Security within iFileshare, either in single mode or working as a high availability group, is provided through the standard Enterprise Server facilities.
Micro Focus recommends that you use an ESM (External Security Manager) to control access to the files within iFileshare.
Native Enterprise Server work running on the iFileshare primary server is authorized in the SEPs and no further security checking is done. For external clients (Enterprise Server SEPs or standalone processes), the user ID and password combination is validated at sign-on, and the ID is checked for authorization to access files on the iFileshare primary server. If you are not using an ESM, authorization is assumed when the user ID/password is validated; otherwise, the ESM controls user authorization.
The following is a sample ESM configuration:
# Sample security definitions for Integrated Fileshare #################### # Default IFS User # #################### dn: CN=IFSUSER,CN=Enterprise Server Users,CN=Micro Focus,CN=Program Data,DC=X changetype: add objectClass: microfocus-MFDS-User microfocus-MFDS-UID: mfuid microfocus-MFDS-User-MTO-Priority: 0 microfocus-MFDS-User-MTO-Timeout: 0 microfocus-MFDS-User-MTO-OperatorClass: 0 microfocus-MFDS-User-AllowLogon: TRUE microfocus-MFDS-User-DefaultGroup: ALLUSER description: Default IFS user ################### # ES Class = SIFS # ################### dn: CN=SIFS,CN=Enterprise Server Resources,CN=Micro Focus,CN=Program Data,DC=X changetype: add objectClass: top objectClass: container description: Integrated Fileshare SIGNON ############################### # Integrated Fileshare SIGNON # ############################### dn: CN=ESDEMO,CN=SIFS,CN=Enterprise Server Resources,CN=Micro Focus,CN=Program Data,DC=X changetype: add objectClass: microfocus-MFDS-Resource microfocus-MFDS-Resource-Class: SIFS microfocus-MFDS-Resource-ACE: allow:SYSADM group:execute microfocus-MFDS-Resource-ACE: allow:ALLUSER group:execute microfocus-MFDS-Resource-ACE: deny:*:execute microfocus-MFDS-UID: mfuid description: Give sysadmin, normal, and anonymous users access to IFS