Permission Preservation
On This Page
Overview
Permission Preservation determines how permissions are transferred between platforms. You specify how you want the source permissions for folders and files to transfer to the destination platform during the job run.
The Permission Preservation toggle on the Advanced job settings page will be inactive for jobs that use platforms that don’t support permissions.
Preserve Item Authorship/Ownership
The preserve item authorship/ownership feature allows for files being copied/synced/or migrated to maintain their original author/owner information. In order to preserve authorship, both the source platform connector and the destination platform connector must support this feature. Refer to the Platform Comparison to verify compatibility between your platforms.
While DryvIQ will automatically attempt to map users based on various rules, such as name and actual ID, it is also possible to map specific users from one platform to another. This is useful when a user no longer exists or when a user's name, email, or other identifiable information is different between platforms.
DryvIQ tracks associations between items and user mappings, similar to permission tracking. Users who created or modified the item or its versions (when applicable) will be displayed on the User mapping tab of the job page. For author/owner preservation tracking to work, the job audit level must be set to at least "Info" (the default level for the DryvIQ user-interface).
The Preserve Destination root folder authorship option allows you to preserve authorship for the root folder. Note that authorship will only be preserved if DryvIQ creates the root folder on the destination as part of the transfer. If the root folder already exists on the destination, the authorship from the source will not be preserved on the destination. Instead, authorship on the destination will be whoever created the root folder on the destination.
Preserve Item Permissions
The item permissions policy determines how you want permissions to be applied with your job execution(s). There are four options available:
Disable Preserve Item Permissions: If you do not turn on the Preserve Item Permissions toggle, the item permissions will not be preserved. No permissions will be passed from source to destination. This is the default. You must turn on this toggle in order to use any of the other preserve item permissions options.
Add permissions: The current permissions existing on impending transfers (on files or folders) will be preserved as they are transferred on both the source and the destination. This is the recommended setting.
Prefer permissions on the source: This will reconcile permissions with the source, which will remove permissions from the destination if they do not match the source. This will keep things in sync if the destination folder levels more permissions than the source. This is a good option for sync jobs that are constantly moving back and forth to keep everything as intended.
Assign permissions from file: Permissions for items on the source will not be retained. Instead, new permissions will be assigned based on information provided in a csv formatted file stored on the source platform. See Permissions Import for information about how to structure your permission import file.
Shared links only: This preserves permissions for shared links only. No other permissions are preserved.
Permission Failures
Permission failure policy determines what should happen with your job execution(s) should it encounter failures. You can select to transfer the item even if there is an issue with applying permissions to the item. This is the recommended setting. If preferred, you can choose to not to have items transferred if permission failures occur.
DryvIQ will reevaluate permissions every time the content changes or a permissions reset is performed. This is applicable for both copy and synchronize job types. For example, if a new permission is added to a file but no other changes occur, DryvIQ will not apply this permission on subsequent runs. A permission reset will need to be performed.
Shared Links Policy
Several platforms support the option to share files and folders through a link. The Shared Links Policy determines whether "domain" or "anyone" links are transferred from the source to the destination. Permission Preservation must be turned on for the job in order to use this policy.
This option is automatically enabled when shared links only is selected as the item permissions policy.
Platforms that Support Shared Links
The following platforms support shared links. Refer to the Platform Comparison to see conflict between platforms.
Box (See below for additional information.)
Dropbox
Microsoft SharePoint Online (Microsoft Office 365/Microsoft OneDrive for Business Online)
Google Workspace
Box
Box supports links for the following:
(Anyone) People with the link: Anyone with the link view only.
(Company) People in your company view only.
(Company) Invited people only: shared link will be view only; invited users can be set as view or edit.
Box has an additional option to view and download but we do not support transferring that and this is not an applicable option for SPO.
DryvIQ only supports anyone or domain (company). When transferring to Microsoft SharePoint Online, the Box options will be translated as follows:
Anyone: Anyone with the link can view.
Company: People in
company
with the link can view.Company Internal: People in
company
with the link can view, and the invited users from within the company will be added to the Microsoft SharePoint Online direct access list with the corresponding edit or view rights.Company External Users: People in
company
with the link can view, and the invited external user will go to the pending access and requests page.
Sharing Terms
Anyone/Anonymous: Links that can be shared with anyone.
Box: open
Dropbox: public
Google: anyone
SharePoint: anonymous
Domain: Links that can be shared only within your organization or enterprise.
Box: company
Dropbox: team_only
Google: domain
SharePoint: organizational
Shared Links Support
DryvIQ handles shared links differently per platform. The following list defines different ways DryvIQ handles shared links. Refer to the table below to see how DryvIQ handles shared links for each platform that supports this feature.
READ/VIEW RIGHTS UNSAFE-ONLY: Links will be transferred as “view only.”
READ/VIEW AND WRITE/EDIT: Both "read" and "edit" links can be transferred.
ANYONE LINKS UNSAFE-ONLY: Anyone/Anonymous are links that can be shared with anyone.
SUPPORTED: Feature is fully supported by the Platform and DryvIQ.
NOT SUPPORTED: Feature is available by the Platform but not supported by DryvIQ.
NOT APPLICABLE: Feature is not supported by the Platform.
| Box | Dropbox | Microsoft SharePoint Online | Google Workspace |
---|---|---|---|---|
Number of Links | 1 link per file or folder | 1 link per file or folder | multiple links per file or folder | Max 2 links; anonymous and/or a domain |
Rights | READ/VIEW RIGHTS UNSAFE-ONLY | READ/VIEW RIGHTS UNSAFE-ONLYVIEW -ONLY | READ/VIEW AND WRITE/EDITDEDIT | READ/VIEW AND WRITE/EDITRITE/ |
Expiration Date | SUPPORTED | SUPPORTEDPPORTED | ANYONE LINKS UNSAFE-ONLY | READ/VIEW RIGHTS UNSAFE-ONLYFE-ONLY |
Link Passwords | NOT SUPPORTED | NOT SUPPORTEDORTED | NOT APPLICABLE | NOT APPLICABLE |
Disable Download | NOT SUPPORTED | NOT SUPPORTEDT | NOT APPLICABLE | NOT APPLICABLE |
User and Group Mapping Policy
User and group mapping policies allow accounts and groups to be mapped between platforms. Maps can be created before creating the job in the Maps area. If a map that uses the source and destination selected for the job exists, the map field will default to this map when you select the mapping option. If a map doesn’t exist, you need to use the corresponding Create new map policy link to create the map before you can select to use the user or group map policy. Refer to Maps for information about creating new maps.