After you create or link your ShareFile account, perform the following tasks:
- Provision administrators.
- Provision users.
- Import Active Directory users into ShareFile.
- Configure authentication.
The first thing you need to do is provision administrators. When your account was created, it was provisioned with an account owner. In addition to this administrator, you can provision additional administrators.
To begin using your new ShareFile account, you must add users and configure authentication. To provide a seamless experience to your end users, you use SAML to authenticate against your Active Directory user accounts.
Importing Active Directory Users into ShareFile
The ShareFile User Management Tool (UMT) makes it easy for you to add your Active Directory users into ShareFile. You can use the tool to provision user accounts and create distribution groups from Active Directory (AD).
Importing users from Active Directory can take some time and be resource intensive. To help with this, you can schedule the tool to run at selected times. In addition to the initial import, you can also use the tool to keep your ShareFile users synchronized with your AD users.
For more information about the UMT, see User Management Tool for Policy-Based Administration.
After you have imported your users in to ShareFile, you must configure authentication. When using the Citrix Cloud environment, you want to use SSO. SSO is done using the SAML protocol. In this environment you have two options for configuring SAML – either using ADFS or via Endpoint Management SAML authorization.
Configuring Authentication with ADFS
You can integrate your ShareFile account with Active Directory (AD) to enable single sign-on for users with AD credentials. ShareFile supports Security Assertion Markup Language (SAML) for single sign-on. You configure ShareFile to communicate with a SAML-based federation tool running in your network. User logon requests are then redirected to Active Directory. You can use the same SAML Identity Provider that you use for other web applications. For more information, see ShareFile Single Sign-On SSO.
Configuring Authentication to your Active Directory with Endpoint Management
You can configure Endpoint Management and Citrix Gateway to function as a SAML identity provider for ShareFile. In this configuration, a user logging on to ShareFile using a web browser or other ShareFile clients is redirected to the Endpoint Management environment for user authentication. After successful authentication by Endpoint Management, the user receives a SAML token that is valid for logon to their ShareFile account.
Now that you have configured your users and authentication, review how ShareFile will be accessed. There are two specific types of access you need to look at: administrator access and user access.
As administrator, you may need to make changes to your ShareFile configuration or manage your account.
There are three options on how users access their data in ShareFile. Data can be accessed directly using the Web UI. The other two options depend on what other applications you have enabled. If you have Citrix Virtual Apps and Desktops or Endpoint Management enabled, users can access their data through one of those applications.
Accessing ShareFile through the Web UI
End users can access ShareFile directly by going to
Accessing ShareFile with Citrix Virtual Apps and Desktops
Accessing ShareFile with Citrix Virtual Apps and Desktops is done using Citrix Files for Windows. Citrix Files allows you to access your files in ShareFile directly through a mapped drive providing a native Windows Explorer experience.