1. Home
  2. Account and Permissions Mapping
  3. Account and Permissions Spreadsheet: Users tab

Account and Permissions Spreadsheet: Users tab

The Users tab identifies and lists all of the owners of your data on the source, and then you must define an account on the target where each owner’s data will go.  Users will appear in the Source Users column if:

  • they own files or folders in the data set that has been selected for transfer or
  • they are sharees of files or folders in the data set for transfer. In this case, they will also appear in the Paths tab.
  • they are a creator or updater of a file. ‘Use Last Modifier’ must be turned on for the job to display creators and updaters; this option is only available for some adapters.

In the Users tab of the spreadsheet, CFP will list all of the Source Users in the left column, and all of the Target Account names on the right:

Where CFP can reasonably match a Source User to the available list of users found in the Target Account, it will do so. If it can’t find a close match for the Source User name, it will leave the corresponding Target User cell blank.

Accounts in the example above from line 6 – 9 are just a list of Target Accounts that CFP found on the scan, but that haven’t been matched to any Source Users. This list is informational only. You can just leave it as is and don’t have to edit these rows of the spreadsheet at all.

NOTE: If the target account has more than 500 users, you will still have auto matching of source accounts to target ones in the paths tab, but the additional unmapped users will not be listed. This can dramatically reduce the run time for the analysis (map generation) job, as well as the processing and generation of the mapping spreadsheet. You can still get a list of internal target users from the analysis report associated with the map generation run.

  1. Select Analysis from the menu on the right side of any apm job configuration page.
  2. Click the Export button. You will see a list of export options in a pop-up.
  3. Expand the Users menu by clicking the arrow to the left of Users (1). Then select the option for Include All Users (2):
  4. Click Export in the pop-up and you will see a Target Users tab in the resulting spreadsheet that downloads.

Completing the Users Tab

  • Source Users who are owners or owners and sharees:  Any Source User owner that does not have a corresponding target account must be completed; if you have data on the source, you have to tell CFP which account to send it to on the target, or the spreadsheet will not validate when you upload it. In the spreadsheet example above, DOMAIN\user1 and DOMAIN\user2 are both owners of data, and must be mapped.  Do not delete the row, or the spreadsheet will not validate when you upload it.
  • Source Users who are sharees only: Source users who are listed in the spreadsheet as sharees only (DOMAIN\user3 in the example above) may be handled in one of three ways:
    1. You can map the Source User to a valid Target User. Any shares for that user on the source will be propagated to the designated Target User account.
    2. You can enter a “Y” in the Skip? Column, which will ignore that sharee and not apply any ACLs for that user as a sharee for any paths in the job.  This is helpful for users who are no longer associated with the company.
    3. You can leave the Target User cell blank for external users, in which case any ACLs for that Source User will be applied to the target as an external user sharee. Do not delete the row of the spreadsheet for external users, as this has been deprecated.
  • Source users who are creators or updaters:  These must be completed unless they are external Last Modifiers. External Last Modifiers may be left with blank Target Users. While the map will validate if you skip Last Modifier users in the spreadsheet, any files that contain the affected users will not transfer because you have not specified the Last Modifier. Last Modifiers who are listed as “Prior Collaborators” are users who were members of the tenant at one time, but have since been deleted. In this case, the name and email have been deleted from the file metadata, and only the user id remains. Tervela recommends that you map these Prior Collaborators to an admin or service account.
  • Any Target User listed in column B in the generated spreadsheet Users tab is a valid Target User. If they are not in the list, CFP does not know they exist, and the spreadsheet will not validate when you upload it.

Most of the source to target account names will be similar, but you can map each owner to any account that you wish:

In the example above, all data owned by CFPWIN10B\administrator on the source will be sent to the account itguy@your company.com on the target (unless you override this with a directive on the Paths tab; see Account Mapping – Path-Based Mapping for details).

Skipping Users and Groups

Many people have obsolete sharers of data in their accounts that are no longer needed.  In this case, you may skip that Source User by entering a ‘Y’ or ‘Yes’ in the Skip? column.  Any shares for that user in the Paths or Path Conflicts tab will then be ignored, those shares will not be applied on the target, and the spreadsheet will still validate even though the source share is not mapped to a target account.   You may do the same thing for share groups as well.

If an Owner is listed in the spreadsheet, that means they own data in what is being transferred, and you must either tell CFP whose account to transfer it to, or skip the user by entering a ‘Y’ in the Skip? column.  If you skip an owner, any data owned by that user will not be transferred to the target.

About Skip Sharing?

Skip Sharing? provides a way to ignore and not apply any ACLs for a given user, but still transfer any data that they own.  A primary use case is for a source user who is no longer with the company.  They may own data of value that needs to be transferred to an archive account on the target, but they don’t have a target account set up.  In this case, the source user can be mapped to an admin, supervisor or archival target account, and Skip Sharing? can be set to ‘Y’ so the target account will not have access to any items that were previously shared with that user on the source.

When you do map an ex employee to an admin account, it’s helpful to add a redirect that will ensure that the files owned by that user go to a discrete archive folder such as “Archive/user-ex.”  You add redirects to the Paths tab, which is covered below.

Nuances Using Skip? with Windows Migrations

If a folder FolderA is owned by UserA, and you skip UserA, that entire folder will be skipped, regardless of who owns the content in the folder.  However, given the many options available now with account mapping, it is highly recommended that you run a simulation for any job where users are skipped, Windows source or otherwise, to assess exactly how your job will behave.

Some spreadsheets will list IDs, such as 123456789, in the Source User field.  These are users who have been deleted from the source account, but they still may be the owner, sharee, or creator/updater of folders and files.  If they are owners of data (this primarily applies to Windows sources) they must be either mapped to a Target User or skipped.

Rescan Target Accounts/Groups

Note that when CFP generates a spreadsheet, a  snapshot of your target account is saved to a database, and that is what is used for all further validations.  If you add or modify target accounts after running the spreadsheet, they won’t be picked up in the existing database of target users.  However, CFP has a function, Rescan Target Accounts/Groups, which will run an auxiliary scan of only the target users, groups (and, for Dropbox targets, Team Folders) for the job. Because it’s only scanning these target items, it’s much faster than the full scan of your job.  At that point, you can add those users to the spreadsheet that you are editing, and when that spreadsheet is loaded, the new users will be recognized and will validate.  The Rescan Target Accounts/Groups button is on the ‘Define Maps’ screen.

A Target Accounts/Groups rescan is an update to the map run rather than an actual job instance, so you won’t see any actual job running.  After you click the Rescan Target Accounts/Groups button, you’ll see messages in the Current Maps Status box of the Define Maps screen as the scan progresses, and when the scan completes, you’ll see the date/time update under the Download Generated Map button.  Once the date/time updates, the scan has completed and you can download that generated map to confirm that all of the relevant new users have been found by CFP, and will be recognized target users.

NOTE:  If you run a rescan of target accounts and groups after you have uploaded your edited spreadsheet, you will need to upload it again.  Generally, you can upload the same spreadsheet without further edits, and any previous validation errors caused by unrecognized target users will be resolved.

Updated on April 1, 2021

Related Articles