Documentation Index

Fetch the complete documentation index at: https://docs.nasuni.com/llms.txt

Use this file to discover all available pages before exploring further.

Configuring Microsoft 365 Copilot Connector for Nasuni File Shares

  • Updated on May 27, 2026
  • Published on Apr 14, 2026
  • 5 minute(s) read
  • CD
  • ED
  • j
 Prev Next

You can use the Microsoft 365 Copilot Connector to make your Nasuni SMB share content available to Microsoft 365 Search and Copilot.

Microsoft 365 Copilot Search (formerly Microsoft Search) offers deep search capabilities of data residing within a Microsoft ecosystem using Microsoft Graph (a unified API and intelligent gateway to data, relationships, and insights across Microsoft 365 services). The API is natively available for popular MS365 and Azure content, such as SharePoint, Outlook, and OneDrive.

Content that is not natively available can be indexed using one or more Copilot Connectors, which can import external items and make them searchable within the rest of the Microsoft ecosystem. With regards to file storage, an item is typically a single document (Word file, Excel file, PowerPoint file, PDF file, and so forth) that gets discovered and read through a file share.

File Share Connector provides a list of the file types and the portion of content that can be indexed.

The benefits and features that search capability can introduce include:

  • A single, unified search across a common index that spans the user’s reach within the account.

  • The variety of connectors increases the integration of external data into the search API.

  • Advanced search functions, including natural language processing and personalized recommendations.

  • It is scalable, with standard tenant limits defaulting to 50 million “items” per tenant. Capacity can be increased upon request, with the true ceiling being defined by Microsoft resource limits and future investments.

This configuration supports Nasuni-hosted file content while preserving NTFS permissions or file share permissions.

Prerequisites

Before configuring the Microsoft 365 Copilot Connector for Nasuni file shares, ensure that the following requirements are met.

System Requirements

The following system features are necessary:

  • Windows 10 Desktop or Windows Server 2019 or later.

  • Microsoft .NET 7 Desktop Runtime or later.

  • A Windows virtual machine or server to host the Microsoft Graph Connector Agent (GCA).

Microsoft Azure Requirements

You must have an Azure tenant with an application registration configured for Microsoft Graph access.

The Azure application registration must include:

  • Client secret or certificate-based authentication.

  • The following Microsoft Graph API permissions:

    • Directory.Read.All

    • ExternalConnection.ReadWrite.OwnedBy

    • ExternalItem.ReadWrite.All

    • ExternalItem.ReadWrite.OwnedBy

Nasuni Environment Requirements

The Nasuni environment requires the following:

  • A Nasuni Edge Appliance joined to either:

    • Active Directory (AD).

    • Microsoft Entra Domain Services (Entra DS).

  • Accessible SMB shares exposed through Nasuni.

  • Valid credentials for file share access.

Best Practices

Review these recommendations before deployment to improve performance, scalability, and security.

Security Best Practices

These are recommendations for security:

  • Use NTFS ACLs whenever possible.

    • NTFS permissions provide the most granular and secure access control.

    • Search and Copilot results are automatically filtered based on user permissions.

  • Enable Search Permissions during Connector configuration.
    This ensures that users only see content that they are authorized to access.

  • Ensure that Active Directory or Microsoft Entra trust relationships are functioning correctly for permission resolution.

Indexing Best Practices

These are recommendations for indexing:

  • Limit the indexing scope in order to reduce ingestion time and storage consumption by using:

    • File extension filters.

    • Path exclusions.

    • Date-based filtering.

  • Avoid enabling Last Access Date filtering.
    Nasuni does not update access timestamps during file reads.

  • For environments with heavy indexing workloads, consider deploying a dedicated Nasuni appliance.

Performance Considerations

Be aware of the following operational behaviors:

  • Full directory scans occur during every refresh cycle.

  • New and modified files are reprocessed each cycle.

  • Renaming a parent directory triggers a full re-index of all contained files.

  • Microsoft Graph API throttling might temporarily slow ingestion, although throttling is automatically managed by Microsoft.

Additional Nasuni considerations

Keep these Nasuni considerations in mind:

  • Large indexing operations might impact Global File Locking behavior.

  • Metadata caching might affect indexing performance and responsiveness.

Configuring the Microsoft 365 Copilot Connector

Step 1: Create the Azure App Registration

  1. Open the Azure Portal.

  2. Navigate to Microsoft Entra ID.

  3. In the left navigation pane, click App registrations.

  4. Click New registration.

  5. Create the application registration.

  6. Add the following Microsoft Graph permissions:

  • Directory.Read.All

  • ExternalConnection.ReadWrite.OwnedBy

  • ExternalItem.ReadWrite.All

  • ExternalItem.ReadWrite.OwnedBy

  1. Create Authentication Credentials, namely either:

  • A client secret.

  • A certificate for authentication.

  1. Save the generated secret or certificate information securely. This is necessary for Step 2.

Step 2: Install the Microsoft Graph Connector Agent (GCA)

  1. Download the Graph Connector Agent installer to a Windows VM or server.

  2. Run the installer.

  3. During setup, provide:

    • Azure App ID.

    • Client secret or certificate from above Step 1.

  4. Complete the authentication process successfully.

Step 3: Create the File Share Connector

  1. Open the Microsoft 365 Admin Center.

  2. Navigate to Copilot Connectors.

  3. Click Add File Share.

  4. Configure Connector details by entering the following information:

  • Name.

  • Description.

  • Display name.

  1. Enable Microsoft indexing consent.

  2. Save the generated Connection ID.
    This ID is required for Graph Explorer and API operations.

Step 4: Configure the Data Source

  1. Specify the UNC paths for the Nasuni SMB shares.

  2. Select Windows Authentication.

  3. Provide credentials with access to the shares.

  4. Save the configuration and continue.

Step 5: Configure the Connector Settings

Configure the following Connector settings.

Last Access Date

Do not enable Ignore Last Access Date.

Nasuni does not update access timestamps when files are read, which can lead to inaccurate indexing behavior.

Optional Indexing Limits

You can optionally restrict indexing using:

  • File extension filters

  • Date-based filtering using Last Modified dates

  • Path exclusions with regular expressions

Example indexing limits:

  • .* : Exclude everything

  • .*proposal.* : Include proposal files

  • .*engineering.* : Include engineering files

Search Permissions

Enable search permissions filtering to ensure:

  • Results are filtered using either:

    • NTFS permissions.

    • File share permissions.

  • Users only see content they are authorized to access.

Step 6: Configure Scheduling and Crawling

The following configuration steps are also necessary.

Crawl Behavior

  • Only Full Crawl is supported.

  • Minimum crawl interval: 15 minutes.

Configure Refresh Scheduling

  1. Set the desired refresh interval.

  2. Save the crawl schedule configuration.

Validating Connector operation

After the configuration is complete, validate the Connector operation.

Verifying the Connector status

In the Microsoft 365 Admin Center, confirm that the Connector status displays Ready.

Verifying Indexing Activity

After indexing begins:

  • Confirm that the index size increases over time.

  • Use Graph Explorer or Microsoft Graph APIs to verify indexed content.

Validating Access Controls

Confirm that search results are filtered appropriately using:

  • NTFS permissions

  • File share permissions

Users should only see content that they are authorized to access.

Troubleshooting

Log file location

The Graph Connector Agent logs are located at:

C:\Users\<user>\AppData\Local\Microsoft\GraphConnectorAgent\ConfigApp\logs

Indexing Errors

Indexing issues can be reviewed in the Microsoft 365 Admin Center on the Search Connector page.

For detailed exports, use PowerShell.

Common Platform Limits

Limit

Value

Maximum items per tenant

50 million

Maximum paths per Connector

20

Maximum indexed file size

100 MB

Maximum indexed content per file

Approximately 4 MB parsed text

Understanding the Nasuni Scan Process

The Connector processes data in two phases.

Phase 1: Full Directory Walk

During discovery, the Connector:

  • Discovers files.

  • Reads metadata and ACLs.

Phase 2: Content Ingestion

During ingestion, the Connector:

  • Indexes new files.

  • Updates changed files.

  • Removes deleted files.

Permissions Model Reference

Everyone Access

If broad permissions are configured:

  • All users might search all indexed content.

File Share Permissions

Access is determined by:

  • Share-level permissions.

NTFS ACLs provide:

  • The most secure configuration.

  • Automatic per-user filtering of search results based on access rights.

Related articles