There are three basic permissions (what is the permission level):

  • Full access (Read/Write or RW)
  • Limited access (Read-only or RO)
  • No access

There are three permission types (how the permissions are defined/controlled):

  • User based Share permission (including Guest access option)
  • Group based Share permission
  • Gateway based permission

The access permission will be eventually defined by the combination of Share Permission and Gateway Permission taking the most restricted permission control. For example, if an user has full RW permission for a given share, but on a Gateway the permission is read-only, then that User will have only RO permission to the Share. IF that Gateway is the only Gateway of the team account, then it means that share is read-only anyways.

Manage Permission in File System page


Manage permissions for the share. 

Choose which type of permissions to set from the navigation menu on the left:

  • User
  • Gateway (CacheDrive)

User Permissions

Set the permissions for users and groups in Morro Data.

Note: For Active Directory Mode, admins must first import users and groups from Active Directory. For Azure AD mode, admins can first import users and groups from Azure AD to set user and group permissions.

Default  Access

The permissions for all users in the system.

Read/WriteUsers can read and write files to the share. Users must be authenticated to access the share. Admins can specify users/groups to a Read Only exclusion list.
Read OnlyUsers can read files from the share. Users must be authenticated to access the share. Admins can specify users/groups to a Read/Write exclusion list.
No AccessUsers cannot see the share. Admins can specify a Read Only and Read/Write exclusion lists.

Allow Guest Access

If Allow Guest Access is enabled, any user will have access to the Share. The default share created by Morro Data has Allow Guest Access enabled.

For more information, refer to the article File System - Manage Pools and Shares.

Exception List

Use exceptions to set Read/Write or Read-Only access for specific users and groups. By default, both users and groups are listed in this section. You may filter the list by name or by type (User, Group or All).

Choose either "Read/Write" or "Read Only" for the grant permission for that user or group. 

In the example above, the share has no Guest Access, which means users  must enter a user name and password to access the share. 

Default Access is set to "No Access", which means only users in the exclusion lists can access the share. 

Exclusion Lists specifies which users have Read/Write or Read Only access to the share.

Read/Write ListUsers in the groups Sales, Sales - East, Sales - West, Executive, Local Admin can read and write files to the share.
Read Only ListUsers in the group Marketing can only read files from the share.

Edit Gateway Permissions

Set which gateway has access to the share. By enabling restricting gateway permissions, you are creating a location based security for access to the shares in your system. 


The Access column set the access permissions for the share. The valid values are:

  • NO: No Access
  • RW: Read/Write Access (Full control)
  • RO: Read-Only

To disable access to a share in the Team Portal, set the Access to "NO"


Check the box for prefetch to have all files copied to the share downloaded to the gateway immediately. When prefetch is enabled, the user does not need to wait for the file to be downloaded from the cloud before it is available.