If you have a lot of managed content taking up space in the database, Workspace ONE UEM offers you dedicated file storage. To set up file storage, you must determine the location and storage capacity, configure network requirements, and create an impersonation account.
Create the Shared Folder on a Server in Your Internal Network
- File storage can reside on a separate server or the same server as one of the other Workspace ONE UEM application servers in your internal network. It is only accessible to components that require access to it, such as the Console and Device Services servers.
- If the Device Services server, Console server, and the server hosting the shared folder are not in the same domain, then supply the domain when configuring the service account in the format <domain\username>. Domain Trust can also be established to avoid an authentication failure.
Configure the Network Requirements
- If using Samba/SMB – TCP: 445, 137, 139. UDP: 137, 138
- If using NFS – TCP and UDP: 111 and 2049
Allocate Sufficient Hard Disk Capacity
Your specific storage requirements can vary depending on how you plan to use file storage. The file storage location must have enough space to accommodate the internal applications, managed content, or reports you intend to use. Take into the account the following considerations.
- If you enable caching for internal applications or content, then a best practice is to size the Device Services server for 120 percent of the cumulative size of all the apps/content you must publish.
- For storing reports, your storage requirements depend on the number of devices, the daily number of reports, and the frequency with which you purge them. As a starting point, allocate at least 50 GB for deployment sizes up to 250,000 devices running about 200 daily reports. Adjust these numbers based on the actual amount you observe in your deployment. Apply this sizing to your Console server as well if you enable caching.
Create a Service Account with Correct Permissions
- Create an account in the domain of the shared storage directory.
- Give the local user read/write/modify permissions to the file share that is being used for the File Storage Path.
- Configure File Storage Impersonation User in Workspace ONE UEM with the domain account in the format <domain\username>.
- If the shared storage directory is not on a domain, create an identical local user and password on the server being used for File Storage, Console, and Device Services server. In this case, supply the local user account in the format <username>.
You can also use a domain service account instead of a local user account.
Configure File Storage at the Global Organization Group
Configure file storage settings at the Global organization group level in the UEM Console.