Configure Google Drive File Stream

Configure Drive File Stream

You can specify custom options for Drive File Stream, including the default drive letter on Windows, the mount point on macOS, the cache location, bandwidth limits, and proxy settings. These configurations can be set at the user or host level, and persist when Drive File Stream restarts.

Where to update settings

To set the Drive File Stream options, you update registry keys (Windows) or use the defaults command (macOS). If you’re not familiar with making these updates, contact your administrator or check your operating system documentation. Additionally, administrators can choose to set override values that end users can’t change.

Windows

Host-wideHKEY_LOCAL_MACHINESoftwareGoogleDriveFS
User onlyHKEY_CURRENT_USERSoftwareGoogleDriveFS
OverrideHKEY_LOCAL_MACHINESoftwarePoliciesGoogleDriveFS

macOS

Host-wide/Library/Preferences/com.google.drivefs.settings
User only~/Library/Preferences/com.google.drivefs.settings
Override/Library/Managed Preferences/com.google.drivefs.settings.plist

macOS examples

Host-wide mount point:
sudo defaults write /Library/Preferences/com.google.drivefs.settings DefaultMountPoint '/Volumes/Google Drive File Stream' Host-wide trusted certificates file:
sudo defaults write /Library/Preferences/com.google.drivefs.settings TrustedRootCertsFile /Library/MyCompany/DriveFileStream/MyProxyCert.pem User maximum download bandwidth:
defaults write com.google.drivefs.settings BandwidthRxKBPS -int 100 User-enabled browser authentication:
defaults write com.google.drivefs.settings ForceBrowserAuth -bool true

Settings

Set these name/value pairs using the registry keys or defaults command, as described above. On Windows, create the registry keys if they don’t already exist. On macOS, the defaults command maintains a plist file for settings. You should not modify the plist file directly, as some changes might not be applied.

Setting nameValue typeValue description
AutoStartOnLogin*DWORD (Windows)
Bool (macOS)
Start Drive File Stream automatically on session login.
BandwidthRxKBPSDWORD (Windows)
Number (macOS)
Maximum downstream kilobytes per second.
BandwidthTxKBPSDWORD (Windows)
Number (macOS)
Maximum upstream kilobytes per second.
ContentCachePathStringSets the path to the content cache location on a connected APFS, HFS+, or NTFS file system.

When Drive File Stream restarts, local data in the old content cache will move to the new content cache location. If you delete your custom setting, data will move back to the default location.

The default cache location is:

Windows: %LOCALAPPDATA%GoogleDriveFS
Mac: ~/Library/Application Support/Google/DriveFS
ContentCacheMaxKbytesQWORD (Windows)
Number (macOS)
Sets the limit on content cache size in kilobytes. The limit is capped at 20% of the available space on the hard drive (regardless of the setting value).The setting does not apply to files made available offline or files that are in the process of uploading. This setting is only available for admins, as an override or host-wide setting.
DefaultMountPointStringWindows: Set the mounted drive letter.
You can use an environment variable to specify the drive letter. macOS: Set the mounted drive path. You can include tilde (~) or environment variables in the path.
DisableRealTimePresence*DWORD (Windows)
Bool (macOS)
Disables real-time presence in Microsoft Office. This can also be disabled for organizational units from the Admin console. See step 3 of Deploy Drive File Stream.
ForceBrowserAuth*DWORD (Windows)
Bool (macOS)
Use browser authentication. If your organization uses security keys or SSO, this setting may resolve sign-in problems.
MinFreeDiskSpaceKBytesQWORD (Windows)
Number (macOS)
Controls the amount of local space used by Drive File Stream’s cache. Stops writing content to the disk when free disk space gets below this threshold, in kilobytes.
Proxy settings:
DisableSSLValidation*DWORD (Windows)
Bool (macOS)
This disables validating SSL traffic. Traffic will still be encrypted, but we will not validate that the SSL certificates of the upstream servers are all valid. This is inherently insecure. It would allow a man-in-the-middle attack against traffic to Google Drive. Only settable host-wide.
TrustedRootCertsFileStringThis is the full path to an alternate file to use for validating host SSL certificates. It must be in Privacy Enhanced Mail (PEM) format. Set this if your users are on networks with decrypting proxies.

The file should contain the contents of the roots.pem file shipped with Drive File Stream, plus the certificates used to authenticate your proxy. These additions should correspond to the proxy-signing certificates you added to the certificate stores in your fleet of machines.

You can find roots.pem in:

Program FilesGoogleDriveFS<version>configroots.pem
(Windows)

or

/Applications/Google Drive File Stream.app/Contents/Resources/roots.pem
(macOS) Only settable host-wide.
DisableCRLCheck*DWORD (Windows)
Bool (macOS)
This disables checking Certificate Revocation Lists (CRLs) provided by certificate authorities.

If not explicitly set, this defaults to true if TrustedRootCertsFile is provided, otherwise false. Sites that use self-signed certificates for their content inspection proxies typically don’t provide a CRL.

Enterprises that specify a CRL in their proxy certificate can explicitly set DisableCRLCheck to 0 for the added check.

For boolean values, use 1 for true and 0 for false (Windows), or use true and false (macOS).

Related topics

Source:

https://support.google.com/a/answer/7644837

Leave a Reply

Your email address will not be published. Required fields are marked *

Exit mobile version