How can we help you today?

Granular Permission settings on Shares

You are here:
< Back

MyWorkDrive Server Version 6 introduced granular permissions on shares, to provide additional flexibility to administrators to manage how users access shared files and documents. It provides settings for Clients, Files/Documents (via DLP), and Invited Guest Users.


When a box is not checked on the permissions matrix, the users or groups who do not have the checkmark will not be able to use that function – login via that client, download files, etc.


Not all permissions will always appear on share details. For example, the Download and Office Online Edit options require DLP to be enabled in Enterprise Settings, and the master settings set at the top of share details to be enabled.

The option to enable/disable users/groups for the MyWorkDrive Clients and Guest User Access will not be displayed if the corresponding features are disabled or not configured.


Granular Permissions are shown when editing a share in share details, and share details have been revised to improve usability.

When creating a share, the NTFS permissions are now nested under the Edit and Import. You’re required to edit or import them and a warning message will prevent you from saving if you do not complete that step.

Once you complete that step, the share will load with default settings. In this case, note that the Mapper Client is not enabled nor available and Download is not displayed as an option. That’s because this server has DLP enabled, and Download is not enabled at the top of the share settings. To provide select users access to the Map Drive client – use the new Granular Permissions! Download must be enabled for a user/group to have Mapper Client privileges.

For ease of use, you can click the column header to select and deselect the entire row. Once Download is enabled, click Download in the header row above the check boxes to enable all of the users & groups listed.


Remember, MyWorkDrive cannot add permissions to NTFS which do not already exist, we only provide you the ability to add/edit users/groups to limit permissions down from what the user would have via SMB or VPN. If you require users/groups which do not exist in NTFS, add them to NTFS first!


If a user attempts to use a client they are not approved for, those shares will not be displayed – and if no shares are available, the user will receive the standard message that no shares have been provisioned.


Common Questions

Download and Office Online Edit do not display for me as options, how do I enable those

Download and Office Online Edit are part of our Data Leak Prevention features. Click here to read about enabling DLP on your server. Note that DLP requires an Enterprise license if you are not on an enterprise license Contact Sales about an upgrade.

I’ve enabled DLP, but only Download shows as an option. Office Online Edit is not available.

Verify that Office Online 365 edit is enabled in settings. You can read more about that here.

Guest User access does not appear as an option for me, how do I enable that?

Guest User Access is enabled in Enterprise settings and requires an integration with AzureAD. Read the complete setup guide and watch the video here for further details

One of the Client options is not available on my Shares

All three clients – Web, Mapper and Mobile – can be disabled on the Settings page. When disabled, they will not appear as an option on Granular permissions. Double check settings and enable them for users to access.