To add or edit a StorageVault, go to the My Syncplicity web site from your browser and log in as an administrator. Select admin > settings then click the Manage StorageVaults link in the Enterprise Edition Features section.
If adding a StorageVault, click Add StorageVault then enter the properties in the page shown. If editing a StorageVault, click the name of the StorageVault to open the Manage StorageVault Settings page.
Whether adding or editing a StorageVault, you can configure the following settings:
- Name: Any unique name you choose to identify the StorageVault.
- Description: Text that further identifies the StorageVault and its intended use.
- Storage Quota: The maximum amount of storage from this StorageVault that can be used by the Syncplicity account. For details see the storage quota section later in this article.
- Microsoft Integration: If editing the settings for a StorageVault and the Microsoft Integration feature is enabled for your account, you can choose to enable this feature for this StorageVault. For details see the section about Microsoft Integration for on-premises storage later in this article.
- On-Premises Storage Connector Servers: The URL of one or more Storage Connectors that allow access to the storage endpoints. For details see the section about on-premises storage connector servers later in this article.
- Secure Shared Files: If editing the settings for a StorageVault and the Secure Shared Files feature is enabled for your account, you can choose to enable the feature for this StorageVault. Depending on your configuration, you may be able to select the Cloud Rights Management Server or a local Rights Management Server. You can configure the StorageVault to use only one Rights Management Server. Once you select a Rights Management Server, click the associated button to test the connection. For details on the Secure Shared Files feature, see Secure Shared Files.
NOTE: The access key is assigned when you create a StorageVault and cannot be changed. See the access key section later in this article.
Make sure to click Save to implement the new settings in your account's configuration. All settings take effect immediately.
Every account configured for on-premises storage is provided an access key. An access key is a shared secret between an on-premises deployment and the Syncplicity service. It is used to identify and authenticate the on-premises deployment. Each Storage Connector in your on-premises deployment has the access key entered in its configuration file.
The access key is a critical security token that must not become known to anyone else but the Syncplicity account administrator and the system administrator in charge of the on-premises deployment. If there is any suspicion the access key has been compromised, contact Syncplicity Support immediately.
As files synchronize, the Syncplicity service keeps track of how much data has been uploaded into each user's account, and subsequently into the overall company account. The quota setting in this section defines a limit on the amount of data that can be stored in the storage endpoint. When this limit is exceeded, Syncplicity clients are no longer allowed to upload additional data; users see an "out of space" notification. Use this setting to specify the storage limit for your deployment.
Due to compression and de-duplication, the amount of physical space taken up on your storage endpoint is lower than the amount of space reported in the Syncplicity administrator pages, which affects your quota. The exact delta depends on the type of data your company's users are synchronizing and the compression and encryption settings in your on-premises deployment.
On-premises Storage Connector servers
In addition to an EMC Isilon or EMC Atmos storage backend, each on-premises deployment consists of two or more Storage Connectors. The exact number of Storage Connectors depends on the expected load on the system; your account representative can aid in sizing your specific deployment. Each Storage Connector plays a key role in any on-premises deployment:
- Exposes upload and download APIs that all Syncplicity clients access when transferring files to and from the Syncplicity account.
- Compresses and encrypts all data according to a configuration preference.
- Communicates with the Syncplicity server to authorize client connections and exchange necessary metadata.
For more information on Storage Connectors, see About Syncplicity StorageVaults and On-Premise Storage.
Microsoft Integration for on-premises storage
Integration with Microsoft for online viewing and editing of Office documents within the Syncplicity file browser using Office Online, and on mobile devices using Office for mobile, can be configured for on-premises storage. A separate on-premises connector, called the WOPI Connector, must be downloaded, deployed and configured for each StorageVault that you wish to enable this integration. Before continuing with the steps in this section you must first have completed the deployment and configuration of the WOPI connector. For more information, see Deploying Syncplicity On-Premises WOPI Connector.
Note: Access to Syncplicity folders in on-premises storage configured with StorageVault Authentication (SVA) is restricted for Microsoft Office for mobile. This is due to the design of SVA and the Microsoft architecture.
Once you have completed the installation and configuration of the WOPI connector, there are still a few more steps to make your Syncplicity files stored in your on-premises storage available to be viewed and/or edited by Microsoft Office. These additional steps are required because Microsoft Office applications communicate through the Syncplicity registered domain. Each Syncplicity on-premises storage endpoint that is to be enabled for Microsoft Integration must be allocated a unique sub-domain of wopi.syncplicity.com.
- Contact Syncplicity Support to choose a hostname that will be used to create the WOPI sub-domain. You should contact Support by sending an email to email@example.com.
- The generic format of the sub-domain is created by adding your unique hostname to the *.wopi.syncplicity.com domain.
- For example, for a given hostname “acme-1”, the FQDN for your sub-domain would be:
- Once Syncplicity has confirmed that your unique host name is available, you will need to provide the following information:
- The externally-addressable IP address for the WOPI Connector. This should be behind a load balancer.
- The certificate signing request (CSR) file for your sub-domain. The CSR must be generated by you, and will be used by Syncplicity to create the SSL certificate for the registered DNS entry. You will own and retain the private key for this CSR, which you should not share with Syncplicity (or anyone else).
Note: For your security, although you are sharing the CSR with Syncplicity, you will retain sole ownership of the corresponding private key. The CSR data file includes the public key that is paired with your private key. Syncplicity submits the CSR to our SSL Certificate Authority (CA), who creates the SSL certificate without compromising the key itself. Neither Syncplicity nor the CA ever see the private key.
- With the provided CSR file, unique hostname and IP address, Syncplicity will generate the SSL certificate and register the FQDN for your sub-domain.
- Syncplicity needs to create the SSL certificate on your behalf for this sub-domain because we are the registered owners of the top-level domain *.syncplicity.com. Syncplicity has registered this domain with Microsoft for all files accessed through the Syncplicity service.
- Syncplicity Support will provide you with the generated SSL certificate and confirmation of the registered sub-domain to you.
- You will need to install the SSL certificate on the load balancer which is configured for SSL offloading to your WOPI Connector. See the “Prerequisites for the WOPI Connector” article for more details.
- For the final step, you need to enable Microsoft Integration.
- Navigate to https://my.syncplicity.com/Business/StorageEndpoints.aspx.
- Select the specific StorageVault that you have enabled with the WOPI Connector.
- Under “Microsoft Integration”, enter the FQDN for your on-premises WOPI Connector.
If you do not see this section, check that Microsoft Integration has been enabled for your company account. See Enabling Microsoft Office Integration for more details on this setting.
You should now be configured to start using Microsoft Integration for this StorageVault.