Nextcloud version (eg, 10.0.2):12.03
Operating system and version (eg, Ubuntu 16.04):CentOS Linux 7.4.1708
Apache or nginx version (eg, Apache 2.4.25): Apache version 2.4.6
PHP version (eg, 5.6):7.0.25
The issue you are facing:
I need to be able to disable Desktop Synchronization for certain users/groups/folders.
There is no difference in the webDav endpoint of the client versus the web frontend. Same API is used. IMHO you should see a sync client as an advantage, not a disadvantage. From a security/privacy perspective the desktop client adds nothing which can’t be done through web …
“IMHO you should see a sync client as an advantage, not a disadvantage.” - of course it is, when you need it.
However, if you run OnlyOffice/Collabora to allow simultaneously work on a document and a user installed a sync client and also works on this document “off-line” using his desktop word/excel/powerpoint equivalent, one runs into serious problems.
Unfortunately, this is not rare situation in the way we use nextcloud.
Therefore, a control for syncclient access via administrator tools would be highly appreciated.
Agreed, there are also times when you want to allow contribution but prevent theft. For example, remote employees contributing to work product that is either confidential or intellectual property of the employer. Blocking sync/downloads is important to prevent them from keeping “backup” copies after termination.
I’d like to give a special user group permission to access directly their files by IOS or android app - but only the automatic synchronisation should be forbidden. I want to avoid that important data is stored (through synchronisation) on a mobile device which can be stolen or lost.
Is that possible ?
In my opinion the “file access control app” blocks completely the access by IOS or Android app.
Occasionally I need to disable the desktop client’s ability to sync when I’m doing a lot of fire rearrangements. My reasoning is that syncing organizational file structure changes while they are in progress only creates a lot of extra bandwidth. Especially when TBs of data are involved.
While it’s never a good idea to edit core files I achieve this “temporarily” but adding this at the top of /remote.php