Enterprise Recon 2.6.0

Dropbox

ER 2.4 has an updated Dropbox Business and Dropbox Personal module which requires the latest access token for authentication. Previous access tokens will no longer be supported by ER2 from September 2021.

To continue scanning Dropbox Business and Dropbox Personal Targets without interruption,

  1. Upgrade the Master Server, and
  2. Update Dropbox credential sets added in earlier versions of ER2 by performing re-authentication. See Re-authenticate Dropbox Credentials for more information.

This section covers the following topics:

Overview

The instructions here work for setting up the following Dropbox products as Targets:

  • Dropbox Business
  • Dropbox Personal

Supported Dropbox Business Configuration

The Dropbox Business Target in ER2 only supports the team folder configuration with Team Spaces.

Log in to the Admin Console with your Dropbox Business team admin's account to determine the team folder Configuration for your Dropbox Business account.

Licensing

For Sitewide Licenses, all scanned Dropbox Business and Dropbox Personal Targets consume data from the Sitewide License data allowance limit.

For Non-Sitewide Licenses, Dropbox Business and Dropbox Personal Targets require Client Licenses, and consume data from the Client License data allowance limit.

See Target Licenses for more information.

Requirements

Requirements Description
Proxy Agent
  • Proxy Agent host with direct Internet access.
  • Cloud service-specific access keys.
TCP Allowed Connections Port 443

Set Up Dropbox as a Target location

  1. From the New Scan page, Add Targets.
  2. In the Select Target Type dialog box, click on Dropbox and select one of the following Dropbox products:
    • Dropbox Business
    • Dropbox Personal
  3. In the Dropbox Details section, fill in the following fields:
    Example of Dropbox Details dialog box with access code filled and proxy agent "TREETRUNKS" selected.

    Field Description
    Dropbox Admin Email / Dropbox Domain Enter your Team Admin email address for Dropbox Business or your Dropbox email address for Dropbox Personal.
    Dropbox Business Account Authorization / Dropbox Account Authorization Obtain the Dropbox access code:
    1. In Dropbox Details, click on Dropbox Business Account Authorization / Dropbox Account Authorization. This opens the Account Authorization page in a new browser tab.
    2. In the Dropbox Business Account Authorization / Dropbox Account Authorization page:
      1. Enter the Team Admin's user name and password for Dropbox Business or your user name and password for Dropbox Personal. Click Sign in.
      2. Click Allow.

        Click Allow to grant Ground Labs Application access to Dropbox Account.

    3. Copy the Access Code.

      Dropbox account authorization page displaying the access code.

    Access Code Enter the Access Code obtained during Dropbox Business Account Authorization / Dropbox Account Authorization.
    Agent to act as proxy host Select a Proxy Agent host with direct Internet access.
    Recommended Least Privilege User Approach

    To reduce the risk of data loss or privileged account abuse, the Target credentials provided for the intended Target should only be granted read-only access to the exact resources and data that require scanning. Never grant full user access privileges or unrestricted data access to any application if it is not required.

  4. Click Test. If ER2 can connect to the Target, the button changes to a Commit button.
  5. Click Commit to add the Target.

Edit Dropbox Target Path

To scan a specific path in Dropbox Business or Dropbox Personal:

  1. Set Up Dropbox as a Target location.
  2. In the Select Locations section, select your Dropbox Business or Dropbox Personal Target location and click Edit.
  3. In the Edit Dropbox Business / Edit Dropbox Personal dialog box, enter the path to scan. Use the following syntax:

    Path Syntax
    Specific folder <folder_name>
    Specific file <[folder_name/]file_name.txt>
  4. Click on Dropbox Business Account Authorization / Dropbox Account Authorization and follow the on-screen instructions. Enter the Access Code obtained into the Access Code field.

  5. Click Test and then Commit to save the path to the Target location.

Re-authenticate Dropbox Credentials

  1. Log in to the ER2 Web Console.
  2. Go to Settings > Target Credentials.
  3. Hover over the Dropbox Business or Dropbox Personal Target credential set and click Edit.
    Example of a Dropbox Business credential set with Team Admin email "dropbox.admin@example.com".
  4. Click on Dropbox Business Account Authorization (opens in a new tab) / Dropbox Personal Account Authorization (opens in a new tab) and follow the on-screen instructions.
    Example of a Dropbox Business credential set in "Edit" view.
  5. Enter the Access Code obtained into the Access Code field in the credential editor.
  6. Click Save.