To open the User and Group Lookup policies:
- Login to Syncplicity with administrator credentials.
- In the navigation bar, click Admin → Policies → Security → User and Group Lookup. The Internal policy displays.
Internal policy
This policy allows company administrators to set restrictions on how internal users lookup recipient's email and group names when sharing files or folders.
NOTES:
- The default policy set is applicable for all users in your company.
- This policy does not apply to admin user accounts.
Use Case
As an enterprise, Company A wants to control the exposure of personally identifiable information (PII). Also, Company A has provisioned partner accounts within their tenant. When they share files or folders, they do not want users (that belong to a partner) to lookup other users. By default, Syncplicity allows all internal users to lookup all provisioned users within their tenant. Company A admins can set this policy to restrict this type of lookup.
Procedure
To set the User and Group Lookup policy, perform the following steps:
- Log into Syncplicity as an administrator.
- Select Policies → Security → User and Group Lookup → Internal.
- Select one of the following options:
- Allow lookup of all users and groups - Allows an internal user to lookup all users and groups within your company without any restrictions. By default, this option is selected for all users.
- Limit lookup of users and groups to groups they belong to - Allows an internal user to lookup only the users and groups they belong to.
- Block lookup of all users and groups - Prevents an internal user to lookup any users or groups within your company by setting restrictions for this type of lookup.
- If there are two policies configured for two different groups, it is important to understand how this can impact the groups. For details, review the following section that provides sample scenarios for this type of configuration.
Sample Scenarios
Groups configuration:
|
Group |
has following users |
|
Group-1 |
User-1 |
|
Group-2 |
User-2 |
|
Group-3 |
User-4 |
|
No Group |
User-5 |
Policy configuration and result visibility for users and groups:
|
If the following Policy set is applied... |
User |
can see the following users |
can see the following groups |
|
Allow lookup of all users and groups |
User-1 |
User-2 |
Group-1 |
| User-2 | User-1 User-3 User-4 User-5 |
Group-1 Group-2 Group-3 |
|
| User-3 | User-1 User-2 User-4 User-5 |
Group-1 Group-2 Group-3 |
|
| User-4 | User-1 User-2 User-3 User-5 |
Group-1 Group-2 Group-3 |
|
| User-5 | User-1 User-2 User-3 User-4 |
Group-1 Group-2 Group-3 |
|
|
Limit lookup of users and groups to groups they belong to |
User-1 |
User-2 |
Group-1 |
| User-2 | User-1 User-3 |
Group-1 Group-2 |
|
| User-3 | User-2 | Group-2 | |
| User-4 | - | Group-3 | |
| User-5 | - | - | |
|
Block lookup of all users and groups
|
User-1 |
None |
None |
| User-2 |
None |
None |
|
| User-3 | None | None | |
| User-4 |
None |
None |
|
| User-5 |
None |
None |