When deploying Desktop App (v3.x.x+) or Desktop Sync (v9.1.x+), Administrators can define a list of Active Directory domains that user accounts need to be connected to in order to use either app. This allows Admins to control deployments of both applications to ensure they are only used on user accounts joined to known domains and with pre-defined UPN suffixes.

If a user's UPN suffix is not entitled through this mechanism, they will see a message informing them they are not authorized or permitted to sync or connect to the cloud using either app.

The message will persist until the user becomes an authorized domain user with an authorized UPN suffix or if the list of authorized suffixes is updated in the cloud. With the Desktop App, users' drives are removed, and users are notified that their device is not authorized to connect to the specified Egnyte domain.

 

Enable Device Entitlement for the Desktop App and Desktop Sync

You can enable device entitlement for the Desktop App and Desktop Sync by raising a support ticket to request for device entitlement to be turned on with the following information:

  • Name of your Egnyte domain (e.g., acme.egnyte.com)
  • List of all possible UPN suffixes for which app usage should be allowed (e.g., acme.com,acme.co.uk)
Note: Turning on device entitlement will affect both Desktop Sync and the Desktop App.

To find the UPN suffix information that you can supply on a specific device using the following commands:

On Mac

Run the following command in a console window and look for domain name near the top of the resulting output:
dsconfigad --show

On Windows

Run the following command in a command prompt, while logged in as the given user and check the UPN suffix (ie. the domain portion of the UPN after the '@' character):
whoami /upn

 

Device Entitlement on Other Clients

Device entitlement is also available on Egnyte's mobile clients.