GlobalSCAPE Knowledge Base

THE INFORMATION IN THIS ARTICLE APPLIES TO:

CuteFTP Pro^® (All Versions)
CuteFTP v9 and later

DISCUSSION

You can automate file transfers using CuteFTP in the following ways:

You can interact with the Transfer Engine directly using common programming languages such as Visual Basic or in another scripting language supported by the Windows Scripting Host. Or you can create a script using CuteFTP itself. To create a new script file, you need to have some familiarity with programming concepts and ideally, some experience with Visual Basic or Java. For additional information on using scripts see the help file topic titled Using Scripts to Transfer Files.
You can use the Folder Monitor feature, which will automatically upload any new or modified files or folders added to a specific local folder. The upload will occur automatically or you can choose to have the folder checked every n seconds. For additional information see the help file topic titled Monitoring a Local Folder for Changes Using the Folder Monitor Wizard.
You can also use the Synchronize Folders tool to automatically make the contents of a remote and local folder exactly the same on a scheduled basis. For example, to upload all new or changed files in a particular folder on the local system from the local system to a remote system set this to Mirror Local which keeps the local folder the same and changes the remote folder to match. Other mirroring options are also available. For additional information see the help file topic titled Synchronizing Folders Using the Folder Synchronization Wizard.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

version 6.5 and later

QUESTION

How do I use the COM API to copy (duplicate) Advanced Workflows or import existing Workflow files (.aml)?

ANSWER

To copy and import workflows using the COM API, you can to use the Site methods AddAdvancedWorkflow and GetAdvancedWorkflowParams.

MORE INFORMATION

Review the examples below, or download the attached examples (scroll to the bottom of page for the attachment). Don’t forget to change your admin login credentials in the script and point to the correct Site index (set to Site ‘0’ by default, meaning the first Site created in EFT).

(You can also copy and import AWE workflows in the EFT administration interface.)

Copy Workflow:

' INBOUND parameters {{{
strSourceAWTaskName = "AWTask"
strDestinationAWTaskName = strSourceAWTaskName + "_Copy"
strServer = "localhost"
strPort = "1100"
strAdminUserName = "a"
strPassword = "q"
' }}} INBOUND parameters

' Get CISite object {{{
Set objEFTServer = CreateObject("SFTPCOMInterface.CIServer")
objEFTServer.Connect strServer, strPort, strAdminUserName, strPassword

set objSites = objEFTServer.Sites
set objSite = objSites.Item(0)
' }}} Get CISite object

' Get source AW task script content {{{
' Get source AW task index
nSourceAWTaskIndex = objSite.GetAdvancedWorkflowIndex(strSourceAWTaskName)

' Get source AW task parameters by index
Set objSourceAWTaskParams = objSite.GetAdvancedWorkflowParams(nSourceAWTaskIndex)

' Get source AW task script content
strSourceScriptContent = objSourceAWTaskParams.Code
' }}} Get source AW task script content

' Copy AW Task {{{
Set objDestinationAWTaskParams = CreateObject("SFTPCOMInterface.CIAdvancedWorkflowParams")

' Set new AW task name
objDestinationAWTaskParams.Name = strDestinationAWTaskName

' Set script content for new AW task
objDestinationAWTaskParams.Code = strSourceScriptContent

' Add new AW task to EFT
objSite.AddAdvancedWorkflow(objDestinationAWTaskParams)

' }}} Copy AW Task

MsgBox "Done."

Import Workflow:

' INBOUND parameters {{{
' Outside script which we want to import
strFileToImport = "C:\\SomeOutsideScript.aml"

' EFT AW task name for imported script
strAWTaskName = "AWTask_Imported"

strServer = "localhost"
strPort = "1100"
strAdminUserName = "a"
strPassword = "q"
' }}} INBOUND parameters

' Read outside script contents {{{
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objReadFile = objFSO.OpenTextFile(strFileToImport, 1, False)

strFileContents = objReadFile.ReadAll

objReadFile.close

Set objFSO = Nothing
Set objReadFile = Nothing
' }}} Read outside script contents

' Get CISite object {{{
Set objEFTServer = CreateObject("SFTPCOMInterface.CIServer")
objEFTServer.Connect strServer, strPort, strAdminUserName, strPassword

set objSites = objEFTServer.Sites
set objSite = objSites.Item(0)
' }}} Get CISite object

' Add AW Task to EFT server {{{
Set objAWParams = CreateObject("SFTPCOMInterface.CIAdvancedWorkflowParams")
objAWParams.Name = strAWTaskName
objAWParams.Code = strFileContents

objSite.AddAdvancedWorkflow(objAWParams)
' }}} Add AW Task to EFT server

MsgBox "Done."

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT Server, version 6.x

SYMPTOM

Cannot connect to EFT using LDAPv2

RESOLUTION

Modify the default MaxPageSize in ADSIEDIT.MSC or GPO, and the advanced LDAP settings in EFT.

In ADSI EDIT:

ADSI Edit

In EFT (on the LDAP Site's General tab), edit the Override search page size setting:

MORE INFORMATION

If you try to log in using an AD account that doesn't show up in EFT, it denies the authentication. Increasing the search page size allows the accounts to appear.

From http://support.microsoft.com/kb/315071: MaxPageSize - This value controls the maximum number of objects that are returned in a single search result, independent of how large each returned object is. To perform a search where the result might exceed this number of objects, the client must specify the paged search control. This is to group the returned results in groups that are no larger than the MaxPageSize value. To summarize, MaxPageSize controls the number of objects that are returned in a single search result.The default value is 1,000.

For more information about MaxPageSize, refer to http://searchwindowsserver.techtarget.com/tip/Limiting-LDAP-searches-with-MaxPageSize.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT Server, all versions

DISCUSSION

Following is an explanation of firewall rules needed for each protocol/mode to work:

	Mode	Server	Client
Implicit SSL	PORT	INBOUND port 990 from ANY OUTBOUND from source port 989 to ANY	OUTBOUND port 990 to SERVER_IP INBOUND port CLIENT_CHOICE from SERVER_IP
	PASV	INBOUND port 990 from any INBOUND ports 28000-30000 to server_IP	OUTBOUND port 990 to SERVER_IP OUTBOUND ports 28000-30000 to SERVER_IP
Explicit SSL	PORT	INBOUND port 21 from ANY OUTBOUND from source port 20 to ANY	OUTBOUND port 21 to SERVER_IP INBOUND port CLIENT_CHOICE from SERVER_IP
	PASV	INBOUND port 21 from ANY INBOUND ports 28000-30000 from ANY	INBOUND port 21 to SERVER_IP OUTBOUND ports 28000-30000 to SERVER_IP
SFTP	-	INBOUND port 22 from ANY	OUTBOUND port 22 from ANY
HTTP	-	INBOUND port 80 from ANY	OUTBOUND port 80 from ANY
HTTPS	-	INBOUND port 443 from ANY	OUTBOUND port 443 from ANY

For information about defining a range of ports, refer to"Specifying a PASV IP or Port Range" in the help documentation.

The ideal scenario is to support both Implicit SSL and Explicit SSL, when possible. From the server side, this support would look like this:

INBOUND ports 21 from ANY
INBOUND ports 990 from ANY
INBOUND ports 28000-30000 from ANY
OUTBOUND ports from source port 20 to ANY
OUTBOUND from source port 989 to ANY

From the client view point:

It is far simpler, easier, more secure, and more fool-proof to use Implicit SSL in PASV mode.
Only OUTBOUND connections from their trusted network need to be allowed at that point. This reduces the security risk, avoids the need to set up complex firewall or NAT rules to maintain and conflicts to resolve, and it is encrypted from the moment the socket is opened.

Explicit SSL in PASV mode is the second-best choice. Sometimes Explicit SSL is the only FTPS type supported by some older legacy platforms, so there may not be any getting around that. But if Explicit SSL is used, then it is important to remember that Explicit SSL works by the client opening a socket and briefly communicating with in clear-text FTP mode, then issuing the AUTH_SSL or AUTH_TLS command to make the switch to SSL-encrypted FTP. This can cause problems withsome firewall/NAT devices. These devices recognize, and latch onto clear-text FTP connection, and then have no idea how to react during the SSL negotiations. It can often react by blocking any further communication that does not confirm to its idea of standard FTP. This is an exception, not the rule, but it is not rare, so be on the lookout for that.

PORT mode applies equally to both Explicit and Implicit SSL. The problem is that they have clients capable of being configured to issue public IP address and specific ports if client is behind NAT, as is always the case, as a part of the PORT command. It is a rare feature to have. But, they must also manage their firewall/NAT devices so as to appropriately allow direct incoming traffic from the untrusted public internet. This is rarely desirable, and it is never preferable when compared to PASV mode. It is not necessarily impossible, just potentially more painful and require intricate management and maintenance by administrators on the client side, deepening the furrows in the firewall and security personnel's collective brow. Usually this is only done when absolutely necessary due to legacy applications that have limitations wich simply cannot be addressed in any other manner.

Note: The ports listed above are the default port configurations for EFT. These ports can be configured for alternate ports within the application.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

All GlobalSCAPE products, all versions
Refer to http://kb.globalscape.com/KnowledgebaseArticle11144.aspx for EFT-specific HTTP error codes

DISCUSSION

During your HTTP sessions, you'll receive various numbered codes from Web servers. When connected via HTTP, CuteFTP and HTTP servers to which you connect can display these codes in the log window. Some codes represent errors. Most others simply communicate the status of the connection. Here are brief explanations for the most common status and error codes.

The list below are standard HTTP codes. Numbers outside this list are proprietary to the Server or Client that you are using.

Error or Status Code	Description
100 Series	Informational - These status codes indicate a provisional response. The client should be prepared to receive one or more 1xx responses before receiving a regular response.
100	Continue.
101	Switching protocols.

200 Series	Success - This class of status codes indicates that the server successfully accepted the client request.
200	The client request has succeeded. This status code indicates that the Web server has successfully processed the request.
201	Created.
202	Accepted.
203	Non-authoritative information.
204	No content.
205	Reset content.
206	Partial content.

300 Series	Redirection - The client browser must take more action to fulfill the request. For example, the browser may have to request a different page on the server or repeat the request by using a proxy server.
302	Object moved.
304	Not modified. The client requests a document that is already in its cache and the document has not been modified since it was cached. The client uses the cached copy of the document, instead of downloading it from the server
307	Temporary redirect.

400 Series	Client Error - An error occurs, and the client appears to be at fault. For example, the client may request a page that does not exist, or the client may not provide valid authentication information.
400	Bad request.
401	Access denied.
401.1	Logon failed. The logon attempt is unsuccessful, probably because of a user name or password that is not valid.
401.2	Logon failed due to server configuration.
401.3	Unauthorized due to ACL on resource. This indicates a problem with NTFS permissions. This error may occur even if the permissions are correct for the file that you are trying to access. For example, you see this error if the IUSR account does not have access to the C:\Winnt\System32\Inetsrv directory.
401.4	Authorization failed by filter.
401.5	Authorization failed by ISAPI/CGI application.
401.7	Access denied by URL authorization policy on the Web server. This error code is specific to IIS 6.0.
403	Forbidden.
403.1	Execute access forbidden. The following are two common causes of this error message: You do not have enough Execute permissions. For example, you may receive this error message if you try to access an ASP page in a directory where permissions are set to None, or you try to execute a CGI script in a directory with Scripts Only permissions. The script mapping for the file type that you are trying to execute is not set up to recognize the verb that you are using (for example, GET or POST).
403.2	Read access forbidden. Verify that you have Read access to the directory. Also, if you are using a default document, verify that the document exists.
403.3	Write access forbidden. Verify that you have Write access to the directory
403.4	SSL required. Use HTTPS instead of HTTP to access the page.
403.5	SSL 128 required.
403.6	IP address rejected.
403.7	Client certificate required. You do not have a valid client certificate installed
403.8	Site access denied.
403.9	Too many users. The number of users who are connected to the server exceeds the connection limit.
403.10	Invalid configuration.
403.11	Password change.
403.12	Mapper denied access. The page that you want to access requires a client certificate, but the user ID that is mapped to your client certificate has been denied access to the file.
403.13	Client certificate revoked.
403.14	Directory listing denied.
403.15	Client Access Licenses exceeded.
403.16	Client certificate is untrusted or invalid.
403.17	Client certificate has expired or is not yet valid.
403.18	Cannot execute requested URL in the current application pool. This error code is specific to IIS 6.0.
403.19	Cannot execute CGIs for the client in this application pool. This error code is specific to IIS 6.0.
403.20	Passport logon failed. This error code is specific to IIS 6.0.
404	Not found. This error may occur if the file that you are trying to access has been moved or deleted.
404.0	File or directory not found.
404.1	Web site not accessible on the requested port.
404.2	Web service extension lockdown policy prevents this request.
404.3	MIME map policy prevents this request.
405	HTTP verb used to access this page is not allowed (method not allowed).
406	Client browser does not accept the MIME type of the requested page.
407	Proxy authentication required.
412	Precondition failed.
413	Request entity too large.
414	Request-URL too long.
415	Unsupported media type.
416	Requested range not satisfiable.
417	Execution failed.
423	Locked error.

500 Series	Server Error - The server cannot complete the request because it encounters an error.
500	Internal server error. You see this error message for a wide variety of server-side errors.
500.12	Application is busy restarting on the Web server. Indicates that you tried to load an ASP page while IIS was in the process of restarting the application. This message should disappear when you refresh the page. If you refresh the page and the message appears again, it may be caused by antivirus software that is scanning your Global.asa file.
500.13	Web server is too busy.
500.15	Direct requests for Global.asa are not allowed.
500.16	UNC authorization credentials incorrect. This error code is specific to IIS 6.0.
500.18	URL authorization store cannot be opened. This error code is specific to IIS 6.0.
500.100	Internal ASP error. You receive this error message when you try to load an ASP page that has errors in the code.
501	Header values specify a configuration that is not implemented.
502	Bad Gateway. Web server received an invalid response while acting as a gateway or proxy. You receive this error message when you try to run a CGI script that does not return a valid set of HTTP headers.
502.1	CGI application timeout.
502.2	Error in CGI application.
503	Service unavailable. This error code is specific to IIS 6.0.
504	Gateway timeout.
505	HTTP version not supported.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT Enterprise v6 and later
EFT Standard v6 and later, with HTTP/S module

DISCUSSION

The table below describes errors that can occur during EFT transfers over HTTP/S.

HTTP Error	Cause	Response Body	EftHttpError header
400 Bad Request	Malformed header, bytes uploaded < content length, or bad query parameter	<html><head><title>Bad Request</title><head><body><H1>HTTP/1.1 400 Bad Request</H1></body></html>
401 Unauthorized	Login failed or unknown user agent	<html><head><title>Unauthorized</title><head><body><H1>HTTP/1.1 401 Unauthorized</H1></body></html>
403 Forbidden	DELETE when user lacks permission, file locked by another operation, or action denied due to filename restriction	<html><head><title>Forbidden</title><head><body><H1>HTTP/1.1 403 Forbidden</H1></body></html>	“Access+Denied”
403 Forbidden	GET when user lacks permission, file locked by another operation, or action denied due to filename restriction	Same as above	“Access+Denied”
403 Forbidden	(MKCOL, MOVE, PUT) when user lacks permission, file locked by another operation, or action denied due to filename restriction (or MOVE non-existent item)	Same as above	“Access+Denied”
403 Forbidden	Attempt to MKCOL using existing folder name	Same as above	“Exists”
403 Forbidden	Destination path on server exceeds max length (260)	<html><head><title>Forbidden</title><head><body><H1>HTTP/1.1 403 Forbidden: Path too long</H1></body></html>	"Upload+Path+Too+Long"
404 Not Found	(DELETE, GET) of non-existent file	<html><head><title>Object Not Found</title><head><body><H1>HTTP/1.1 404 Object Not Found</H1><br/>The requested URL was not found on this server.<br/><hr/></body></html>
404 Not Found	CRC failed because file was locked	Same as above	"IOR_RESTRICTED”
404 Not Found	HEAD on non-existent file/folder
404 Not Found	GET on non-existent folder
406 Not Acceptable	Bad header value, i.e., invalid content range	<html><head><title>Bad Parameter</title><head><body><H1>HTTP/1.1 406 Bad Parameter</H1><br>The requested URL was not found on this server.<br><hr></body></html>
408 Request Time-out	Socket timed out on request
411 Length Required	POST with invalid file length (< 0)
412 Precondition Failed	action attempted after session has timed out	<html><head><title>Precondition Failed</title><head><body><H1>HTTP/1.1 412 Precondition Failed</H1></body></html>
413 Request Entity Too Large	Attempted GET after download quota reached	<html><head><title>Max Quota Reached</title><head><body><H1>HTTP/1.1 413 Max Quota Reached</H1></body></html>
413 Request Entity Too Large	Attempted PUT after the maximum amount of upload data (quota) transferred	<html><head><title>Max Quota Reached</title><head><body><H1>HTTP/1.1 413 Max Quota Reached</H1></body></html>	"Max+Quota+Reached"
413 Request Entity Too Large	Attempted PUT after the maximum number of uploads performed	Same as above	“Upload+Is+Not+Allowed+By+Transfer+Limits”
413 Request Entity Too Large	POSTing too large a file	<html><head><title>Request Entity Too Large</title><head><body><H1>HTTP/1.1 413 Request Entity Too Large</H1></body></html>
414 Request-URI Too Large	URI exceeds max (4096) length	<html><head><title>Request-URI Too Large</title><head><body><H1>HTTP/1.1 414 Request-URI Too Large</H1></body></html>
500 Internal Server Error	Disk full when PUT/POST attempted or unspecified abort of PUT	<html><head><title>Internal Server Error</title><head><body><H1>HTTP/1.1 500 Internal Server Error</H1></body></html>
501 Not Implemented	Unimplemented request method or unspecified disk IO error during processing of COPY request	<html><head><title>Not Implemented</title><head><body><H1>HTTP/1.1 501 Not Implemented</H1></body></html>

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT v6 and later

DISCUSSION

EFT can be installed in an active-passive cluster to achieve high availabilitythrough failover clustering. Separate instructions are provided belowfor installing and upgradingEFT in a cluster. (TIP:Print this topic and check off the steps as they are completed.)

Installing EFT in a ClusterConfiguration

Before you add EFT to your cluster, you must setup your cluster manager. Please consult your cluster manager vendor’s documentation for details. Globalscape's Server Support team can provide assistance with basic configuration questions, and Globalscape Professional Services group provide assistance with installing and configuring a cluster.

To install an EFT version 6 or later in a cluster configuration:

	Step	Owner
	Setup Microsoft Failover Clustering, Symantec’s Veritas Cluster Server, or other third-party cluster manager according to your cluster manager vendor’s documentation.
	Make sure the node that you are installing on has access to the shared resource disk (i.e., the clustered disk or clustered storage pool or Cluster Shared Volume (CSV), as appropriate to your cluster environment.
	Run the EFT installer on the node that has access to the clustered (shared resource) disk. Follow the prompts and refer to Installing the Server, Interface, and Modules, if necessary.
	On the Choose install type page, click Part of a cluster, then click Next. When the confirmation prompt appears, click Yes to confirm that you have read the cluster documentation.
	A prompt appears asking "Is this the first node in the cluster?" Do one of the following: Click Yes if this is the first node in the cluster. Click No if you already installed EFT on the first node and you are now installing EFT on the second node.
	On the Choose Install Location page, specify the installation location on your local physical drive, and then click Next.
	On the Choose EFT Enterprise configuration data location page, specify the shared resource disk, and then click Next. Note: If you cannot browse to the shared resource disk, then the clustered disk is offline or assigned to the other node. CANCEL the installation and verify that the clustered disk can be accessed on the node you are installing on, and then restart the installation process.
	Follow the prompts in the wizard to continue the installation (create the EFT administrator account, configure ARM, etc.). Note: You must specify a remote SQL or Oracle server for the ARM database. Do not use a local database, such as SQL Server Express.
	On the final page of the installer, ensure that the Start the EFT Enterprise service check box is NOT selected, and then click Finish.
	Use the third party's cluster administrator tool to move (assign) the clustered disk resource to the second node.
	Repeat steps 3– 9 on the second node. (Be sure to click No in step 5.)
	On the second node, use the third-party's cluster administrator tool to create a new clustered role: generic service > EFT Enterprise, linked to the desired shared resource drive (described in step 2), optionally replicating the following registry settings in HKLM\SOFTWARE\Wow6432Node\GlobalSCAPE Inc.
	Once the role is created, the EFT service on the second node will be started by the cluster. Launch the EFT administration interface, connect to the EFT on the second node, configure EFT, and license the product and any add-on modules. Note: Make sure you specify a Site root folder on the shared resource drive when creating your first Site. (For example: Site Root = H:\Data.)
	Once you have configured EFT to your liking, make the first node in the cluster the group owner, then license EFT and any add-on modules in that node. (Notice that EFT on the first (primary) node picks up all configuration done to the second node, because the nodes share the configuration files.)

Upgrading EFT in an ExistingCluster

To upgrade an EFT version 6.4 or later that is alreadyinstalled in a cluster configuration:

	Step	Owner
	Gather your credentials: EFT administrator and SQL or Oracle database owner (unless using Windows authentication).
	Perform rollback and disaster recovery (DR) operations: Run EFT's Backup Server Configuration tool (available in Enterprise only) Backup your entire EFT configuration folder located on the shared resource drive Backup your database (performing purging, if necessary) (Optional) Route traffic to your DR site to avoid downtime.
	Open the third-party cluster administrator tool and take the cluster offline. Also take the EFT Enterprise clustered role (formerly called "clustered applications and services") offline. Note: Microsoft’s failover cluster will bring down the disk resource when the role is stopped. You may need to detach the clustered disk from the role and bring the clustered disk resource back online so that the installer can write files to the clustered (shared resource) disk.
	Run the EFT installer on the node that has access to the clustered (shared resource) disk.
	On the Prior version detected page, click Upgrade cluster, and then click Next. When the confirmation prompt appears, click Yes to confirm that you have read the cluster documentation.
	A prompt appears asking "Is this the first node in the cluster?" Do one of the following: Click Yes if you are upgrading the first node in the cluster. Click No if you already upgraded the first node and are now going through the steps again for the second or Nth node.
	On the Choose Install Location page, verify that the DestinationFolder matches the current program install directory, typically C:\Program Files\Globalscape\EFT Enterprise, and then click Next.
	On the Auditing and Reporting database configuration page, click Configure Auditing and Reporting (most likely) or skip if auditing is not being used (rare). Click Next.
	Click Use existing SQL Server or Use existing Oracle database, as appropriate, and then click Next.
	Click Upgrade an existing EFT ARM Database, and then click Next.
	Provide your database credentials if using SQL or Oracle authentication, otherwise click Windows authentication. Click Test to verify your database connection. After the database credentials have been verified, click Next. Note: Do not proceed with the installation if you are unable to validate your database connection. Contact Globalscape support or your database administrator for further assistance.
	On the Confirm Database Upgrade page, verify that all upgrade requirements have passed. Once verified, select the check box to confirm your understanding of the upgrade process, and then click Install.
	On the final page of the installer, ensure that the Start the EFT Enterprise service check box is NOT selected, and then click Finish.
	Use the third-party cluster administrator’s tool to move (assign) the clustered disk resource to the second node.
	Repeat step 4-14 above on the second node, making sure to click No in step 6 when the prompt asks "Is this the first node in the cluster?" You will not be prompted to upgrade the database for the second node.
	Once the second node has been upgraded, use the third-party cluster administrator to reattach the clustered disk resource to the EFT resource role, then subsequently bring the role and cluster back online.
	If applicable you can start routing traffic back from the DR site to the primary. Repeat the cluster upgrade procedure on the DR site once you feel confident with the new version.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT Server (All Versions)

QUESTION

Is EFT Server supported on VMWare, ESX Server, and other such virtual environments?

ANSWER

EFT Server is supported on specific Windows operating systems. If a supported operating system is installed on the virtual image, and all other EFT Server system requirements are met, EFT Server should run on the virtual image. (GlobalSCAPE Quality Assurance performs portions of its testing using VMware).

In any case, GlobalSCAPE Customer Support supports EFT Server, not the environment on which it is installed. We do not provide support for installing or configuring Windows or your virtualization software. If you have an issue with the virtualization software, you must call the virtualization software's support desk.

Refer to the EFT Server help documentation for your version of EFT Server to view the complete system requirements.
Refer to http://www.vmware.com/ for information about VMware.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT Server version 4.x and later and EFT Server Enterprise version 6 and later

DISCUSSION

EFT Server stores its configuration information in the Windows Registry, which contains profiles for each user of the computer and information about system hardware, installed programs, and property settings. EFT Server modifies the system registry as needed, and continually references this information during operation.

To add a key to the registry, you can either edit it directly or create and execute a .reg file. When you add or edit these registry keys, you will need to restart EFT Server.

These options are for advanced users only. Incorrectly editing the registry can severely damage your system. You should always back up (export a copy of) the registry before you make any changes to it.

Some paths are HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 3.0\, and others are HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\. Do NOT change the path to match your version of EFT Server.

The registry keys described at the links below are available in EFT Server for advanced system administration.

#10076: Server service will not start (ImagePath)
#10220: Monitor Folder Event Rule triggering an SFTP offload can cause files to be created in the monitored folder, then some (or none) of the intended files are offloaded. (ASCIIFileExts and DefaultTransferType)
#10023: Changing the ping interval (gw_keepalive)
#10262: Adding tenth column to the CL log (Enable10ColumnInClientLog)
#10270: Changing the load order of the server service (ServiceGroupOrder)
#10371: How can I display more than 499 files or folders in the WTC? (use_registry)
#10438: Tuning Windows for TCP-IP
#10470: WTC Customizations (EFTClient)
#10478: Copy/Move Event Rule with *.* wildcard does not generate an error if no files exist (WildcardFailMode)
#10485: Override Outbound on Listen IP (LegacyListenIP)
#10486: LDAP "Groups Lost" Fix (UserDatabaseSynchronizationMode and IgnoreZeroUsersResult)
#10487: Pass the Client's IP Address to the Authentication Request (PasswordContainsClientIP)
#10488: Sending EFT Server's Logs to the Windows Application Event Log (LogToWindowsEventViewer)
#10489: Buffered CFG Writes (UseBufferedArchiveWriter)
#10490: Enable Oracle (DBType)
#10491: Ignore Active Directory Home Directories (IgnoreADHomeDirs)
#10492: ClientFTP.DLL Enable Logging Override (EnableLogging)
#10493: Disable COMB Command (DisableCOMBCommand)
#10494: Redirect Custom Command Output to Connected FTP Clients (FileUploadEventResult)
#10495: Folder Monitor Change Filter Override (FolderMonitorFilterValue)
#10496: HTTP Engine Use Server Time Zone (UseServerTimeZone)
#10497: Legacy SMTP Send Behavior (LegacySMTPSendBehavior)
#10498: Maintain Password History for "Change Password" Validation (PasswordHistoryLimit)
#10499: ODBC Auth Manager (EnableODBCSettingsLevelField)
#10500: Upload Throttling (UploadsPerClient and UploadsPerClientInterval)
#10501: HTTP->HTTPS Redirection (RedirectHTTPtoHTTPS)
#10502: Reverse Banned File Logic (RestrictionByFileNameOnUpload)
#10503: EFT Server Transfer Engine Stub (PASVMode)
#10504: Web Transfer Client Session Timeout (WTCTimeout)
#10505: Overriding the Hard-Coded Location of Web Transfer Client Files (path to WTC files)
#10506: Enable Alternative Permission Logic (UplReqDel)
#10508: Kill EAS Service on Startup (KillEASServersAtStartup)
#10509: Specify Location of FTP.CFG (Path=<path_to_config_file>)
#10516: Turning On/Off the Change Password Feature for AD/LDAP Users in the Web Transfer Client (PasswordChg_NTADLDAP)
#10537: Allow Server to Accept ODBC Database Passwords that are MD5 Hashed (UseMD5PasswordHash)
#10553: Web Services Timeout Setting (WebServiceTimeout)
#10574: Can I use the old version of the HTML Listing and Upload form (Plain-Text Client) that doesn't use JavaScript?
#10575: Enabling OpenPGP Signature Requirement (PGPVerifySignature)
#10579: How does EFT Server determine a file's age for the Event Rule file cleanup? (CleanupDateType)
#10581: Advanced Workflows affect system performance (RunningTaskLimit and GSAWEObjectsPerServerInstance)
#10594: Could not send “On Error” email for AWE action; default mail server not defined (TaskService)
#10601: Can I specify the system type so that I can switch from UNIX to Windows NT? (FTPSYSTResponse)
#10604: Editing the EFT Server Registry Entries on a 64-bit Operating System
#10626: Long Delay When Returning Directory Listing in EFT Server (LegacyDirListBehavior)
#10627: Overriding the default time to execute an ARM report (DBTimeout)
#10648: Folder monitor rules randomly stop working (Windows OS keys)
#10659: Changing of user password not allowed on LDAP Site if the Site is hosted on a foreign domain (ChangePassByAD)
#10660: Make the authentication manager read from disk instead of internal memory for load balancing (ReloadAUDOnSync)
#10661: Disabling the SQL log auto-import function in ARM (DisableARMFileImporter)
#10662: Use the Apache HTTP client instead of the default JSE HTTP client library (WTC) (use_JSE_HTTP_Client)
#10669: Reverting to v6.2 Folder Monitor algorithm (FolderMonitorUseIOCP)
#10681: Changing the amount of time EFT Server waits between reconnect attempts (FolderMonitorWaitBeforeReconnect)
#10682: Changing the amount of time EFT Server waits for the notification from Windows when a Folder Monitor health check file is created (FolderMonitorHealthCheckTimeout)
#10683: Force use of Web Transfer Client for browser-based uploads (disable use of PTC) (applet_only)
#10692: Folder Monitor Interactive Login Override(FolderMonitorUseNonInteractiveLogon)
#10693: Ignore Client Certificate Requests During SSL Handshake (IgnoreClientCertificateRequests)
#10696: Enforcing only one health check on Folder Monitor Event Rules (FirstHealthCheckOnly)
#10705: Uploads to EFT Server fail if file with same name exists during RENAME operation (ReplaceExistingOnRename)
#10706: EFT Server is unable to upload or download a file to a subfolder (RemoveLeadingSlash)
#10707: FTPS file transfers fail (SterlingConnectServerCCCLogic)
#10708: Disable auto redirection to HTTPS for login and account management (DisableHTTPAccountSecurity)
#10861: Set Event Rule Timer Stack Size (TimerStackSize)
#10872: Controlling the filename and frequency for creation of a new PGP log file (PGPLogSuffixTemplate)
#10873: Disable X-frame options for WTC and PTC (disable_xframeoptions)
#10877: Cannot create new Event Rule after upgrading (IPRulesLimit)
#10878: Changing the PGP Timeout (PGPTaskExecutionTimeout)
#10910: Transform incoming file names from ASCII to UTF8 and outgoing filenames from UTF8 to ASCII (ForceASCIIinSFTP)
#11005: AD users are able to delete virtual folders (AllowDeleteVFSFolders)
#11009: The Logs folder fills quickly with log files (EnableXferLog)
#11010: Connection problems when attempting outbound SFTP (WaitForServerVersion and DelayBeforeVersionString)
#11012: Specifying an Alternate Reporting Connection String (ReportsConnectionString)
#11032: Edit the number of days and frequency to send notifications (PasswordChg_EmailInterval)
#11033: HTTP Request Logging (log_request)
#11034: Using the Custom User Details Fields in HTTP Headers (enable_x_headers)
#11035: Single Sign-On Support for the WTC (enable_iwa, use_registry)
#11036: Changing the Number of Concurrent Threads Used by Event Rules (MaxNumberConnections)
#11099: Adjusting the ARM Queue Behavior (ARMLogMinStalledThreads, ARMQueueSize, ARMLogStalledThreadMinDuration)
#11120: Does EFT Server allow multipart transfers (COMB)? (MultipartValue, EnableMultipart)

The instructions below are provided only as a reminder for advanced users.

If you are not experienced with editing the Registry, please ask your system or network administrator for assistance.

To backup the registry

Click Start, then click Run. The Run dialog box appears.
In the Open box, type regedit, then press ENTER. The Registry Editor appears.
Do one of the following:
- To backup the entire registry, click My Computer.
- To backup a specific group of keys or a specific key, click the folder or key.
On the main menu, click File, then click Export. The Export Registry File dialog box appears.
Specify a name and location for the file, then click Save. The export process begins.
If you are exporting the entire registry, it can take a few minutes, and the file size can be up to 100 MB or more. If you are exporting just one key, the file size is approximately 1 KB.
After you edit the registry, if you are experiencing problems caused by editing the registry, you can import the backed up file:
1. On the main menu, click File, then click Import. The Import Registry File dialog box appears.
2. Click the .reg file to import, then click Open. The import process begins. If you are importing the entire registry, it can take a few minutes.

To create a .reg file

In a text editor, such as Notepad, type or paste the following text on the first line:
Windows Registry Editor Version 5.00
On the second line, type or paste the key path. For example, type:
[HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\EventRules]
(include brackets)
On the third line, type or paste the name of the key and the value (DWORD) for the key. For example, type:
"FolderMonitorWorkerThreadCount"=dword:00000100
(include quotation marks)
Close the file and save it with a .reg extension. For example, type:
threadcount.reg
Double-click the file and follow the prompts to install the key into the registry. If you receive an error, open the file to verify the information was typed correctly. The .reg file can be transported to and used on other computers.

To create the key manually

Click Start, then click Run. The Run dialog box appears.
In the Open box, type regedit, then press ENTER. The Registry Editor appears.
Expand the My Computer node, the HKEY_LOCAL_MACHINE node, and the SOFTWARE node to find the GlobalSCAPE nodes.
Click the applicable GlobalSCAPE node (as described below), then right-click it, point to New, then click Key. This makes a new folder under the GlobalSCAPE node.
Type a name for the key based on the instructions below, then press ENTER.
Right-click the key, point to New, then click DWORD Value.
Type a name for the DWORD value based on the instructions below, then press ENTER.
Double-click the DWORD. The Edit DWORD Value dialog box appears.
In the Value data box, type an integer, based on the instructions below, then click OK.
Close the registry, then restart the Server service.

Some of the keys should be created in the EFT Server 3.0 folder, and some should be created in the EFT Server 4.0 folder. Do NOT change the path to match your version of EFT Server.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

DMZ Gateway, version v3.0-3.3
For other versions of DMZ Gateway, contact Globalscape Customer Support.

DISCUSSION

This article discusses installing DMZ Gateway in a cluster and upgrading DMZ Gateway in a cluster.

Set up DMZ Gateway in a clustered environment using Microsoft Clustering Services or Globalscape’s monitoring utilities and achieve high availability through failover clustering.

If you have Microsoft Clustering Service (MSCS) deployed, you can use its built-in Resource Monitor to manage the availability of DMZ Gateway. MSCS can manage DMZ Gateway as a generic service.

Clustering setups vary between operating systems, hardware resources used, and various other factors. If you have never set up a server cluster before, please consult your Windows documentation or the Cluster Administrator help file for detailed instructions on setting up a server cluster prior to proceeding. The focus of these instructions is for setting up DMZ Gateway in a pre-existing clustered environment.

To find out which hardware is compatible with MSCS, refer to Microsoft’s hardware compatibility list at: https://winqual.microsoft.com/default.aspx
To learn more about MSCS, search for "clustering" on the Microsoft Developer Network Library at: http://msdn2.microsoft.com/en-us/library/default.aspx
For information about clustering on Windows 2003 Server, review the article "Introducing Microsoft Cluster Service (MSCS) in the Windows Server 2003 Family" at: http://msdn2.microsoft.com/en-us/library/ms952401.aspx.

Deploying DMZ Gateway in a clustered environment as described in this document is typically the most reliable method to achieve high availability and mitigate down time. For more information specific to clustering with DMZ Gateway, contact Globalscape Customer Support.

Prerequisites for DMZ Gateway in a Clustered Setup

Operating System requirements

Microsoft Clustering Service as available on:
Windows Server 2003 R2 32-bit and 64-bit (IPv6 is not supported)
Windows Server 2008 R2 (Standard, Enterprise, and Datacenter editions)

Hardware and resource requirements

A complete system for each node of the cluster (minimum of two)
A shared disk resource such as DAS, or SANS, preferably configured as a RAID-redundant array
A disk quorum for disk and resource management; a minimum of two adapters per system (one for internal cluster communications, and another for public access)

Skill Set

A systems or network administrator familiar with the organization’s structure and skilled in networking, Active Directory (AD), and cluster administration.

Configure the DMZ Gateway Cluster

Perform the steps below to configure clustering before setting up DMZ Gateway on the system.

Make sure the hardware is set up correctly and there is a shared disk resource, disk quorum, hub, or switch with Ethernet hookups between the two DMZ Gateways, as well as adapters for the crossover and for outside access, an adequate uninterruptible power supply (UPS) support for each device, and so on.
Make sure you install an operating system that supports clustering on each system.
Install Active Directory (AD) and configure the domain name service (DNS) on the first node. Choose one of DMZ Gateways to be node 1. The administrator password cannot be left blank.
Create an account for the cluster in AD with a non-blank password and assign the account to the Administrators group.
Join the second node to the AD domain.
Reboot, then log in to the first node with the cluster account.
Launch the Cluster Configuration Manager from the Add/ Remove Windows components dialog box and create a new cluster.
Complete the new cluster creation wizard, providing a name for the cluster and cluster account credentials. Allow it to manage the disk, quorum, and other shared resources. Verify the quorum drive is correct, and select the private network option. Use one adapter for the cluster nodes and the other for the public network. Specify the IP address for managing the cluster.
Run the cluster configuration tool on the second node and configure it to be an additional node in the cluster. You will need to provide the cluster name and appropriate cluster account credentials.
After you have completed the cluster configuration wizard, verify that the two nodes are set up properly from the cluster administrator dialog box. (To access the cluster administrator, click Start > Programs > Administrative Tools > Cluster Administrator.)
In the left pane, right-click the Resources folder, click New > Resource, then specify the shared IP address on which the DMZ Gateways will listen. Note that DMZ Gateway captures the IP address when the DMZ Gateway service starts, so if the IP address is changed after that, the service must be restarted to capture it.

Configure DMZ Gateway to Run in a Clustered Environment

After you install and configure clustering on the system, perform the following procedure to configure DMZ Gateway in the cluster.

Install DMZ Gateway on the active node.
Specify the installation directory for DMZ Gateway:

For DMZ Gateway 3.0-3.2.x, select the shared disk drive as the installation directory.
For DMZ Gateway 3.3.x:

For the installation files, specify a location local to the server.
For the configuration files, specify a shared disk location.

When the install completes, launch the product. Connect to DMZ Gateway using the administrator account that you created during installation.

Open the Services dialog box (in Windows Administrative Tools), open the DMZ Gateway service Properties dialog box, then switch the startup mode from Automatically to Manual.

Stop the DMZ Gateway service, close the Services dialog box, and launch the Cluster Administrator.

In the Cluster Administrator, make the second node active: In the left pane, click Groups, right-click the appropriate cluster and disk groups, then click Move Group. All resources should move from the first node over to the second node so that the second DMZ Gateway installation succeeds. If not, the shared disk will lock for the second node. It may take a few moments for the resources to switch over.

Install DMZ Gateway on the second node once it is active (also to the shared directory), following steps above, and then exit the Services dialog box without stopping the DMZ Gateway service.

Launch the administration interface, connect to the DMZ Gateway service on the second node, and configure DMZ Gateway.

Integrate DMZ Gateway into the Cluster

After you have set up the DMZ Gateway cluster and configured DMZ Gateway to run in a clustered environment, DMZ Gateway configuration is identical for both DMZ Gateways because both are using the same configuration file stored on the shared disk, saving data to the same place, and sharing the same outside-facing IP address.

To integrate DMZ Gateway into the cluster

Open the cluster administrator. In the left pane, right-click the Resources folder, click New Resource, expand the Create New Resource list, then click Generic Services.
Choose both nodes, select all resources as dependencies, then type the exact service name as displayed in the Windows Services dialog box (e.g., "DMZ Gateway Server"; it must be exact, including case.) Do not choose to replicate the registry settings.
Click Finish to add the service as a resource.

Complete Cluster Configuration and Test

After you set up the DMZ Gateway cluster, configured DMZ Gateway to run in a clustered environment, and integrated DMZ Gateway into the cluster, you should have both nodes configured with shared resources, including a shared IP address, disk array, quorum, and two DMZ Gateways.

Perform tests to ensure the system was correctly configured.

In the Cluster Manager, right-click the DMZ Gateway Server service, then click Bring Online.
Open the DMZ Gateway administration interface and verify that it is online.
In the Cluster Manager, right-click the DMZ Gateway Server service then click Bring Offline.
In the DMZ Gateway administration interface, verify that the service has stopped.
Cause a failover to confirm the service can be started on each node automatically.
Configure the remote server to connect to DMZ Gateway using the cluster IP address (IP address that the cluster shares).
Verify that the DMZ Gateway administration interface has a green light (to show that the server has connected).
Verify that the failover allows the server to continue to be connected to a DMZ Gateway in the cluster.

Your cluster setup is now complete.

If one DMZ Gateway goes down, you lose any transactions in progress until the failover goes online.

Upgrading DMZ Gateway in a Cluster

To upgrade DMZ Gateway in a cluster

Obtain the new installation file(s).
Bring down the cluster (from within the cluster manager). It is critically important that DMZ Gateway service is STOPPED on both nodes!
Verify that the DMZ Gateway service is stopped by logging in to each node and inspecting the service control panel. For extra assurance you can change the startup type to Manual from Automatic. (Make sure to switch it back before you bring the cluster back up in step 7 below.)
Run the installer on the first node and select Upgrade when prompted.
Run the installer on the second node and select Upgrade when prompted.
If you changed DMZ Gateway service startup to Manual in step 4, change it back to Automatic
Bring the cluster back up.
Verify the upgrade was successful:

Verify that DMZ Gateway is running on the primary node.
Disable the primary node and verify secondary node starts up.
Open the DMZ Gateway administration interface and verify that the version number is the same on both nodes (click Help > About).

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT Server, versions 5.x and later
Secure FTP Server (All Versions)

QUESTION

How can I move my Server from one computer to another and keep my configuration, users, permissions, etc.?

ANSWER

The process and file locations for manually copying your Server configuration from one computer to another, or if you need to rebuild the hard drive on which the Server is installed, depends on the version number of the old installation and the version number of the new installation.

In EFT Server Enterprise version 6, you can backup your server configuration on the old (EFT Server Enterprise v6) computer and then restore it on the new computer using the Migration Wizard. (NOTE: "Downgrading" from EFT Server Enterprise to EFT Server basic is not supported.)

Refer to the online help topic Backing Up or Restoring Server Configuration for details of using the Migration Wizard.
Refer to the online help topic Copying a Server Configuration to Several Computers for details of manually copying configuration.
Refer to File Location Changes for details of file location changes between versions.

In EFT Server (basic edition) version 6, the Migration Wizard is not available. To copy configuration from one EFT Server basic to another, or from EFT Server basic to EFT Server Enterprise, you must use the manual process in the online help topic Copying a Server Configuration to Several Computers.

In EFT Server versions 5 and prior and in Secure FTP Server, only manual copy/backup is available.

Refer to Copying an EFT Server Configuration to Several Computers for details of manually copying configuration.

When copying from one EFT Server to another EFT Server, simply copying the old .cfg and .aud files to the new computer might not work, because ftp.cfg contains the full path to the .aud file(s) and the path may have changed. The .aud file either must be stored at the same path where it was previously or the .aud path should be corrected in the new installation. (You can specify the new path in the Authentication Options on the Site's General tab.)

You must copy the entire folder structure from the old computer (source) to the new computer (target). If the folder structure does not exist, an error appears that says "Failed to get permission settings." The drive letters on the target system must match those on the source system for the Virtual File System (VFS) to find EFT Server root. If they do not match, all permissions and groups will be lost.

Registering the new computer with your serial number

Contact the GlobalSCAPE customer service team or your account manager so that an adjustment can be made to your account on our activation and registration server. Activation on the new server computer will not be possible until an adjustment is made, because the registration server will think the serial number is already in use.

Contact the GlobalSCAPE technical support team if your EFT Server was customized by GlobalSCAPE Professional Services or if you are trying to upgrade a server residing in a clustered environment, as slight changes to the instructions may apply.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT Server v5.x and v6.0.x

If you are upgrading to v6.1.x or later, you do NOT need to perform this procedure.

QUESTION

Can I use my SFTP keys that were generated by EFT Server v5 in EFT Server v6.0.x?

ANSWER

Yes. However, SSH FIPS functionality will not be available after performing this procedure.

To use EFT Server v5's SFTP keys in EFT Server v6.0.x

In the Windows Services dialog box, stop the EFT Server service.
Navigate to the folder where EFT Server is installed (By default, C:\Program Files\GlobalSCAPE\EFT Server Enterprise).
Create a folder called sftp_fips_backup.
Move sftp.dll and cryptopp.dll to the new folder, sftp_fips_backup.
Download sftp.zip and extract it to the EFT Server installation folder.
Start the EFT Server Service.

To restore the SSH FIPS functionality (making your EFT Server v5 keys unusable)

Stop the EFT Server service and copy the contents of sftp_fips_backup into the EFT Server installation folder. Restoring the backed up files will once again cause EFT 5 keys to be unusable.

To create new SFTP keys in EFT Server v6.0.x, refer to http://help.globalscape.com/help/eft6/Creating_an_SSH_Key_Pair.htm for the procedure.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT Server, all versions

SYMPTOM

Unable to rename or delete Usr, Bin, or Pub folders through the VFS manager in the administration interface.

RESOLUTION

EFT does not allow removal or renaming of special folders in the administration interface, because user folders are saved in these reserved paths.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT Standard v6 and later, with SAT module

DISCUSSION

When you install the Secure Ad Hoc Transfer (SAT) module on EFT Enterprise, a Custom Command and some Event Rules are automatically created, as described in SAT Event Rules in the EFT documentation. When SAT is installed on EFT Standard, because the Standard edition does not include the Scheduler (Timer) Event trigger, the Event Rules are not created automatically. This article describes how to create the Custom Command and an "Upload Notification" Event Rule manually, without the Scheduler (Timer) Event trigger. The instructions below describe how to create the Custom Command (AdHocRunCommand), the File Uploaded Event Rule (SAT - Capture Uploads for Subsequent Notify), and the Windows Task.

Copy the config file from SAT into the SATScripts folder

Copy the settings.config for the working Adhoc Site (C:\InetPub\EFTAdhoc\config) into the EFT Server SAT scripts location (C:\Program Files (x86)\GlobalSCAPE\EFT Server\SATScripts).
The email logo and notification templates are installed in C:\Program Files (x86)\GlobalSCAPE\EFT Server\SATScripts when you install SAT.

To create the AdHocRunCommand

Create the AdHocRunCommand Custom Command that you will use in the Event Rules. Click the Commands node in the left pane, then, in the right pane, click New. The Custom Command Wizard appears.

In the Name box, type AdHocRunCommand., then click Next.
In the Exe path box, paste the path for the cscript.exe executable. Depending on OS being used, type or paste the location of cscript.exe:

On a 64-bit OS:C:\Windows\SysWOW64\cscript.exe
On a 32-bit OS: C:\Windows\System32\cscript.exe

Click Next. Leave the Parameters field blank and then click Finish.

To create the "SAT - Capture Uploads for Subsequent Notify" Event Rule

Create a new Event Rule using the “On File Upload” Event Rule Trigger. Click the Event Rules node, then in the right pane, click New. The Create New Event Rule dialog box appears.

In the Event Rule name box, type SAT - Capture Uploads for Subsequent Notify.
In the Select event trigger box, click File Uploaded, then click Create. The new Event Rule appears in the Rule Builder.
In the Actions pane, click Execute command in folder. The Execute Command dialog box appears.

In the Choose an existing or create a new Command box, select the Command you just created, AdHocRunCommand.
In the Working directory box, type or paste:
C:\Program Files (x86)\GlobalSCAPE\EFT Server Enterprise\SATScripts.
In the Parameters box, type or paste:
SendUploadNotification.wsf //JOB:ON_UPLOAD %USER.HOME_FOLDER% %FS.VIRTUAL_PATH%
Click OK to save the Command Action in the Rule.
Click Apply to save the Rule.

To create a recurring notification Task

Since Timer-based triggers do not exist in EFT Standard,you must create a Task in Windows Task Scheduler.

Open the Task Scheduler (Taskschd.msc), then click Create Task. The Create Task dialog box appears.

On the General tab, in the Name box, type or paste:
SAT - Notify Sender of Upload(s) Received
In the Security options area, specify the account the task should run as, and then click Run whether user is logged on or not.

Click the Triggers tab, click New, and then configure the Trigger as shown below (Daily, every 5 minutes, Indefinitely):

Click the Actions tab, click New, then specify the Actions as shown below.
Depending on OS, in the Program/script box, browse to the folder that contains cscript.exe:

On a 64-bit OS:C:\Windows\SysWOW64\cscript.exe
On a 32-bit OS: C:\Windows\System32\cscript.exe

In the Add arguments box, type or paste the following:

SendUploadNotification.wsf //JOB:ON_TIMER

In the Start in box, type or paste:

C:\Program Files (x86)\GlobalSCAPE\EFT Server\SATScripts

Click OK to close the New Action dialog box, then click OK on the Create Task dialog box to complete the task creation.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

Mail Express, versions 3.3 and later

SYMPTOM

Downloading unusually large zipped files can cause the browser to time out.

RESOLUTION

If you routinely need to download files that would take more than the Internet Explorer (v5.x and later) default of 60 minutes, refer to the Microsoft Support article http://support.microsoft.com/kb/181050 "Let me fix it myself" section for instructions for changing the Registry subkey value from 60 minutes to a longer timeout. (This extended timeout is unnecessary for the majority of downloads.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

Mail Express, v3.3.2 and later, with Outlook 2013

DISCUSSION

When using the Mail Express Outlook Add-in with Outlook 2013, Outlook may attempt to disable the Add-in if the startup time exceeds Outlook’s predefined threshold. Slow startups can happen for a variety of reasons, the most common being other process using resources at the same time (e.g. multiple application starting when the computer is first booted up).

Globalscape has implemented all of Microsoft’s recommendations for quick and efficient startup, but slow startups can still happen for a variety of reasons, the most common being other process using resources at the same time (e.g. multiple application starting when the computer is first booted up).

Microsoft states that the startup metric measures the time required by each connected add-in during Outlook startup. Outlook then computes the median startup time over 5 successive iterations. If the median startup time exceeds 1000 milliseconds (1 second), then Outlook disables the add-in and displays a notification to the user that an add-in has been disabled. If the user decides that the performance timing required by the add-in is acceptable; the user has the choice of always enabling the add-in. An add-in that is always enabled will not be automatically disabled by Outlook based on performance criteria.

WORKAROUND

When prompted by Outlook, allow the Mail Express Outlook Add-in to always be enabled:

When the Add-In Problem message appears, click View Disabled Add-ins.
In the Disabled Add-ins dialog box, click Always enable this add-in.

Refer to "Performance criteria for keeping add-ins enabled" in this Microsoft KB article for more information.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT Server 6.x and later

**This topic is for advanced users. If you are unfamiliar withrunning Windows scripts, seek help from your network administrator or contactGlobalSCAPE support.**

DISCUSSION

Copying or migrating EFT Server configuration might benecessary for several reasons, such as:

Moving a Proof of Concept (PoC) in your staging environment without recreating all the settings and configuration data
Creating a standard configuration for installation on multiple computers
Updating EFT Server software with a fresh install rather than patching

The help topic "Copyingan EFT Server Configuration to Several Computers" provides the steps to takebefore moving EFT Server to another location.

If EFT Server's physical file system has been moved, you need to update EFTServer configuration to point to the new location. In the EFT Serveradministration interface, you specify the path to the Site's root folder;however, pointing to the new root folder causes EFT Server to lose thepermissions assigned to EFT Server’s Virtual File System (VFS).

To retain all relevant folder permissions and virtual folders, download and extract the attached scripts (scroll to the bottom of the article) and use the scripts to copy the VFS permissions to the new root folder structure as described below.

For versions prior to 6.3.8, use Pre64VFS-MigrationScript.zip
For versions 6.3.8 to 6.3.16, and all versions of 6.4, use 64VFSMigrationScripts.zip
For version 6.5 and later, use 65VFSMigrationScripts.zip

To move the Site root folder in EFT Server

Backup the following files in the EFT Server installation directory:
- FTP.cfg
- [YourSite].aud
- All .bak and .update files
- All certificates/keys/PGPkeys

STOP the corresponding Site so that user activity (such as folder creation) does not interfere with the migration process.

NOTE: If you are running EFT Server on Server 2008 R2 (or any compatible 64-bit OS), you MUST use the 32-bit CSCRIPT.exe found in the C:\Windows\SYSWOW64 folder.
Required Arguments:
Argument Description
-s EFT Server
-port admin port on EFT Server
-u admin username for EFT Server
-p admin password
-site the Site name on the server you are manipulating; You can use 0 if there is only one Site
-f path of text file to store/read data

Do one of the following, depending on your version of EFT Server:

In versions 6.3.8 and later, export Virtual Folders and Permissions:

Export folder permissions for all physical and virtual folders to a file named Permissions.txt by using the attached script 1ExportPermissions.vbs:
cscript.exe 1ExportPermissions.vbs -s localhost -port 1100 -u admin -p secret -site 0 -f permissions.txt
If you have Virtual Folders, you must export the Virtual folder references to a file named vFolders.txt using the attached script 2ExportVirtualFolders.vbs:
cscript.exe 2ExportVirtualFolders.vbs -s localhost -port 1100 -u admin -p secret -site 0 -f vFolders.txt

In versions prior to 6.3, export the permission configuration for the EFT Server Virtual File System (VFS) using the eftVFSExport.vbs script:

cscript.exe eftVFSExport.vbs -s localhost -port 1100 -u admin -p secret -site 0 -f output.txt

Copy the current Site root folder to the new location. It is important that you copy and do NOT move the file system.

Change the Site root folder to the new location:

In the administration interface, expand the Server node, then click the Site node.
On the General tab, in the Site root folder box, specify the new path, then click Apply.

Do one of the following, depending on your version of EFT Server:

In versions 6.3.8 and later, import folders, permissions, and Virtual Folders:
If you exported Virtual Folders, you must import them first by using the attached script 3ImportVirtualFolders.vbs:
cscript.exe 3ImportVirtualFolders.vbs -s localhost -port 1100 -u admin -p secret -site 0 -f vFolders.txt
Import folder permissions for all physical and virtual folders by using attached script 4ImportPermissions.vbs:
cscript.exe 4ImportPermissions.vbs -s localhost -port 1100 -u admin -p secret -site 0 -f permissions.txt
In versions prior to 6.3, restore folder permissions using the attached script eftVFSImport.vbs:
cscript.exe eftVFSImport.vbs -s localhost -port 1100 -u admin -p secret -site 0 -f output.txt

Verify that permissions have been restored and all virtual folders exist.

Review and update Event Rules to point to the new path, if necessary.

Start the sites to resume user activity.

Delete the previous root location, if necessary.

Globalscape Holiday Schedule

Globalscape offices are closed in observance of Christmas and New Year's Day. If these holidays fall on a Saturday or Sunday, we are closed on the immediately following Monday. For the 2013 holiday season, our offices will be closed:

Wednesday, December 25, 2013 in observance of Christmas
Wednesday, January 1, 2014 in observance of New Year's Day

THE INFORMATION IN THIS ARTICLE APPLIES TO:

EFT version 6.x and later

QUESTION

How can I send an email notification when a particular user uploads a file to EFT?

ANSWER

Create a File Uploaded Event Rule with the If Logon Name is Condition and the Send Notification Email Action. Then in the email, add user variables such as %USER.LOGIN% and file system variables such as %FS.FILENAME%. For multiple users, you could use the If User Groups Condition.

Alternatively, you could run the "Activity by User" report manually, as needed, or automatically in an Event Rule.

MORE INFORMATION

Refer to File Uploaded Event in the EFT help for details of configuring the email notification.
Refer to Generate Report Action for details of creating an Event Rule to periodically generate a report.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

Web Transfer Client (All Versions)

QUESTION

Is the Web Transfer Client (WTC) compatible with Microsoft Internet Explorer 7.x and later?

ANSWER

Yes, the Web Transfer Client (WTC) is compatible with Internet Explorer 7 and later; however, browser compatibility is affected by the installed Java environment.

For EFT Server 4.3.3 or below, the WTC is supported only on Java (J2SE) versions 1.4.2 through 1.5.x.

For EFT Server 4.3.4 or above, the WTC is also supported on Java SE 6 (JRE6) Version 1.6.0 (build 1.6.0_01-b06 or above).

Automating file transfers using CuteFTP Pro

How do I use the COM API to copy (duplicate) Advanced Workflows or import existing Workflow files (.aml)?

Cannot connect to EFT when using LDAPv2

TCP Firewall Port Guidelines

HTTP Status and Error Codes

EFT-Specific HTTP Error Codes

Installing or Upgrading EFT in a Cluster

Installing EFT in a ClusterConfiguration

Upgrading EFT in an ExistingCluster

Is EFT Server supported on VMWare, ESX Server, and other such virtual environments?

Windows Registry Settings (EFT Server)

Installing or Upgrading DMZ Gateway in a Cluster

Prerequisites for DMZ Gateway in a Clustered Setup

Configure the DMZ Gateway Cluster

Configure DMZ Gateway to Run in a Clustered Environment

Integrate DMZ Gateway into the Cluster

Complete Cluster Configuration and Test

Upgrading DMZ Gateway in a Cluster

Moving EFT Server from one computer to another computer

Can I use my SFTP keys that were generated by EFT Server v5 in EFT Server v6?

Unable to rename or delete Usr, Bin, or Pub folders through the VFS manager in the administration interface

Creating a SAT Notification Event Rule in EFT Standard

Downloading unusually large zipped files can cause the browser to time out

Slow startup can cause Outlook Add-in to be disabled

Changing the Root Folder of EFT Server while Retaining Permissions

Globalscape Holiday Schedule

How can I send an email notification when a particular user uploads a file to EFT?

Is the Web Transfer Client compatible with Internet Explorer 7.0?