By default, the File Locking policy is turned on. In most cases, it is a recommended best practice to allow end users to lock and unlock files and folders within Team Shares. This feature is useful when an end user wants to prevent other user accounts from editing and syncing items when changes are being made, preventing sync collisions from occurring. This setting can be changed in the Policies tab of the administrative web portal.
To turn file locking on or off:
- In the Organization navigation menu, select the organization in which you want to manage file locking. The selected organization displays.
- Click the Policies tab. The Organization Policies section displays, showing organization policies that were configured when the organization was created.
- In the User Settings section of the page, check the Allow Users to Lock Files checkbox to allow end users to lock and unlock files and folders. End users will now have the ability to lock and unlock files and folders.
- Optionally, edit the extensions listed in the Use Filesystem Permissions to Enforce Locks On field. This field allows you to specify extensions on which you would like to enforce locks through filesystem permissions (also called hard locks). This field is especially important for File Server Enablement environments where mapped drive users must be notified by the filesystem when a file is in use.
When a lock is placed, the desktop client will change the NTFS permissions on Windows, or HFSPlus permissions on Mac, in order to prevent edits by other users. On Windows, hard locks are implemented by setting the following DENY ACE for the EVERYONE
- Create files/write data
- Create folders/append data
- Write attributes
- Write extended attributes
On OS X, the UF_IMMUTABLE flag is set (essentially a user lock).