ok, Linux newbie here…
I am working on a Win 8 Pro pc and I just installed Office 2013… unfortunately, when I am at work and I try to remotely access my office files (docs, excel, etc.) through wd2go.com, the file I try to open does not load directly into MS Office, which first requires authentication and eventually is unable to open the file.
WD is aware of this issue (see their Answer ID 9586 on Knowledge Base) but it is not offering a viable solution (suggests to download files in local and then re/upload them when done editing! …this is not what "personal storage" should be!)
I was wondering if there is any other software or way to remotely access files into MS Office… I have heard about AyaXplorer… heard also about WebFolders… but since I am not an expert I was trying to understand which is the easiest way to do this.
Thanks for any help!
There is a very easy way to remotly access server files with Microsoft Office or Open Office : Webdav.
In menu files : select 'Open' and in the input area insert the way to your Webdav on your server. http://xxxx or https://xxxx (for Open Office only https)
You can also mount the Webdav in Microsoft filesystem.
I propose the simplest way and secure in my opinion adding a new user/pass in wd2go user list.
wd2go uses Webdav but even if we can know the users, we don't have the user's pass they have selected.
So you have to create at least one new user/pass :
# nano /etc/nas/apache2/auth/htgroup (to add a user : 'newuser', on the admin line (administrator of MyBookLive in UI))
# htdigest /etc/nas/apache2/auth/htpasswd 'DeviceUser' newuser (Don't modify the word DeviceUser)
As a replacement and cleaner you should first : list the user list :
MyBookLive:~# cat /etc/nas/apache2/auth/apache_userlist
1 admin no
2 bd no
1 1355220 yes('admin' and 'bd' are actuel UI users - 'no' as indicator,
'1355220' device user part of owner group '1' - which is 'admin' here - 'yes as indicator)
To create a webdav user :
MyBookLive:~# /usr/local/sbin/addUser_apache.sh <userId> <davuser> <passwrd>
- - appending to existing htpasswd file..(creates davuser/passwrd part of owner group <userId>, if <userId> is '1' here it means 'admin', same rights on shares as 'admin')
To delete a webdavuser you have created :
MyBookLive:~# /usr/local/sbin/deleteUser_apache.sh 'delete_dev_user' <davuser>
- deleting apache user bourgeoa in /etc/nas/apache2/auth/htpasswd
Deleting password for user <davuser>Your Webdav's accesses are : http or https://<external_IP>/AnyOfYourShare (usually 'Public' or any share you created)
Your user/pass will be asked.
thanks for the reply bourgeoa!
I think I understand what you are hinting at here, but cannot quite follow the process:
if I get it right, I am supposed to open a file opening it straight from Office (for instance a .docx document using Word).
The problem is that Office 2013 does not open files straight from the remote device. In win 8, Office 2013, it requires authentication, and eventually it becomes impossible to open the file. Mind that I can open any other file from the remote device via wd2go.com. For instance I can open .pdf or .jpg images and even edit them and save them back into the remote device… when it comes to Office files, something prevents me from opening and saving files directly from or into the remote device.
Here is the answer that WD gives in his knowledge base:
Problem: When attempting to open a document on a WD 2go connected device while using Remote Web Access, Microsoft Office requests a username and password in order to proceed.
Cause: Microsoft Office has enabled a second layer of authentication for all devices connected remotely.
Solution: WD 2go's authentication includes security features that are not compatible with the authentications used in Microsoft Office. Please proceed to copy all Office documents from the remote device to a local drive in order to edit the file and then move the document back to the original location. For more information, please see Microsoft KB Article 2019105.
Now, with you method, do you think I will have the same problem? If yes, what are the exacts steps I should take? (unfortunately I am a newbie in this field and I would need step by step info)
Do you think it is too much to be able to open office files directly from the remote device, and being able to save them back once edited? or should I always download them in the local drive and then upload them back once I am done editing them? This does not sound to me as the "Personal Cloud" that WD boast about…
Hi,
Your problem is very interesting.
Bourgeoa way could working.
For the second layer of security from Microsoft Office you just use the user/pass created above like stated above.
That is why you need a authorized user/pass.
(It is a Microsoft Pb not a WD's one, WD could have added on option to include or not the UI users/passes in the list).
You can either use a direct link as I stated or go through wd2to and mount share, in both cases you will be asked a user/pass.
Use the one just created. I created it on the line 'admin' so that you got all access like the 'admin' user in UI.
If you have a more complex user/share organization you can add it on the group line from an other UI user, you will have the rights on shares from that UI user.
To make my modifications you need to access to MyBookLive system.
Check in hacks and tutos fro MyBookLive (basically allow ssh in UI, install Putty to connect to your server : user : root, pass : welc0me)
Read a bit around. Nothing complex.
thanks again.
let me get this straight, since I do not want in any way to brick my MBL…
1-allow SSH
2-connect to server via Putty (user:root pwd:welc0me)
3-if I am the only one accessing
the device, and I want to maintain and use "admin" user, I should enter the following command line:
# nano /etc/nas/apache2/auth/htgroup
and insert "name_new_user" (without brackets) on the admin line
then enter the following command line:
# htdigest /etc/nas/apache2/auth/htpasswd 'DeviceUser' "name_new_user"
(obviously, name_new_user without quotation marks)
4-I should now be able to open any Office file directly from wd2go or mapping a share by typing:
http or https: //external_IP/NameOfShare (Public, etc…)
5-when Office requires me to enter user name and password, I should enter the "name_new_user" as user name and as same as password.
Is this correct?
I have three more questions:
1-just in case, is this process reversible? How?
2-I cannot understand why WD does not make this default on its WD2go system… does it affect other access processes, like access via mobile app (I do use wd2go app on my WP7 pone)?
3-is there a way to disable or avoid in Windows the second layer of authentication? maybe a registry tweak?
thank you again for all the help!
Yes just ssh and (for example if you want use 'admin' login) :
nano /etc/nas/apache2/auth/htgroup
(if you don't have nano, just ssh and : apt-get install nano )
and add admin at the end of line starting by admin: xxxx xxxx xxxx xxxx (where xxxx is account already put)
then :
htdigest /etc/nas/apache2/auth/htpasswd 'DeviceUser' admin
it will ask you (twice) to enter the password of admin account to store the password in 'encrypted' way.
For the others questions,
1) just backup the file /etc/nas/apache2/auth/htgroup and /etc/nas/apache2/auth/htpasswd
(for example via ssh :
cp /etc/nas/apache2/auth/htgroup /etc/nas/apache2/auth/htgroup.backup
and
cp /etc/nas/apache2/auth/htpasswd /etc/nas/apache2/auth/htpasswd.backup
)
2) wd2go still working after that (I've try from PC and iPad), you just add another user don't use by wd2go system, nothing else
3) don't know ;-)
thank you so much! it works like a charm!!! apparently the newuser/pass does not affect accessing via mobile (WP7) or accessing files with different extensions, or other programs like twonky and so on…
you solved a great problem to me! …and I still can't understand why WD does not fix this if it takes so little…
anyways, I was not able to map the share by using http or https: //external_IP/NameOfShare (Public, etc…) but wd2go does map anyways the share I access… I guess it is because there is port-forwarding involved, and I would not know where to start. No prob…
thank you again!
For working, you need to forward port 80 and 443 to your MBL.
If you're a newbie in IP, just activate uPnP on your router and MBL/wd2go will ask these port directly.
For Windows 7 / 8, natively you can't ssl (so https://) without a valide certificate (the one use by MBL is issue by WD for wd2go with a adress like device12345.wd2go.com).
But you can use webdav with http (so not secure) or use another software to ssl/https with ignoring the certificate validation (bad name because you access to IP adress and certifcate is for device12345.wd2go.com so they don't match).
I've succefully mount the public share in Win7 with http connection (and with https:// with tweaking the url and certifcate to have working in Win7).
Thanks! That sounds interesting though it confuses me a bit, and anyways I would not know how to make sure that my router has UPNP activated…
Anyways, today I was able to access remotely my MBL using wd2go address:
https :// mybooklive.deviceXXXXXX.wd2go. com/Public (or any share) using the "Add Network Location" on the File Explorer in Win 8.
It works good… well, it still relies on wd2go, it is just you do not need to go through the webpage wd2go.com
Do you think that doing port forwarding, and mapping like suggested here (sorry, forum does not allow me to publish links):
http :// community.wdc. com/t5/My-Book-Live/Map-Drive-Remotely-without-VPN-or-wd2go/m-p/458730/highlight/true#M13563 would make remote access faster? Otherwise, there seems to be no reason for me to go through portforwarding…
Thanks again.
Go to your MBL gui, in remote access for wd2go, you have 'activated' and 'connected'.
Did it display connect via relay ? Or connect direct ?
If relay : wd2go use a proxy and you don't have forward
If direct : your router have upnp activate and wd2go have ask your router to forward port
Yes you should have faster connection with direct/port forwarding, the link you give seem's complicated… Better and simplifier is to activated upnp. What do you have in router ?
remote access in the MBL GUI has always been "direct…"
wd2go, in fact, works great, but it is slow in my opinion, that's why I wanted to see if it pays to try to port-forward…
The first link I gave before works great: it is just a "copy" of the address used by wd2go…
I'll see to port-forward before Christmas since I will be away from home during that period…
Unfortunately I have a very strange router that came with the ISP… I'll have to study it a bit…
Thanks for your suggestions!
If you have direct then it's already port forward… You can't do more.
Could be your internet connection 'slow', what type do you have ? xDSL ? Cable ? Fiber ?
Ok, now I manage to set up port forwarding (ports 443 and 80), so I do not need to go through wd2go to access remotely my MBL… I just need to add network place with http: //externalIP/share
When I try to use https it asks for a Windows Certificate, which I do not have… any way to avoid this? Maybe using wd2go certificate?
Anyway, accessing directly with WebDAV and port forwarding is indeed faster than using wd2go!!!
I've manage like this :
import WD certificate root in trusted certificate in windows.
Change windows/system32/drivers/etc/host and add a whatYouWant.devicexxxx.wd2go.com with your IP
Connect with https://whatYouWant.devicexxxx.wd2go.com
so it use https and direct connection to your ip with whatYouWant.devicexxxx.wd2go.com
Sorry, but I'm suffering the same problem and in a very bad need to remote map my shares and open the MS excel files direct, I've tried to create new davuser, but I couldn't, honestly I'm not expert and need a simple and clear procedures to guide me step by step if you can help me it will be great I also have not problem to share my desktop screen so we can go through the steps together
Thanks very much
I rewrote my initial post to update the process to use for creating/deleting your own webdav user.
Don't use this procedure to delete UI users or UI device user
(these should be created and deleted within UI -they are linked to other tables than just apache-userlist, htgroup and htpasswd)
Thanks… that makes things all the more complicated :o)
but I guess it makes more sense…
Since I used the method you initially proposed, can I now change the password just going back to
- htdigest /etc/nas/apache2/auth/htpasswd 'DeviceUser' and change the password from there (just deleting the password and writing a new one)? Or should I follow another method to change that password? Thanks.
Hi all,
I followed bourgeoa's updated method and I think all went well (no error message), but I cant access //MyExternalIP/Public or any of my folders from outside my network. When trying, I get asked for user/password and this step seems to work fine as if I enter wrong password I get asked again. But when I enter the proper password, I get an error page showing "Not Found" and "The requested URL /Public/ was not found on this server.".
I created 2 UI users as you can see below (bpelleti, guest759) and 1 Device user with bourgeoa's method (guest750remote).
MyBookLive:/# cat /etc/nas/apache2/auth/apache_userlist
1 admin no
2 bpelleti no
3 guest759 no
MyBookLive:/# more /etc/nas/apache2/auth/htgroup
admin:
bpelleti:
guest759: guest759remote
"guest759" does have access to /Public and if I understood correctly, "guest759remote" should have the same access.
I did not touch the "remote access" config in the UI.
Port 80 and 443 are forwarded to the MyBook Live.
One thing I noticed is that /Public is not under root but with the /shares folder. But trying "//MyExternalIP/shares/Public" does not work either.
Finally, I am using Windows machine (7 and XP) with same results.
I searched through all the threads of this forum for similar problem but found nothing.
Does someone know what's wrong, what I am missing ?
Thanks for your help,
Bruno
Hi there, please, anyone can help ?
