iFolder 3.x Servers with Novell Cluster Services for Linux. . . . . . . . . . . 142
E.1.5 Managing the SSL Certificate for the Apache Web Server . . . . . . . . . . . . . . . . . . . 143
E.1.6 Product History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
E.2 May 24, 2006 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
E.2.1 Prerequisites and Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
E.3 December 23, 2005 (Novell iFolder 3.2 for OES SP2 Linux). . . . . . . . . . . . . . . . . . . . . . . . . 143
E.3.1 What’s New . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
E.3.2 Planning iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
E.3.3 Installing and Configuring iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
E.3.4 Managing iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
E.3.5 Managing iFolder Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
E.3.6 Managing iFolders. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
E.3.7 Product History of iFolder 3.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
E.4 August 19, 2005 (Novell iFolder 3.1 for OES SP1 Linux) . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
E.4.1 What’s New . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
E.4.2 Coexistence and Migration Issues for Novell iFolder 3.x. . . . . . . . . . . . . . . . . . . . . 146
E.4.3 Planning iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
E.4.4 Prerequisites and Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
E.4.5 Installing and Configuring iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
E.4.6 Managing an iFolder Enterprise Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
E.4.7 Managing iFolder Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
E.4.8 Clustering iFolder 3.x with Novell Cluster Services for Linux . . . . . . . . . . . . . . . . . 147
E.4.9 Managing SSL Certificates for Apache . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
E.4.10 Product History of iFolder 3.x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
9
novdocx (ENU) 01 February 2006
10 Novell iFolder 3.x Administration Guide

About This Guide

novdocx (ENU) 01 February 2006
This guide describes how to install, configure, and manage the Novell® iFolder® 3.x enterprise server, the iFolder 3.x Web Access server, and the iFolder following sections:
Chapter 1, “Overview of Novell iFolder 3.x,” on page 13
Chapter 2, “What’s New,” on page 21
Chapter 3, “Planning iFolder Services,” on page 31
Chapter 4, “Coexistence and Migration Issues,” on page 41
Chapter 5, “Prerequisites and Guidelines,” on page 45
Chapter 6, “Installing and Configuring iFolder Services,” on page 51
Chapter 7, “Managing an iFolder Enterprise Server,” on page 67
Chapter 8, “Managing iFolder Services,” on page 81
Chapter 9, “Managing an iFolder Web Access Server,” on page 97
Chapter 10, “Managing iFolder Users,” on page 103
Chapter 11, “Managing iFolders,” on page 109
Appendix A, “Configuration Files,” on page 117
Appendix B, “Clustering iFolder 3.x Servers with Novell Cluster Services for Linux,” on
page 125
Appendix C, “Managing SSL Certificates for Apache,” on page 133
TM
Client. This guide is divided into the
Appendix D, “Product History of iFolder 3,” on page 137
Appendix E, “Documentation Updates,” on page 141
Audience
This guide is intended for system administrators.
Feedback
We want to hear your comments and suggestions about this manual and the other documentation included with this product. Please use the User Comment feature at the bottom of each page of the online documentation, or go to www.novell.com/documentation/feedback.html and enter your comments there.
Documentation Updates
For the most recent version of the Novell iFolder 3.x Administration Guide, visit the Novell iFolder
3.x documentation Web site (http://www.novell.com/documentation/ifolder3/index.html).
For emerging issues with Novell iFolder 3.x and the iFolder client, see the Novell iFolder 3.x
Readme (http://www.novell.com/documentation/ifolder3/readme/data/readme.html).
11
Additional Documentation
For information, see the following:
Novell iFolder 3.x Security Administrator Guide (http://www.novell.com/documentation/
ifolder3/security/data/front.html)
iFolder User Guide for Novell iFolder 3.x (http://www.novell.com/documentation/ifolder3/
user/data/front.html).
Novell iFolder 3.x documentation (http://www.novell.com/documentation/ifolder3/index.html)
Novell Open Enterprise Server product site (http://www.novell.com/products/
openenterpriseserver)
Novell Open Enterprise Server documentation (http://www.novell.com/documentation/oes/
index.html)
Novell eDirectory
TM
8.7.3 documentation (http://www.novell.com/documentation/edir873/
treetitl.html)
Novell iManager 2.5 documentation (http://www.novell.com/documentation/imanager25/
treetitl.html)
Novell Linux Desktop 9 product site (http://www.novell.com/products/desktop/)
Novell Linux Desktop 9 documentation (http://www.novell.com/documentation/nld/
treetitl.html)
Novell Technical Support (http://www.novell.com/support)
novdocx (ENU) 01 February 2006
Documentation Conventions
In Novell documentation, a greater-than symbol (>) is used to separate actions within a step and items in a cross-reference path.
A trademark symbol (
®
, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party
trademark.
When a single pathname can be written with a backslash for some platforms or a forward slash for other platforms, the pathname is presented with a backslash. Users of platforms that require a forward slash, such as Linux* or UNIX*, should use forward slashes as required by your software.
12 Novell iFolder 3.x Administration Guide
1
Overview of Novell iFolder 3.x
Novell® iFolder® 3.x is the next generation of iFolder, supporting multiple iFolders per user, user­controlled sharing, and a centralized network server for file storage and secure distribution. With iFolder, users’ local files automatically follow them everywhere—online, offline, all the time— across computers. Users can share files in multiple iFolders, and share each iFolder with a different group of users. Users control who can participate in an iFolder and their access rights to the files in it. Users can also participate in iFolders that others share with them.
This section familiarizes you with the various benefits and features of iFolder and its main components:
Section 1.1, “Benefits of iFolder for the Enterprise,” on page 13
Section 1.2, “Benefits of iFolder for Users,” on page 15
Section 1.3, “Enterprise Server Sharing,” on page 17
Section 1.4, “Key Components of iFolder,” on page 17
Section 1.5, “What’s Next,” on page 20
novdocx (ENU) 01 February 2006
1

1.1 Benefits of iFolder for the Enterprise

Benefits of iFolder to the enterprise include the following:
“Seamless Data Access” on page 13
“Data Safeguards and Data Recovery” on page 14
“Reliable Data Security” on page 14
“Productive Mobile Users” on page 15
“Cross-Platform Client Support” on page 15
“Simple Data and Account Management” on page 15
“No Training Requirements” on page 15

1.1.1 Seamless Data Access

Novell iFolder greatly simplifies the IT department’s ability to keep users productive. It empowers users by enabling their data to follow them wherever they go.
The days of users e-mailing themselves project files so they can work on them from home are gone, along with the frustration associated with sorting through different versions of the same file on different machines. iFolder stores and synchronizes users’ work in such a way that no matter what client or what location they log in from, their files are available and in the condition that they expect

Overview of Novell iFolder 3.x

13
them to be. Users can access the most up-to-date version of their documents from any computer using the iFolder client or Web access.
Figure 1-1 Novell iFolder 3.x Access Methods
Access Methods Authentication/File Encryption iFolder 3.x Services
HTTPS
iFolder Client for Novell Linux Desktop
novdocx (ENU) 01 February 2006
iFolder Client for Macintosh OS X 10.3x
iFolder Client for Windows 2000/XP
iFolder 3.x Web Access via a Web browser
HTTPS
HTTPS
HTTPS
Sync
Upload or Download
eDirectory LDAP
server on the
same or different
OES server
eDirectory
LDAP server
iFolder 3.x
Enterprise servers
HTTPS
OES Linux
server
iFolder 3.x Web Access
server on the same
or different OES server

1.1.2 Data Safeguards and Data Recovery

With Novell iFolder, data stored on the server can be easily safeguarded from system crashes and disasters that can result in data loss. When a user saves a file locally, the iFolder client can automatically update the data on the iFolder server, where it immediately becomes available for an organization’s regular network backup operations. iFolder makes it easier for IT managers to ensure that all of an organization’s critical data is protected.

1.1.3 Reliable Data Security

With Novell iFolder, LDAP-based authentication for access to stored data helps prevent unauthorized network access.
14 Novell iFolder 3.x Administration Guide

1.1.4 Productive Mobile Users

A Novell iFolder solution makes it significantly easier to support mobile users. VPN connections are no longer needed to deliver secure data access to mobile users. Authentication and data transfer use Secure Sockets Layer (SSL) technology to protect data on the wire.
Users do not need to learn or perform any special procedures to access their files when working from home or on the road. iFolder does away with version inconsistency, making it simple for users to access the most up-to-date version of their documents from any connected desktop, laptop, Web browser, or handheld device.
In preparation to travel or work from home, users no longer need to copy essential data to their laptops from various desktop and network locations. The iFolder client can automatically update a user’s local computer with the most current file versions. Even when a personal computer is not available, users can access all their files via Web access with any computer connected to the Internet.

1.1.5 Cross-Platform Client Support

novdocx (ENU) 01 February 2006
The iFolder client is available for Linux, Windows*, and Macintosh* desktops. The Novell iFolder
3.x Web Access server provides a Web interface that allows users to access their files on the enterprise server with a Web browser from any computer with an active network or Internet connection.

1.1.6 Scalable Deployment

iFolder easily scales from small to large environments. You can install iFolder on multiple servers, allowing your iFolder environment to grow with your business. A single iFolder enterprise server handles up to about 1,000 user accounts, depending on the amount of memory and storage available. Users in an LDAP context can be concurrently provisioned for iFolder services simply by assigning the context to an iFolder server.

1.1.7 Simple Data and Account Management

Management of all iFolder enterprise servers is centralized through the Novell iFolder 3 plug-in to Novell iManager 2.5. Novell iFolder allows management from any location, using a standard Web browser. iFolder also frees IT departments from routine maintenance tasks by providing secure, automatic synchronization of local files to the server.

1.1.8 No Training Requirements

IT personnel no longer need to condition or train users to perform special tasks to ensure the consistency of data stored locally and on the network. With Novell iFolder, users simply store their files in the local iFolder directory. Their files are automatically updated to the iFolder server and any other workstations that share the iFolder. iFolder works seamlessly behind the scenes to ensure that data is protected and synchronized.

1.2 Benefits of iFolder for Users

Typically, when users work in multiple locations or in collaboration with others, they must conscientiously manage file versions. With iFolder, the most recent version of a user’s files can
Overview of Novell iFolder 3.x 15
follow the user to any computer where the iFolder client is installed and a shared iFolder is set up. iFolder also allows users to share multiple iFolders and their separate content with other users of the iFolder system. Users decide who participates in each shared iFolder and their level of access. Similarly, users can participate in shared iFolders that are owned by others in the collaboration environment.
In the following example, Ulrik owns an iFolder named Denmark and shares it via his iFolder enterprise account with Nigel, Luc, and Alice. Nigel travels frequently, so he also set up the iFolder on his laptop. Any iFolder member can upload and download files from the Denmark iFolder from anywhere, using the iFolder Web Access server. In addition, Alice shares a non-work iFolder named Scooters with her friend Ulrik.
Figure 1-2 Collaboration and Sharing with iFolder
novdocx (ENU) 01 February 2006
Nigel's Desktop
Denmark
Liverpool
MyDocs
Luc's Desktop
Denmark
HR
Mtn Biking
* iFolder Owner
iFolder 3.x
Enterprise Server
Alice's Desktop
Denmark
Scooters*
Utah
Storage
iFolder 3.x
Web Access
Server
Ulrik's Desktop
Denmark*
Scooters
MyStuff
Internet
* iFolder Owner
Nigel's Laptop
Denmark
TeamOne
Customers
Kiosk
iFolder 3.
Web Access
x
With an enterprise server, the iFolders are stored centrally for all iFolder members. The iFolder server synchronizes the most recent version of documents to all authorized users of the shared iFolder. All that the iFolder owner and iFolder members need is an active network connection and the iFolder client.
Novell iFolder provides the following benefits:
• Guards against local data loss by automatically backing up local files to the iFolder server and multiple workstations
• Transparently updates a user’s iFolder files to the iFolder enterprise server and multiple member workstations with the iFolder client
• Tracks and logs changes made to iFolder files while users work offline, and synchronizes those changes when they go online
• Provides access to user files on the iFolder server from any workstation without the iFolder client, using a Web browser and an active Internet or network connection
• With SSL encryption enabled, protects data as it travels across the wire
• Makes files on the iFolder server available for regularly scheduled data backup
16 Novell iFolder 3.x Administration Guide
For more information, see “Benefits of iFolder” in the iFolder User Guide for Novell iFolder 3.2.

1.3 Enterprise Server Sharing

The iFolder client included in this release supports synchronization across multiple computers through a central Novell iFolder 3.x enterprise server.
• Users can share files across computers.
• Users can share files with others.
• Each user can own multiple iFolders.
• Each user can participate in multiple iFolders owned by other users.
• Files can be synchronized via the central server at any time and with improved availability, reliability, and performance.
• Data is transferred securely over the wire using SSL connections.
• Users are autoprovisioned for iFolder services based on their assignment to administrator­specified LDAP containers and groups.
• A list of iFolder users is synchronized at regular intervals with the LDAP directory services.
• Local files are automatically backed up to the server at regular intervals and on demand.
novdocx (ENU) 01 February 2006
• iFolder data on the server can be backed up to backup media and restored.
• Administrators can manage the iFolder system, user accounts, and user iFolders using the Novell iFolder 3 plug-in to iManager.

1.4 Key Components of iFolder

Section 1.4.1, “iFolder Enterprise Server,” on page 17
Section 1.4.2, “Novell iFolder 3 Plug-in to Novell iManager 2.5,” on page 18
Section 1.4.3, “iFolder Web Access,” on page 18
Section 1.4.4, “The iFolder Client,” on page 18
Section 1.4.5, “Shared iFolders,” on page 18
Section 1.4.6, “iFolder Access Rights,” on page 18
Section 1.4.7, “Account Setup for Enterprise Servers,” on page 19
Section 1.4.8, “Access Authentication,” on page 19
Section 1.4.9, “File Synchronization and Data Management,” on page 19
Section 1.4.10, “Synchronization Log,” on page 19
Section 1.4.11, “iFolder Client APIs,” on page 20

1.4.1 iFolder Enterprise Server

The iFolder enterprise server is a central repository for storing iFolders and synchronizing files for enterprise users.
Overview of Novell iFolder 3.x 17

1.4.2 Novell iFolder 3 Plug-in to Novell iManager 2.5

The Novell iFolder 3 plug-in to Novell iManager 2.5 is an administrative tool used to manage the iFolder system, user accounts, and user iFolders and data.

1.4.3 iFolder Web Access

The iFolder 3.x Web Access server provides an interface to allow users remote access to iFolders on the enterprise server.
For information about using Web Access, see “Using Novell iFolder 3.x Web Access” in the iFolder
User Guide for Novell iFolder 3.2.

1.4.4 The iFolder Client

The iFolder client integrates with the user’s operating system to provide iFolder services in a native desktop environment. It supports the following client operating systems:
• Novell Linux Desktop 9
• Windows 2000/XP
novdocx (ENU) 01 February 2006
• Macintosh OS X v10.3 or later
An iFolder session begins when the user logs in to an iFolder services account and ends when the user logs out of the account or exits the iFolder client. The iFolders synchronize files with the enterprise server only when a session is active and the computer has an active connection to the network or Internet. Users can access data in their local iFolders at any time; it does not matter if they are logged in to their server accounts or if they are connected to the network or Internet.
The iFolder client allows users to create and manage their iFolders. For information, see the iFolder
User Guide for Novell iFolder 3.2.

1.4.5 Shared iFolders

An iFolder is a local directory that the user selectively shares with other users in a collaboration environment. The iFolder files are accessible to all members of the iFolder and can be changed by those with the rights to do so. Users can share iFolders across multiple workstations and with others.
Because the iFolder client is integrated into the operating environment, users can work with iFolders directly in a file manager or in the My iFolders window. Within the iFolder, users can set up any subdirectory structure that suits their personal or corporate work habits. The subdirectory structure is constant across all member iFolders. Each workstation can specify a different parent directory for the shared iFolder.

1.4.6 iFolder Access Rights

The iFolder client provides four levels of access for members of an iFolder:
•Owner: Only one user serves as the owner. This is typically the user who created the iFolder. The owner or an iFolder administrator can transfer ownership status from the owner to another user.
18 Novell iFolder 3.x Administration Guide
The owner of an iFolder has the Full Control right. This user has read/write access to the iFolder, manages membership and access rights for member users, and can remove the Full Control right for any member. With an enterprise server, the disk space used by the owner’s iFolders count against the owner’s user disk quotas on the enterprise server.
If a user is deleted as a user for the iFolder system, the iFolders owned by the user are orphaned. Orphaned iFolders are assigned temporarily to the iFolder Admin user, who becomes the owner of the iFolder. Membership and synchronization continues while the iFolder Admin user determines whether an orphaned iFolder should be deleted or assigned to a new owner.
• Full Control: A member of the shared iFolder, with the Full Control access right. The user with the Full Control right has read/write access to the iFolder and manages membership and access rights for all users except the owner.
•Read/Write: A member of the shared iFolder, with the Read/Write access right to directories and files in the iFolder.
•Read Only: A member of the shared iFolder, with the Read Only access right to directories and files in the iFolder. This member can copy an iFolder file to another location and modify it outside the iFolder.
When used with an enterprise server account, the server hosts every iFolder created for that account. Users create an iFolder and the enterprise server makes it available to the specified list of users. A user can have a separate account on each enterprise server. A user’s level of membership in each shared iFolder can differ.
novdocx (ENU) 01 February 2006

1.4.7 Account Setup for Enterprise Servers

The iFolder client allows you to set up multiple accounts, with one each allowed per enterprise server. Users specify the server address, username, and password to uniquely identify an account. On his or her computer, a user sets up accounts while logged in as the local identity he or she plans to use to access that account and its iFolders. Under the local login, the user can set up multiple iFolder accounts, but each account must belong to a different iFolder enterprise server.

1.4.8 Access Authentication

Whenever iFolder connects to an enterprise server to synchronize files, it connects with HTTP BASIC and SSL connections to the server, and the server authenticates the user against the LDAP directory service.

1.4.9 File Synchronization and Data Management

When you set up an iFolder account, you can enable Remember Password so that iFolder can synchronize iFolder invitations and files in the background as you work. The iFolder client runs automatically each time you log in to your computer’s desktop environment. The session runs in the background as you work with files in your local iFolders, tracking and logging any changes you make. With an enterprise server, you can synchronize the files at specified intervals or on demand.

1.4.10 Synchronization Log

The log displays a log of your iFolder background activity.
Overview of Novell iFolder 3.x 19

1.4.11 iFolder Client APIs

As part of the iFolder project, APIs are available for the client. For iFolder Client developer documentation, see the iFolder Software Developers Kit (http://forge.novell.com/modules/xfmod/
docman/?group_id=1372).

1.5 What’s Next

Before you install iFolder, review the following sections:
“What’s New” on page 21
“Planning iFolder Services” on page 31
“Coexistence and Migration Issues” on page 41
“Prerequisites and Guidelines” on page 45
When you are done, install and configure your iFolder enterprise server and Web Access server. For information, see “Installing and Configuring iFolder Services” on page 51.
novdocx (ENU) 01 February 2006
20 Novell iFolder 3.x Administration Guide
2

What’s New

Novell® iFolder® 3.x and the iFolderTM client offer many new capabilities as compared to Novell Novell iFolder 2.1x. This section discusses the following:
Section 2.1, “What’s New in Novell iFolder 3.2 (OES SP2 Linux),” on page 21
Section 2.2, “What’s New in Novell iFolder 3.1 (OES SP1 Linux),” on page 21
Section 2.3, “What’s New in Novell iFolder 3.0 (OES Linux),” on page 21
Section 2.4, “Comparison of 2.1x and 3.x Server Features and Capabilities,” on page 22
Section 2.5, “Comparison of 2.1x and 3.x Client Features and Capabilities,” on page 25
Section 2.6, “Comparison of 2.1x and 3.x Web Access Features and Capabilities,” on page 28

2.1 What’s New in Novell iFolder 3.2 (OES SP2 Linux)

novdocx (ENU) 01 February 2006
2
The following features are new in iFolder 3.2 for OES SP2 Linux:
• Localized user help for the iFolder client
• Support for users to log in to the iFolder server with their common name or e-mail address. The iFolder Admin User configures the option during installation and the setting applies to all users. For information, see Section 6.2, “Configuring the iFolder Enterprise Server,” on
page 53.

2.2 What’s New in Novell iFolder 3.1 (OES SP1 Linux)

The following features are new in iFolder 3.1 for OES SP1 Linux:
TM
• Support for the iFolder data store on Novell Storage Services
TM
• Support for Novell Cluster Services
• Support for iFolder data store backup with the Target Service Agent for iFolder (TSAIF) with NBackup, a Novell Storage Management Services command line utility
• Support for Mono 1.1.7.7x
• Interoperability for Novell iChain, Novell BorderManager, and Novell Security Manager
• Support for the OES patch channel
for Linux
(NSS) volumes on Linux

2.3 What’s New in Novell iFolder 3.0 (OES Linux)

Novell iFolder 3.0 includes several important new features.
• Multiple iFolders: A user creates as many iFolders as desired and manages each one separately. Each iFolder functions independently to synchronize its own set of files. Users specify the local path for each iFolder.
What’s New
21
• Shared iFolders: Each iFolder can be kept private or shared with a different group of users. For a shared iFolder, the owner or a member with the Full Control right controls who participates in the iFolder and the level of access granted to each member, such as Full Control, Read/Write, or Read Only.
• Centralized iFolder Synchronization and Storage: iFolder data is automatically synchronized by the iFolder client to the iFolder enterprise server over an IP network. The enterprise server stores files for each iFolder, then synchronizes them to other member computers. Encryption is supported for data transfers. Administrators control whether data is transported securely with HTTPS (SSL) connections during synchronization, or if data is transported with standard HTTP BASIC connections.
• Multiple iFolder Accounts: Users can concurrently access iFolder accounts on different servers.
• Web Access to iFolders: Users access their iFolder enterprise server accounts from any computer with Internet access. They create subdirectories, upload files, and download files to any of their iFolders. All iFolders for the account are available, whether the user is the owner or a member.
• Remote and Policy-Based Administration: Administrators manage iFolder services with the Novell iFolder 3 plug-in to Novell iManager, which is the central management console for Novell Open Enterprise Server. The tool supports policy-based management of the iFolder system, user accounts, and users’ iFolders.
• Client-Side APIs: Almost every function an end user can accomplish through the UI is exposed as an API. This allows third-party developers to more easily integrate their applications with iFolder and gives organizations the tools they need to customize iFolder.
novdocx (ENU) 01 February 2006
For information about key features of the iFolder client, see the iFolder User Guide for Novell
iFolder 3.2.

2.4 Comparison of 2.1x and 3.x Server Features and Capabilities

Feature or Capability Novell iFolder 2.1x Server Novell iFolder 3.x Enterprise Server
Server management iFolder Administration tool
http://serveraddress/ iFolderServer/ iFolder.html
You can also access the iFolder Administration tool from iManager by selecting iFolder 2.1x from Roles and Tasks.
Novell iFolder 3 plug-in to iManager
For information, see Section 8.1,
“Accessing the Novell iFolder 3 Plug-In for iManager,” on page 81.
22 Novell iFolder 3.x Administration Guide
Feature or Capability Novell iFolder 2.1x Server Novell iFolder 3.x Enterprise Server
novdocx (ENU) 01 February 2006
Automatic provisioning of iFolder services
Maximum iFolders per username
Allows administrators to create an iFolder for a user
Allows administrators to share an iFolder and specify its member users
Allows administrators to transfer ownership of a shared iFolder to another user
No
The administrator enables iFolder services for users, requires users to log in to activate the account, and then creates the iFolder on the server.
One Multiple. Virtually unlimited number
No Yes
No Yes
No Yes
Yes
iFolder automatically provisions iFolder users based on LDAP containers, groups, or users the administrator specifies. The server periodically polls your LDAP server for a list of authorized network users in those contexts and updates the iFolder users accordingly.
of iFolders as an owner or member.
• For each iFolder, specify a list of users, which can be further modified by the iFolder owner.
• For each member of an iFolder, specify the user’s level of access with Full Control, Read/ Write, and Read Only rights.
Detects orphaned iFolders and allows the iFolder Admin user to manage them
Maximum file size Software limits file size to 4 GB.
Maximum number of directories
No Yes
Below 4 GB, the maximum file size depends on the server’s and clients’ local file systems.
For example, on Windows clients, FAT32 limits file sizes to 4 GB. On Linux, EXT2 limits file sizes to 2 GB.
32,765 No software restrictions; depends on
There are no software restrictions, but the administrator can specify the maximum file size that users can synchronize as a system-wide policy.
Below the administrative maximum, the practical maximum file size depends on the server’s and clients’ local file systems.
the server’s and clients’ local file systems
What’s New 23
Feature or Capability Novell iFolder 2.1x Server Novell iFolder 3.x Enterprise Server
novdocx (ENU) 01 February 2006
Disk quotas The administrator can specify a
default user quota that applies system-wide, and specify individual user quotas for iFolder accounts.
Minimum synchronization interval
Allows administrators to specify which file types to synchronize
The administrator can set minimum synchronization intervals to apply system-wide and for individual users.
No Yes
The administrator can specify a default account quota that applies system-wide, individual user account quotas, and individual iFolder quotas.
An owner can also specify a quota for an individual iFolder, but the total combined quotas for all the iFolders the user owns cannot exceed the system-wide account quota or the user’s individual account quota, whichever is less.
An iFolder member can specify a quota for the iFolder on each client. The quota cannot exceed the iFolder’s quota or that user’s own quota for his or her account.
The administrator can set minimum synchronization intervals to apply system-wide, for individual users, or for an individual iFolder.
Administrator can specify file types to include or exclude by setting system-wide, individual account, or individual iFolder policies.
Allows administrators to enable or disable the iFolder synchronization
Authenticated access Yes, using the Admin username and
Encrypted data transfer Yes, with the encrypted iFolder
iFolder data stored encrypted on server
Yes, by temporarily disabling iFolder services for the user account.
password for the iFolder Management tool
option
The Blowfish algorithm is applied with a user-specified passphrase. The admin user determines whether encryption services are available to users.
Yes, with the encrypted iFolder option
The user must specify a passphrase when first creating the iFolder account.
Yes, by using the iFolder Enable/ Disable User function to temporarily disable login for the user to the user’s iFolder account.
Yes. The Admin user logs in to iManager, then must use credentials equivalent to the iFolder Admin user to connect to the iFolder server.
Yes, with automatic HTTPS (SSL) connections. The iFolder Admin user or equivalent determines whether secure or insecure connections are used.
No. Data is stored unencrypted for all iFolders.
24 Novell iFolder 3.x Administration Guide
Feature or Capability Novell iFolder 2.1x Server Novell iFolder 3.x Enterprise Server
novdocx (ENU) 01 February 2006
Backup of local files to a network server
Backup support to restore deleted files
Files in users’ local iFolders are backed up on the iFolder server.
Entire iFolder contents must be backed up and restored.
Files in users’ local iFolders are backed up on the iFolder enterprise server.
Individual files, directories, and iFolders can be backed up and restored.

2.5 Comparison of 2.1x and 3.x Client Features and Capabilities

Feature or Capability Novell iFolder 2.1x Client
Download location The iFolder download page is
http://serveraddress/ iFolder
Replace serveraddress with the IP address or DNS name of your iFolder server. For example,
192.168.1.1 or nifsvr1.example.com. The
path is case sensitive.
iFolder Client with a Novell iFolder
3.x Enterprise Server
The administrator provides a download site where users can download the iFolder client, such as the iFolder 3.x Welcome page on the OES Linux server.
Default location of the iFolder directory on a client
Connect to server Log in to one account at a time. Set up accounts for multiple
Authenticated access Yes, with username and
Encrypted data transfer Yes, with the encrypted iFolder
iFolder data stored encrypted on server
Windows: C:\Documents and
Settings\username\My Documents\iFolder\userna me\Home
Linux: /home/userid/ ifolder/userid
Macintosh: Not supported
password authentication via your LDAP server.
option.
The Blowfish algorithm is applied with a user-specified passphrase.
Yes, with encrypted iFolder option
The user must specify a passphrase when first creating the iFolder account.
Anywhere the user wants to create an iFolder on his or her Windows, Linux, or Macintosh computers.
iFolder servers and log in to one or more as desired.
Yes, with username and password authentication via your LDAP server.
Yes, with automatic HTTPS (SSL) connections.
Administrators control whether connections use HTTPS or HTTP.
No
Data is stored unencrypted on the server.
What’s New 25
novdocx (ENU) 01 February 2006
Feature or Capability Novell iFolder 2.1x Client
iFolder data stored encrypted on clients
No
iFolder data is stored unencrypted on the client. Use third-party local encryption options, if needed.
Create an iFolder Yes, by logging in to the server for
the first time after being provisioned for iFolder services.
iFolder Client with a Novell iFolder
3.x Enterprise Server
No
iFolder data is stored unencrypted on the client. Use third-party local encryption options, if needed.
Yes, by selecting any local directory and making it an iFolder. A user can create multiple iFolders in each iFolder account.
Maximum iFolders per username One Multiple. Virtually unlimited
number of iFolders as an owner or member.
Share an iFolder across multiple computers
Yes, by logging in to an iFolder server from a computer with the iFolder client, or by accessing the iFolder via the Web with NetStorage.
Yes, by logging in to an iFolder account from another computer with an iFolder client and setting up the available iFolder.
You can select which of the iFolders you own or participate in to set up on each computer, according to your needs at each location.
Share an iFolder with other users Not as designed, but it is
possible.
The administrator can create a username for this purpose. Membership in the iFolder is determined by who has access to the password for that username and its iFolder account.
Participate in a shared iFolder owned by another user
Not as designed, but it is possible if the iFolder’s owner shares his or her username and password.
IMPORTANT: Sharing a password is a security risk and is never recommended.
Allows the owner of a shared
No Yes iFolder to transfer ownership of a shared iFolder to another user
Yes, as the owner user or a member user with the Full Control right.
• For each iFolder, specify a list of users.
• For each member of an iFolder, specify different levels of access with the Full Control, Read/Write, or Read Only right.
Yes, if the owner adds you as a member.
After the owner makes you a member of the iFolder, the server notifies you by making the iFolder available in your My iFolders window. Use the iFolder Setup function to activate the iFolder on one or more computers where you want to participate.
26 Novell iFolder 3.x Administration Guide
novdocx (ENU) 01 February 2006
Feature or Capability Novell iFolder 2.1x Client
Allows the iFolder owner to
No Yes
iFolder Client with a Novell iFolder
3.x Enterprise Server
transfer ownership the iFolder to another user
Maximum file size Software limits file size to 4 GB.
Below 4 GB, the maximum file size depends on the server’s and clients’ local file systems.
For example, on Windows clients, FAT32 limits file sizes to 4 GB. On Linux, EXT2 limits file sizes to 2 GB.
There are no software restrictions, but the administrator can specify the maximum file size that users can synchronize as a system-wide policy.
Below the administrative maximum, the practical maximum file size depends on the server’s and clients’ local file systems.
Restrict synchronization by including or excluding files by file type, such as .mp3
No Yes, with policies set by the
administrator that can apply system-wide, to individual user accounts, or to individual iFolders.
Maximum number of directories 32,765 No software restrictions; depends
on the server’s and clients’ local file systems.
Disk quotas No An owner can specify a quota for
each iFolder, but the total combined administrative quotas for all owned iFolders cannot exceed the user’s quota, or the system-wide quota if there is no user quota.
An iFolder member can specify a quota for the iFolder on each computer where the iFolder is set up.
Minimum synchronization interval The user sets a synchronization
interval for each workstation. The value cannot be less than the system-wide setting or individual
The user sets a synchronization interval for each computer that applies to all iFolders in all accounts on that computer.
user setting.
Allows users to suspend synchronization for a given client
Yes, using any of the following methods:
Yes, using any of the following methods:
computer
• Log out of the iFolder server
• Disable Automatic Synchronization in the Preferences tab. You can remain logged in, and then synchronization when you want with the
• Log out of the iFolder server account
• Disable Automatic Sync
• Disable the account in the Account window (deselect Enable Account)
Synchronization Now option.
What’s New 27
novdocx (ENU) 01 February 2006
Feature or Capability Novell iFolder 2.1x Client
Remote access to iFolder data on the server
Backup of local files to a network server
Backup support to restore deleted files
Yes, using NetStorage.
Your administrator must configure NetStorage for iFolder services.
Files in users’ local iFolders are backed up on the iFolder server.
Administrators must back up and restore the entire iFolder contents.
iFolder Client with a Novell iFolder
3.x Enterprise Server
Yes, using iFolder 3.x Web Access
Files in users’ local iFolders are backed up on the iFolder enterprise server.
Administrators can back up the entire iFolder data store. They can restore individual files, directories, or iFolders.

2.6 Comparison of 2.1x and 3.x Web Access Features and Capabilities

Feature or Capability Novell iFolder 2.1x Web Access Novell iFolder 3.x Web Access
Web access method For iFolder 2.1.4 and earlier, the
Java* applet or Novell NetStorage (for NetWare
®
servers only)
iFolder 3.x Web Access for Novell Open Enterprise Server for Linux
For iFolder 2.1.5 and later, Novell NetStorage for Novell Open Enterprise Server (both Linux and NetWare servers)
Web access location http://serveraddress/iFolder
Replace serveraddress with the IP address or DNS name of your iFolder server. For example,
192.168.1.1 or nifsvr1.example.com. The
path is case sensitive.
Connect to server The user has only one iFolder per
username. The user accesses the iFolder server where his or her files are located for that username.
http://serveraddress/ webalias
Replace serveraddress with the IP address or DNS name of your iFolder server. For example,
10.10.1.1 or nifsvr1.example.com.
Replace webalias with the administrator-specified path. The default path is /ifolder. The path is case sensitive. For example:
http://10.10.1.1/ ifolder
Users separately access the different servers where you have accounts. All iFolders for the individual account are available.
28 Novell iFolder 3.x Administration Guide
Feature or Capability Novell iFolder 2.1x Web Access Novell iFolder 3.x Web Access
novdocx (ENU) 01 February 2006
Authenticated access Yes, with username and
password authentication via your LDAP server.
Encrypted data transfer Yes, with the encrypted iFolder
option.
The Blowfish algorithm is applied with a user-specified passphrase.
WebDAV protocol support Yes, allows WebDAV clients,
such as Microsoft Explorer, to seamlessly access folders and files on an iFolder 2.1x server.
Yes, with username and password authentication via your LDAP server.
Yes, with HTTPS (SSL) connections for data transfer.
No
What’s New 29
novdocx (ENU) 01 February 2006
30 Novell iFolder 3.x Administration Guide
Loading...
+ 118 hidden pages