When deploying Desktop App (v3.x.x+) or Desktop Sync (v9.1.x+), Administrators can define a list of Active Directory domains that user accounts need to be connected to in order to use either app. This allows Admins to control deployments of both applications to ensure they are only used on user accounts joined to known domains and with pre-defined UPN suffixes.
If a user's UPN suffix is not entitled to using this mechanism, they will see a message informing them they are not authorized or permitted to sync or connect to the cloud using either app.
The message will persist until the user becomes an authorized domain user with an authorized UPN suffix or if the list of authorized suffixes is updated in the cloud. With the Desktop App, users' drives are removed, and users are notified that their device is not authorized to connect to the specified Egnyte domain.
Enable Device Entitlement for the Desktop Sync and Desktop App
You can enable device entitlement for the Desktop App and Desktop Sync by raising a Support ticket to request for device entitlement to be turned on with the following information:
- Name of your Egnyte domain (e.g., acme.egnyte.com)
- List of all possible UPN suffixes for which app usage should be allowed (e.g., acme.com,acme.co.uk)
Turning on device entitlement will affect both Desktop Sync and the Desktop App. Please note that Desktop Sync is longer be supported as of December 31st, 2019
To find the UPN suffix information that you can supply on a specific device using the following commands:
On Mac
Run the following command in a Terminal window and look for the domain name near top of the resulting output:dsconfigad --show
On Windows
Run the following command in a command prompt, while logged in as the given user and check the UPN suffix (ie. the domain portion of the UPN after the '@' character):whoami /upn
Device Entitlement on Other Clients
Device entitlement is also available on Egnyte's mobile clients.