This article explains how to create a new data room in DRACOON. You If necessary, you can set a storage space limit for the room at the same time. (but this is also subsequently possible). You also determine the room administrators, who are then responsible for user administration in the room are responsible.
Who is allowed to create data rooms?
- On the top level in DRACOON only those users may create data rooms who have the role Room Manager.
- Data rooms below an existing data room (i.e., subrooms) may only be created by the room administrators of the data room in which the subroom is to be created. Users who only have the role of room manager, but are not room administrators in this room, are not allowed to create subrooms there..
Topics of this article
Creating a new data room on the top level in DRACOON
- Click All Files in the left sidebar to display the top level of the data room structure in DRACOON.
- Click New Data Room in the right sidebar (the command is visible only as long as you have not highlighted any element in the list - if necessary, uncheck the active selection by unchecking the box in front of the highlighted element to make the command visible again).
- The New Data Room dialog box appears. In the Data room name field, enter a meaningful name for the data room.
Even though the name can be up to 150 characters, it is best to choose a room name that is as concise as possible.
- If you want to limit the storage space of the data room (i.e. set a storage quota for the room), select the Limit storage space check box. Then specify the maximum allowed size for the room in the field next to it.
- By limiting the storage space you can prevent users of the data room from storing unlimited files in the room and thus overloading the total storage quota of your DRACOON.
- Keep in mind that deleted files and previous file versions in the data room trash will also count towards the used space in the room, so don't skimp on the data room space to prevent users from suddenly being unable to save files in the room.
- The specified storage limit also includes all subspaces of the data room that are created in the future. So, for example, if you limit the storage space of a room to 50 GB, a total of 50 GB of storage is available for the room and all its subspaces together.
- In the Room administrators field, enter the users and groups that should be room administrators in this data room.
- Each data room must always have at least one room administrator.
- DRACOON automatically suggests you as a room administrator for the new room.
- If you want to set additional users or groups as room administrators for the room, type part of the user or group name you are looking for and click the desired entry in the search result.
- If you want to assign the user administration in the room to another user or group, or if you do not want to use the room yourself, remove yourself from the field by clicking on the X next to your name. You will then have no access permission to the new data room (but can of course be added by a room administrator of the room at any time if required)..
Caution with the permission of other users/groups as room administrator: Wf you add another user or group as a room administrator, these users and all members of this group can appoint further room administrators in the room in the future and remove existing room administrators (e.g. including you as a possible previous room administrator) from the room at any time! So choose carefully who is allowed to be room administrator in the room.
- Click Create to create the data room.
- Those users you have set as room administrators will be immediately notified by email and made aware of the new room (unless they have disabled this notification).
All room administrators of the new room can add additional users or Groups to the room and, if necessary, assign them different permissions for the room. for the room. You can also enable enable client-side encryption for the room, as long as it does not contain any files yet.
Special features when creating subspaces
In turn, data rooms, i.e. subspaces, can be created in a data room. In this way, a hierarchical data room structure - comparable to a folder hierarchy on your hard disk - can be created, whereby different permissions for users and groups can nevertheless apply to each data room within the hierarchy.
The procedure for creating a new subspace basically corresponds to the creation of data spaces at the top level in DRACOON (Anleitung siehe oben), however, the following special features must be observed:
- Place to create a subspace
To create a subspace in a data room, first open the desired data room, and then click New data room there in the right sidebar.
- The New Data Room command is visible in a data room only if you are the room administrator in that room.
- Data rooms cannot be created in a folder (!) in the room. So you have to be on the top level of a room to be able to create a subroom there.
- Transfer of permissions from the superordinate data room
DRACOON offers for subspaces the possibility to take over automatically all authorizations of users and groups of the superordinate data space (quasi to inherit). In this way it is not necessary to assign all permissions again for each subspace if they are to apply to the subspace in the same way. Therefore, the following option is displayed in the dialog box for creating a subspace, which is activated by default:
However, if you do not want all users and groups of the parent room to be able to access the subroom as well, clear this check box. You must then specify one or more room administrators for the subroom (which may be different from those of the parent room).
Even if the takeover of permissions from the parent room is enabled, the room administrators of the subroom can later add additional users and groups to the subroom.
- No change of client-side encryption for subspaces possible
The client-side encryption can only be used for activating data rooms on the top level in DRACOON. If it is activated there, it is automatically activated in all sub-rooms of a room. room. If a room is not encrypted at the highest level, all sub all subspaces are also automatically not encrypted.
Automatic creation of personal data spaces for OpenID Connect and Active Directory users
If you have connected an OpenID Connect provider or an Active Directory to DRACOON, a personal data room with his name can be created automatically for each user who authenticates to DRACOON via it.
In his personal data room the user can e.g. store his own files; he is the sole room administrator there, and by default no other user (not even a system administrator) can access the room (but the user can later invite other users to his room and add them there).
The personal data rooms are deactivated by default in DRACOON. If you want to activate them and define the settings for them, proceed as follows:
Who is allowed to activate personal data rooms?
Only users who have the role Configuration Manager are allowed to activate personal data rooms in DRACOON.
- In the left sidebar, click Settings and then System.
- Click on the Settings tab.
- Activate the switch Make personal data rooms available system-wide.
- All personal data rooms of the individual users are named according to the first and last name of the respective users and are automatically created below a specific data room, which you define yourself. So, if necessary, first create a room at the top level for this purpose, which you designate as "Home", for example. Then enter the name of this room in the Name field of the parent data room, e.g.:
- By default, the storage space for personal data rooms is not limited, so users can store as many files in them as they want. If, to limit this, you want to set a uniform maximum size (quota) for each personal data room, specify it in the Space per personal data room field (click the pencil next to the field).
If you limit the storage space only afterwards (after personal data spaces were already activated), this has no effect on already existing files in the personal data spaces that exceed the storage space.
Be example: You had enabled personal data rooms for your users 3 months ago. Now you decide to limit the storage space for personal data rooms to 1 GB each. If a user has already stored more than 1 GB in his data room in the last 3 months, these files will still remain in the data room, even though the existing amount of data exceeds the newly defined maximum of 1 GB. Of course, the user cannot store any more new files in the data room until he deletes files that are no longer needed (and possibly empties the recycle bin in the data room) to free up as much storage space as is necessary to make free space available in the room again.
- If you activate personal data rooms in DRACOON, you cannot deactivate them later.
- Only users who authenticate themselves via an OpenID Connect provider connected to DRACOON or a connected Active Directory receive a personal data room. If additional users are created who authenticate themselves as local users directly to DRACOON (with DRACOON own usernames, e.g. external users), these do not receive a personal data room..
- If an OpenID Connect or Active Directory user is deleted from DRACOON, his personal data space is also automatically deleted irrevocably.
- After switching the authentication method (e.g. from Active Directory to OpenID Connect) for a user, the user does not receive a new personal data space if one already exists - the user's existing personal data space continues to be used.