--- title: "Configuring Microsoft 365 Copilot Connector for Nasuni File Shares" slug: "configuring-microsoft-365-copilot-connector" updated: 2026-05-27T16:05:43Z published: 2026-05-27T16:05:43Z --- > ## Documentation Index > Fetch the complete documentation index at: https://docs.nasuni.com/llms.txt > Use this file to discover all available pages before exploring further. # Configuring Microsoft 365 Copilot Connector for Nasuni File Shares You can use the Microsoft 365 Copilot Connector to make your Nasuni SMB share content available to Microsoft 365 Search and Copilot. Microsoft 365 Copilot Search (formerly Microsoft Search) offers deep search capabilities of data residing within a Microsoft ecosystem using Microsoft Graph (a unified API and intelligent gateway to data, relationships, and insights across Microsoft 365 services). The API is natively available for popular MS365 and Azure content, such as SharePoint, Outlook, and OneDrive. Content that is not natively available can be indexed using one or more Copilot Connectors, which can import external items and make them searchable within the rest of the Microsoft ecosystem. With regards to file storage, an item is typically a single document (Word file, Excel file, PowerPoint file, PDF file, and so forth) that gets discovered and read through a file share. [File Share](https://learn.microsoft.com/en-us/microsoft-365/copilot/connectors/fileshare-connector#file-types)Connector provides a list of the file types and the portion of content that can be indexed. The benefits and features that search capability can introduce include: - A single, unified search across a common index that spans the user’s reach within the account. - The variety of connectors increases the integration of external data into the search API. - Advanced search functions, including natural language processing and personalized recommendations. - It is scalable, with standard tenant limits defaulting to 50 million “items” per tenant. Capacity can be increased upon request, with the true ceiling being defined by Microsoft resource limits and future investments. This configuration supports Nasuni-hosted file content while preserving NTFS permissions or file share permissions. ## **Prerequisites** Before configuring the Microsoft 365 Copilot Connector for Nasuni file shares, ensure that the following requirements are met. ### **System Requirements** The following system features are necessary: - Windows 10 Desktop or Windows Server 2019 or later. - Microsoft .NET 7 Desktop Runtime or later. - A Windows virtual machine or server to host the Microsoft Graph Connector Agent (GCA). ### **Microsoft Azure Requirements** You must have an Azure tenant with an application registration configured for Microsoft Graph access. The Azure application registration must include: - Client secret or certificate-based authentication. - The following Microsoft Graph API permissions: - Directory.Read.All - ExternalConnection.ReadWrite.OwnedBy - ExternalItem.ReadWrite.All - ExternalItem.ReadWrite.OwnedBy ### **Nasuni Environment Requirements** The Nasuni environment requires the following: - A Nasuni Edge Appliance joined to either: - Active Directory (AD). - Microsoft Entra Domain Services (Entra DS). - Accessible SMB shares exposed through Nasuni. - Valid credentials for file share access. ## **Best Practices** Review these recommendations before deployment to improve performance, scalability, and security. ### **Security Best Practices** These are recommendations for security: - Use **NTFS ACLs** whenever possible. - NTFS permissions provide the most granular and secure access control. - Search and Copilot results are automatically filtered based on user permissions. - Enable **Search Permissions** during Connector configuration. This ensures that users only see content that they are authorized to access. - Ensure that Active Directory or Microsoft Entra trust relationships are functioning correctly for permission resolution. ### **Indexing Best Practices** These are recommendations for indexing: - Limit the indexing scope in order to reduce ingestion time and storage consumption by using: - File extension filters. - Path exclusions. - Date-based filtering. - Avoid enabling **Last Access Date** filtering. Nasuni does not update access timestamps during file reads. - For environments with heavy indexing workloads, consider deploying a dedicated Nasuni appliance. ### **Performance Considerations** Be aware of the following operational behaviors: - Full directory scans occur during every refresh cycle. - New and modified files are reprocessed each cycle. - Renaming a parent directory triggers a full re-index of all contained files. - Microsoft Graph API throttling might temporarily slow ingestion, although throttling is automatically managed by Microsoft. ### Additional Nasuni considerations Keep these Nasuni considerations in mind: - Large indexing operations might impact Global File Locking behavior. - Metadata caching might affect indexing performance and responsiveness. ## **Configuring the Microsoft 365 Copilot Connector** ### **Step 1: Create the Azure App Registration** 1. Open the [Azure Portal](https://portal.azure.com/). 2. Navigate to **Microsoft Entra ID**. 3. In the left navigation pane, click **App registrations**. 4. Click **New registration**. 5. Create the application registration. 6. Add the following Microsoft Graph permissions: - Directory.Read.All - ExternalConnection.ReadWrite.OwnedBy - ExternalItem.ReadWrite.All - ExternalItem.ReadWrite.OwnedBy 1. Create Authentication Credentials, namely either: - A client secret. - A certificate for authentication. 1. Save the generated secret or certificate information securely. This is necessary for [Step 2](/v1/docs/nasuni-microsoft-365-copilot-technical-white-paper#step-2-install-the-microsoft-graph-connector-agent-gca). ### **Step 2: Install the Microsoft Graph Connector Agent (GCA)** 1. Download the Graph Connector Agent installer to a Windows VM or server. 2. Run the installer. 3. During setup, provide: - Azure App ID. - Client secret or certificate from above [Step 1](/v1/docs/nasuni-microsoft-365-copilot-technical-white-paper#step-1-create-the-azure-app-registration). 4. Complete the authentication process successfully. ### **Step 3: Create the File Share Connector** 1. Open the Microsoft 365 [Admin Center](https://admin.microsoft.com/). 2. Navigate to **Copilot** → **Connectors.** 3. Click **Add** → **File Share**. 4. Configure Connector details by entering the following information: - Name. - Description. - Display name. 1. Enable Microsoft indexing consent. 2. Save the generated **Connection ID**. This ID is required for Graph Explorer and API operations. ### **Step 4: Configure the Data Source** 1. Specify the UNC paths for the Nasuni SMB shares. 2. Select **Windows Authentication**. 3. Provide credentials with access to the shares. 4. Save the configuration and continue. ### **Step 5: Configure the Connector Settings** Configure the following Connector settings. #### **Last Access Date** Do **not** enable **Ignore Last Access Date**. Nasuni does not update access timestamps when files are read, which can lead to inaccurate indexing behavior. #### **Optional Indexing Limits** You can optionally restrict indexing using: - File extension filters - Date-based filtering using Last Modified dates - Path exclusions with regular expressions Example indexing limits: - **.*** : Exclude everything - **.*proposal.*** : Include proposal files - **.*engineering.*** : Include engineering files #### **Search Permissions** Enable search permissions filtering to ensure: - Results are filtered using either: - NTFS permissions. - File share permissions. - Users only see content they are authorized to access. ### **Step 6: Configure Scheduling and Crawling** The following configuration steps are also necessary. #### **Crawl Behavior** - Only **Full Crawl** is supported. - Minimum crawl interval: **15 minutes.** #### **Configure Refresh Scheduling** 1. Set the desired refresh interval. 2. Save the crawl schedule configuration. ## **Validating Connector operation** After the configuration is complete, validate the Connector operation. ### **Verifying the Connector status** In the Microsoft 365 Admin Center, confirm that the Connector status displays **Ready.** ### **Verifying Indexing Activity** After indexing begins: - Confirm that the index size increases over time. - Use Graph Explorer or Microsoft Graph APIs to verify indexed content. ### **Validating Access Controls** Confirm that search results are filtered appropriately using: - NTFS permissions - File share permissions Users should only see content that they are authorized to access. ## **Troubleshooting** ### **Log file location** The Graph Connector Agent logs are located at: C:\Users\\AppData\Local\Microsoft\GraphConnectorAgent\ConfigApp\logs ### **Indexing Errors** Indexing issues can be reviewed in the Microsoft 365 Admin Center on the **Search Connector** page. For detailed exports, use PowerShell. ## **Common Platform Limits** | **Limit** | **Value** | | --- | --- | | Maximum items per tenant | 50 million | | Maximum paths per Connector | 20 | | Maximum indexed file size | 100 MB | | Maximum indexed content per file | Approximately 4 MB parsed text | ## **Understanding the Nasuni Scan Process** The Connector processes data in two phases. ### **Phase 1: Full Directory Walk** During discovery, the Connector: - Discovers files. - Reads metadata and ACLs. ### **Phase 2: Content Ingestion** During ingestion, the Connector: - Indexes new files. - Updates changed files. - Removes deleted files. ## **Permissions Model Reference** ### **Everyone Access** If broad permissions are configured: - All users might search all indexed content. ### **File Share Permissions** Access is determined by: - Share-level permissions. ### **NTFS ACLs (Recommended)** NTFS ACLs provide: - The most secure configuration. - Automatic per-user filtering of search results based on access rights.