StorageZones Controller Setup Guide

Host your ShareFile Data on a privately managed StorageZone

Extend access to existi ng Fi le Shares and SharePoint Sites to mobile users
September 2013

1

Contents
Host Server Prerequisites.............................................................................................................................. 2
IIS Prerequisites ............................................................................................................................................ 3
Installing StorageZones Controller .............................................................................................................. 16
Create StorageZones Connectors for Network File Shares & SharePoint Sites .......................................... 27


2

Host Server Prerequisites
In order to create a privately hosted ShareFile StorageZone you will need the
following:
- A ShareFile Enterprise account with
o StorageZones Feature enabled
o A ShareFile User Account with the following Admin Permissions
enabled:
Allow this user to create and Manage Zones
Allow employee to select storage zone for root-level folders
Allow employee to create Network Share Connectors
Allow employee to create SharePoint Connectors
- Windows Server 2008 R2 with SP1 installed on host (dedicated machine or
virtual machine)
o Full version of .NET 4.5 installed
o IIS Role enabled
Role service ASP.NET installed
Role service Basic authentication type installed
- A dedicated public Fully Qualified Domain Name (e.g.:
https://sharefile.companyname.com)
- A publicly signed SSL Certificate from a Certificate Authority
o Self-signed and unsigned certificates are not accepted
o Wildcard certificates are supported
- Provision a CIFS share dedicated to hosting ShareFile Data
o Provision a named service account user for ShareFile and set Full
Control permissions on CIFS share on for named service account
- The most recent version of StorageZones Controller software

3

IIS Prerequisites
Step Action
1. Open Server Manager, ensure that ASP.NET and Basic Authentication Role Services are installed.

4

2. Confirm that Microsoft .NET framework 4.5 is installed by looking under Programs and Features

3. Open IIS Manager and select the host server (SZC1 in this example) in the Connections (left) column

4. Open ISAPI and CGI Restrictions
5


5. Set both ASP.NET v4.0.xxxx entries to Allowed

6

6. Navigate back to the main host page and open Server Certificates

7. Ensure that you have a public SSL certificate installed on the host. Certificate needs to be a public SSL
certificate. Certificate may be a privately signed if it is chained to a public SSL certificate on the external
firewall

7

8. Navigate to your host servers Default Website

9. In the Actions column, click on Bindings

8

10. Click Add in the Site Bindings dialogue.

11. Bind Port 80 for all unassigned traffic then click OK.

Port 80 is used by the StorageZones Controller application for regular internal health checks. No external
traffic travels over Port 80.
12. Click Add in the Site Bindings dialogue, again.

9

13. Bind Port 443 for all unassigned traffic. Select the SSL certificate you installed earlier. Click OK.

14 Site Bindings dialogue should look as follows:

Click Close.
10

15. Confirm you are able to browse to the IIS 7 web page by clicking
Browse *:80 (http) and Browse *:443 (https).
11

16. Confirm you are able to see the IIS 7 web page by navigating to the FQDN you have assigned to your
StorageZones Controller host, both internally and externally.

12

17. Provision a named service account in your Domain Controller

13

18. Provision a standard CIFS share. This share will need to be dedicated to ShareFile Data.

14

19. Share the CIFS share with the named service account with Full Control access on the share. Then click
Share

15

20. Take note of the UNC path to the CIFS share you have provisioned.




16

Installing StorageZones Controller
1. Download the current version of StorageZones Controller from the Citrix downloads page*:
https://www.citrix.com/downloads/sharefile.html

*A free Citrix Account is required
2. Double click the StorageZones Controller .msi installer that you
downloaded
3. Click Run in the Security Warning
dialogue.

17

4. Click Next on the
StorageZones
Controller Setup
Wizard welcome
message.
5. Read and check the
box indicating you
understand and
accept the Citrix
End-User License
Agreement and
click Next.
18

6. Select the default
destination to
install the
StorageZones
Controller
application and
click Next.
7. When ready click
Install.
19

8. Once the installer is
complete, uncheck
the box next to
Launch
StorageZones
Controller
Configuration
Page (you will
want to restart
your host before
configuring your
StorageZone).
9. Restart the StorageZones Controller host
by clicking Yes in the pop-up.
20

10. Once your host is back up click
Start, All Programs, Citrix
ShareFile StorageZones
Controller, and click on
Configuration Page.
21

11. Log in to the configuration page by entering your ShareFile Admin User email address, password and the
your companys ShareFile account (e.g.: yourcompany.sharefile.com)

12. If you are having trouble authenticating or configuring your StorageZone it may be necessary to
configure proxy settings on the Networking tab.

12. On the configuration page do the following:
Select the radio button next to Create new Zone and create a user-friendly name for your
Zone
o Hostname: Enter this servers Hostname (e.g.: SZC1)
22

o External Address: Enter the public FQDN you provisioned for your StorageZone (e.g.:
https://sharefile.yourcompany.com)
Check the box for Enable StorageZone for ShareFile Data (this enables ShareFile Data on your
StorageZone and will leverage the CIFS share you provisioned earlier
o Storage Location: Enter the UNC path to the CIFS share you provisioned earlier. This
share must be within the domain (e.g.: \\SZC1\ShareFileData)
o Storage Login: Enter the username of the service account you provisioned with Full
Control over this CIFS share in the following format: domain\svcacct
o Storage Password: Enter the password for the named service account
o Optional: Checking the box to Enable Encryption for ShareFile Data will encrypt the
data at rest on your internal storage.
Enable StorageZone Connectors
o Checking the box next to Enable StorageZones Connector for Network File Shares will
enable access to existing Network Shares for your users.
o Checking the box next to Enable StorageZones Connector for SharePoint will enable
access to existing SharePoint sites for your users.
o Whitelist allows you to ensure that you provide access only to desired Network File
Shares and SharePoint Sites. The default value of * provides access to all shares and
sites.
23

Click Register to register your StorageZones Controller host with the ShareFile Application
24

13. You should see the following if your configuration has been successful.

25

14. Check the Monitoring tab to make sure all StorageZones Controller components are configured and
running properly.

26

15. Navigating to your public FQDN should now take you to your Citrix ShareFile web page.

16. Test uploads and downloads into a Shared Folder with your StorageZone selected as the data storage.
Notice in the below example that there are 5 files in the ShareFile Web.
27


Files are stored as ShareFile Data, a web application-optimized format, in the following directory
structure: C:\[CIFS share]\persistentstorage\sf-us-1\ a8530e87-6db8-4179-a9fa-4541e67a879b
Create StorageZones Connectors for Network File Shares
& SharePoint Sites
1. Log into the ShareFile Web App at yourcompany.sharefile.com and navigate to the Connectors tab.

28

2. Click the Create Connector button. Go to 3-A. to create a Network File Share Connector. Go to 3-B. to
create a SharePoint Connector.

3-A. To create a ShareFile Connector to a Network File Share select the following:
Type: File Share
Zone: The StorageZone you provisioned earlier
Path: Enter the UNC path the network share you would like to add (e.g.:
\\host.domain.com\NetworkShare)
Name: User-friendly name (e.g.: Home Drive or Marketing Drive)
Click Add Connector
3-B. To create a ShareFile Connector to a SharePoint Site select the following:
Type: SharePoint
Zone: The StorageZone you provisioned earlier
Path: Enter the web address to the SharePoint Document Library you would like to add (e.g.:
http://sharepoint:xxxxx/sp1/Shared%20Documents/Forms/AllItems.aspx)
Name: User-friendly name (e.g.: Developer Site)
29


Click Add Connector
4. You will be takend to the View/Edit Connector Access dialogue where you may now add users and user
groups to the share. Click the Add Users dropdown menu.

5. Select whether youd like to add individual users from your Shared or Personal ShareFile Address Book,
or if youd like to add Distribution Groups of users.* Select the users or groups youd like to add and
click Add Selected Users.

*You must first have provisioned users and/or groups to your ShareFile account.
30

6. Finalize by clicking Add Users

7. All provisioned Connectors will appear within the ShareFile Web App under the Connectors tab.


8. Users will now be able to navigate their Network File Shares and/or SharePoint Sites from their iOS and
Android devices from within the ShareFile mobile apps.
31


9. If users are given the appropriate Admin permissions they may also
provision their own existing File Shares and SharePoint Sites from within
the ShareFile mobile apps. Users would do so by pressing the folder icon
with a plus symbol superimposed on it.
32

10. Users will then need to enter the appropriate information to provision a File Share or SharePoint Site
directly on their device. Clicking Create will provision the File Share for all users with access to it.