Adding a Vault Connection

You can start adding a new vault connection by clicking Add in the M-Files Desktop Settings main window.

The Add Document Vault Connection dialog.

To establish the connection, you first need to specify a few properties.


Begin by assigning a name to the document vault connection. The name can be anything, but it is a good idea to make it descriptive. The name will be displayed on the M:\ drive as a directory containing the contents of the document vault.


Enter the network name or IP address of the server on which M-Files Server has been installed and that contains the document vault.

Server / Port number

Specify the port to connect to on the server. The default TCP/IP port for M-Files is 2266.


Define the protocol to be used for the network connection. The following protocols are available:

  • gRPC
  • Local gRPC
  • TCP/IP
  • SPX
  • Local Procedure Call (LPC)
Note: When you use the gRPC protocol for connections between the M-Files server and M-Files clients, a valid TLS certificate must be in use on the server for connection security and encryption. For instructions, see Managing Server Certificates.

Enforce encrypted connection

Enable this option to secure the communication between M-Files Desktop and M-Files Server with RPC encryption.

RPC encryption does not require Internet Information Services or any other additional components and is often the simplest way to achieve encryption of network communication between the client software and M-Files Server in the organization's internal network.

The option is available for the TCP/IP and gRPC protocol. If the protocol is HTTPS, the connection is always encrypted at the HTTPS protocol level. For connections from outside the organization's internal network, HTTPS or VPN should still be used, as RPC communication to the default TCP port, 2266, is often blocked by firewalls.

Note: For RPC encryption to work, the user as well as the computer must be able to authenticate to the server computer. In practice, this requires that the client computer belongs to the Windows domain and that the user is a domain user.

For more information on encrypted connections, refer to Protecting Data in Transit with Encryption in M-Files.

HTTP proxy settings

You can specify an explicit HTTP proxy server for vault connections that use the gRPC or HTTPS protocol. This can be necessary if all traffic in your organization must be routed through an HTTP proxy server.

To do this, enable the option Specify HTTP proxy settings and do one of these options in the HTTP proxy server field:

  • If you selected gRPC as the protocol, enter the protocol, the address of the proxy server, and optionally the port number in this format: <protocol>://<server address>:<port number>. For example,
  • If you selected HTTPS as the protocol, the protocol is HTTPS by default and you must only enter the address of the proxy server and optionally the port number in this format: <server address>:<port number>. For example,

Server / Test Connection

You can use this button to check that the connection works correctly.


Specify the method the document vault is to use for authenticating the user. The authentication options are Current Windows user, Specific Windows user, and M-Files user.

The user is always authenticated on M-Files Server when logging in to the document vault, for example. M-Files Server is capable of checking the login accounts and passwords of all M-Files users. This is the M-Files authentication method. When Windows authentication is used, M-Files Server has the passwords checked by the domain server.

With Windows authentication, users log in to the database with same information that they use to log in to the local computer or the organization domain. If the organization uses a domain, using the domain logins and passwords is the quickest and easiest authentication method. This means that new passwords and logins are not needed, which makes this a rather user-friendly method.

Differences between the various authentication methods

Current Windows user

You can use the Current Windows user method to log in with your current Windows credentials.

Specific Windows user

Selecting Specific Windows user means that you need to enter your Windows username, password, and domain information when you log in. This option allows you to log in with a different account than the one you used for accessing Windows.

M-Files user

The M-Files authentication method allows you to log in to M-Files only. If your organization does not have a Windows domain or you do not have access to it, you should select M-Files authentication for logging in.

Vault on server

When there are several document vaults on the server, you can use this field to specify the document vault to connect to.

Log in automatically when Windows is started

You can choose to establish the connection to the document vault whenever Windows is started. This is a useful option if you are going to use the document vault daily. For more information, refer to Login Accounts.

Visible to all users on this computer

In Windows, there can be several users who each have their own user-specific settings. It is possible to provide user-specific access to M-Files document vaults. If you want the document vault to be visible to all users on this computer that have been defined in the operating system, check this box.

Test Connection to Document Vault

After specifying the contents of the above fields, you can check whether you can successfully connect to the document vault. If the connection works, the server has responded to the connection test.

Analyze connection

When you have created the vault connection and open the Document Vault Connection Properties dialog by double-clicking the vault connection in the M-Files Desktop Settings dialog, you can use the Analyze Connection button to display further details about the connection. The analysis measures the round-trip time between the client and the server, as well as the download and upload speeds.