TAC File Access web application allows remote users to access, view and download corporate files securely. Remote users are able to upload files through TAC File Access web uploader or by doing drag and drop. Using File Access, users are able to access the file shares from anywhere without disruption regardless of where they are physically located.
When you publish File Access through the TAC Site, remote users are presented with an Explorer-like web interface. The basic File/Folder permission and share permissions will be effected for the file access. Only allowed or permission granted files and folders will be presented to the remote user.
You can configure file access by just sharing a folder in your network or through Distributed File Share (DFS) server namespace. Publishing through DFS will give you robust control over what you share.
In order to publish File Access, both TAC server and File Access servers must be members of the same domain in which users are located, or in a trusted domain or a member of a domain which has a trust relationship with the file server domain.
In the File Access feature of TAC, the administrator defines global file share folders that may be accessible by all of the users in the organization, which could be a common directory. Administrator should identify which folders are common for all users. For example: If an organization has a common folder for file share among the users, you may configure it under Global File Access. In so doing, you are not required to configure that file server share again under File Access application publishing.
To Configure Global File Access, go to TAC Management Console and select File Access under Configuration menu. It will bring you to File Access window.
Under Generic you can define maximum upload size in bytes. This will limit upload size of a file through File Access web interface by user.
Under Global folders, define list of corporate network folders available for web access as explained above. This list of folders is present in every File Access application publishing unless File Access application overrides it.
Enter the physical path of the share under Physical Path. Physical Path represents the actual path of the share in the internal network.
Virtual Path is a path used in the display tree of File Access web interface. Virtual Path allows you to mask real physical paths behind it. Virtual path should use ‘/’ as separator or without leading ‘/’ you may just add the directory name inside the physical path as below:
As per above settings, user will be listed with a directory called “software” in the File Access Explorer-like web interface directory tree. Virtual path is optional and allows to mask original physical path.
Additionally, you may control user actions for the defined file share. You may enable or disable upload or delete by selecting/de-selecting “Allow Upload” and “Allow Delete” options. If you want to present users with a read-only directory, simply disable “Allow Upload” and “Allow Delete” options and you are done. You may set these options per share. You may do additional file access control by its network share permissions and that will not override TAC File Access. Only permitted file shares will be presented for the web access to the logged in users.
Administrator may use %UserName% variable in physical path to define per-user folder path. By doing this, users will get their own home directory in a centralized file share and they can access their own files from anywhere at any time.
Click Ok to complete your configuration. Remember: For the changes to take effect, you must click Apply Configuration.
Next you will publish File Access to access from the TAC Site.
To publish File Access in the TAC Site, do the following:
In the TAC Management Console select the site that you want to publish File Access and click Add under Applications.
In the Add Application Wizard, select File Access under Built-in application type.
Under Application Name, provide a friendly name for the application.
Select Server-type. Single application server or farm of application servers.
Under File Access, select whether to list Global File Access folders with the File Access application or not. Select Use to list and Ignore to ignore Global File Access folders.
Similar to Global File Access, enter the physical path of the corporate network folders available for web access. Virtual Path is optional and you may control user actions by selecting/de-selecting “Allow Upload” and “Allow Delete” options.
Select Enable Single Sign-On and add authentication server by clicking Add.
Under the security window, select Authorize All Users to authenticate all users.
Note: If you select the Authorize All Users checkbox, it will provide access to all valid users except users that have Deny Attribute set on Users and Device Management console. Please see Users and Device Management for more details.
In the Access Policy select the access policy if any.
In the Portal Link, click Next.
Your File Access is ready to publish. Remember: For the changes to take effect, you must click Apply Configuration.