Copy/Move (Push) File to Host Action

(Requires File Transfer Client module in EFT SMB; included in EFT Enterprise) You can configure EFT to copy or move (also known as "offload") files to a specific location using a particular protocol whenever certain Events occur, such as when a report is created. You must provide EFT with connection information (protocol and login details) and file information (source path and destination path).

The Copy/Move Action can be applied to all File System Events; the User Events "User Quota Exceeded," "User Logged In," and "User Logged Out"; and the Server Events "Timer" and "Log Rotated."

Refer to Connection Profiles for details of setting up a Connection Profile before defining the Action.

To configure EFT to copy/move files

  1. Follow the procedure in Creating Event Rules, or select the Rule to which you want to add the Action. For example, create a Scheduler (Timer) Event.

  2. In the right pane, in the Actions list, double-click Copy/Move (push) file to host.

  3. In the Rule Builder, click Copy to toggle between Copy and Move to choose the Action you want for this Rule.

  4. In the Rule Builder, click one of the undefined parameters (e.g., '/%SOURCE.FILE_NAME%').

    The Offload Action Wizard appears.

  5. In the Connection Profile box, specify a connection profile for this Event. If none is specified, you will need to configure the Connection details as described below.

  6. On the Offload method box, specify a protocol type for the connection: Local (Local File or LAN), FTP (standard File Transfer Protocol), FTP SSL/TLS (AUTH TLS), FTP with SSL (Explicit encryption), FTP with SSL (Implicit encryption), SFTP using SSH2 (Secure Shell), HTTP (HyperText Transfer Protocol), HTTPS (Secure HTTP access), Accelerated Secure Transfer.

  7. (Optional) If you selected Local (Local Files or LAN), under Optional credentials override, provide the Windows account username and Password for connecting to remote shares (not local folders).

    Think of Local Transfer as an operation (offload or download) with a remote server.

    Think of "Optional credentials override") as "credentials to access remote server."

    For download action, it is "credentials for source folder."

    For copy/move (offload ), it is "credentials for destination folder."

     

    "Credentials to access local folder" ("source" for offload and "dest" for download) is Event Rule execution context (EFT account, or Folder Monitor account for FM rules, or Connected Client account for client-originated rules on an AD site):

    • Offload: local (EFT) => remote ("override credentials")

    • Download: local (EFT) <= remote ("override credentials")

    TEST1: Offloads file from "local" Share A (access as EFT account, i.e., X) to "remote" folder B (access as Y) => Fails, as X has no permissions on A.

    TEST2: Downloads file from "remote" Share A (access as Y) to "local" folder B (access as EFT account, i.e., X) => Succeeds, as Y has permissions on A and X has permissions on B.

  8. If you chose anything but Local do the following; if you chose Local, skip to the Source File Path page step.

    1. In the Host address box, type the IP address.

    2. The Port number for the selected protocol changes automatically based on the offload method. Provide a different port number, if necessary.

    3. Provide the Username and Password needed to establish the connection.

  9. Select the Use connected client's login credentials to authenticate check box if you want to use the local system account to authenticate. The availability of this check box is controlled on the Site's Security tab by the Persist username and password credentials for use in Event Rule context variables check box.

  10. If you chose SFTP, provide the client SFTP certificate information.

  11. If you chose a protocol that uses SSL (FTPS or HTTPS), provide the client and remote server's SSL certificate information.

    1. In the Client SSL Certificate Path box, click the folder to specify the client SSL certificate path.

    2. In the Client SSL Private Key Path box, click the folder to specify the client SSL private key path.

    3. In the Client SSL Private Key Passphrase box, provide the passphrase for the client SSL certificate.

    4. In the Server SSL Certificate box, specify the remote server's certificate file. It is recommended, especially for production systems, that the EFT administrator obtain the remote server's SSL certificate and save it as a file in a place accessible by the EFT server service (such as the shared configuration path in HA mode or a local configuration path). EFT will validate that the server side of any SSL-based connection made for that event action will match the server certificate. If you do not specify an SSL certificate in this box, EFT will accept any server-provided SSL certificate, which would leave the connection open to a man-in-the-middle attack.

  12. If you are connecting to a remote host through a SOCKS server, click SOCKS.

    1. Specify the Socks Type (SOCKS4 or SOCKS5).

    2. Specify the Host name and Port.

    3. If you specified SOCKS5 and the server requires authentication, select the Use Authentication check box, then provide a Username and Password.

    4. Click OK.

  13. If you are connecting to a remote host through a proxy, click Proxy. The Proxy Settings dialog box appears.

    1. Specify the Proxy type, Host name, Port, Username, and Password.

      Using the DMZ Gateway as proxy is available only in EFT Enterprise and only if DMZ Gateway is configured and connected to EFT. Contact your system administrator for the proper host name, port, username, password, and proxy type, as well as any required advanced authentication methods.

    2. To specify an Authentication Type and login sequence, click Advanced. You must select FTP Proxy or HTTP Proxy to specify advanced settings. (Advanced proxy settings are not available when using the DMZ Gateway as the outbound proxy.)

    3. Specify one of the following Authentication Types:

      • USER user@site if your proxy server requires the USER command followed by your user name and the Site name to allow connection with a remote Site. You can change the @ symbol if a different separator is required by your proxy server.

      • SITE site if your proxy server requires the SITE command followed by the address of the remote FTP site to allow a connection.

      • USER with logon if your proxy server requires the USER command followed by a user name and password to allow connection with a remote Site.

      • USER/PASS/ACCT if your proxy server requires all three commands before allowing a connection to a remote Site.

      • OPEN site if your proxy server requires the OPEN command followed by the Site name before allowing connection to the Site.

      • Custom if your proxy server requires a login sequence different from those above. Refer to the procedure below for details of creating a custom authentication method (login sequence).

      • To create a custom authentication method for a proxy server

        1. In the Advanced Proxy Settings dialog box, click Custom, then specify the login sequence in the text box using the following variables: %host%, % user%, %pass%, %port%, %fire_pass%, %fire_user%. Be sure to type each variable with percent signs before and after, and press ENTER to separate commands.

        2. Type any other commands and variables, separating commands with a line break (press ENTER).

        3. Click OK to accept the changes and close the Advanced Proxy Settings dialog box.

    4. Click OK to accept the changes and close the Proxy Settings dialog box.

  14. To specify transfer options and time stamps, in the Offload wizard, click Advanced. The Advanced Options dialog box appears.

    1. In the General transfer options area, you can provide more control over Max concurrent transfer threads, Connection timeout, Connection retry attempts, and Delay between retries. When files are being transferred with Event Rules (copy/move), if there are connection problems (e.g., the network is unavailable), the server will attempt to establish a connection the number of times specified in Connection retry attempts. When EFT is able to re-establish the connection, it continues to transfer the file even if there are multiple interruptions.

    2. In the Use the following local IP for outbound connections box, click the down arrow to specify an IP address. If the computer has multiple IP addresses available and/or both IPv4 and IPv6 addresses, you can let EFT choose which IP address to use or you can specify which one it is to use.

    3. Select the Validate file integrity after transfer check box to specify that EFT should double check binary files to ensure the files downloaded completely and correctly. (Not applicable to SFTP.)

    4. In the Data port mode box, click the drop-down list and select one of the following (not applicable to SFTP):

      • Auto—When Auto is selected, EFT initially makes connections in PASV mode. If the PASV connection fails, EFT attempts to connect in PORT mode automatically.

      • Active—When Active mode is selected, EFT opens an additional port and tells the remote server to connect to <IP:PORT_RANGE> to establish a data connection. This is useful when the server is behind a firewall that closes all unnecessary ports. If you select this mode, specify the port range from which the client will choose. (For security best practices, Active mode is not allowed when brokering outbound connections through DMZ Gateway.)

      • Passive—When Passive mode is selected, EFT tells the remote server to provide <IP:PORT> to which EFT can connect to establish a data connection. This is useful when a client is behind a firewall that closes all unnecessary ports. Helps avoid conflicts with security systems.

    5. Select the Clear command channel check box to send FTP commands in clear text. (Only available when FTPS is specified.)

    6. Select the Clear data channel check box to transfer files without encryption. (Only available when FTPS is specified.)

    7. In the Filename encoding area, specify whether the filename is encoded as UTF-8 or ASCII.

      • To conserve Unicode file names, the remote server must support UTF-8 and advertise UTF-8 in its FEAT command.

      • To conserve Unicode file content you must transfer the file using binary transfer mode or save the file using UTF-8 encoding before offloading it in ASCII mode. (Refer to Knowledgebase article #11113 for more information.)

      • To enforce binary transfer mode for text files with UTF-8 encoded content, you should remove all the extensions from the ASCII transfer mode area in the next step or transfer files with extensions that don’t match those on the ASCII types list.

      • Text (ASCII) files transferred in binary mode will retain their carriage return (CR) and line feed (LN) hidden characters which are not supported by *nix systems by default.

    8. In the ASCII transfer mode area, specify the file types that can be transferred. Use a comma and a space between extensions. If you use only a comma with no space, then the Rule will not recognize the extension/file type. TXT, INF, HTML, and HTM are specified by default. If an asterisk (*) is specified, all files are downloaded in ASCII mode, even if that file doesn't have an extension. (To conserve Unicode file content, you must transfer the file using binary transfer mode. To force download in binary, clear the file types box.)

    9. In the Time stamps area, select one of the following:

      • Select the Preserve remote time stamp for downloaded files check box to keep the time stamp the same on the destination file as it is on remote file.

      • Select the Preserve the local time stamp for uploaded files if the server allows MDTM check box to keep an uploaded file's time stamp the same on remote server as it is on the source file system. (Not applicable to SFTP.)

    10. Click OK.

  15. (optional) To define commands to occur before and after this operation, click Pre/Post.

  16. In the Pre/post commands dialog box, you can specify one of the following operations to occur before and after the Copy/Move Action.

  17. Click Next. The Source File Path page appears.

  18. In the Source path box, provide the path to the file(s) that you want to offload. (No validation is performed.) For example, type:

    C:\Staging\*.dat or \\mydomain\common\jsmith\file.txt

    You can leave Source path blank or use %FS.PATH% to offload the files associated with the Event that triggered the Action. In a Timer Event, there is no context variable available for the path, so you must specify a filename.

  19. Select the Delete source file after it has been offloaded check box if you want to delete the file after it is copied/moved. (If the file is marked read-only, it will not be deleted.)

  20. Select the If the source file is missing treat as success check box if you want the Action to be considered successful even if the source file is missing.

  21. Click Next. The Destination File Path page appears.

  22. In the Destination path box, specify the location in which to save the offloaded file. (No validation is performed when you type a path; the Folder icon is only available for local transfers.)

    If you type a path to a folder that does not exist, the Event Rule will fail. Be sure you have the path defined correctly, e.g., make sure to use the proper slash. In general, forward slashes / are used in remote paths, and backward slashes \ are used in local Windows paths. Do not use both.

  23. Click Finish then click Apply to save the changes on EFT and/or add other Actions and Conditions to the Rule.

    If you are copying or moving the file to another location, and the file upload is a regularly occurring Event with a file of the same name, in the Offload Action wizard, add the variables %EVENT.DATESTAMP% and/or %EVENT.TIMESTAMP% to the path so that the date (YYYYMMDD) and/or time (HHMMSS) are added to the filename when it is moved/copied. Do not use %EVENT.TIME%, because the colon (e.g., 28 Aug 07 10:01:56) makes it unsuitable for file naming.

    For example, in the Offload Action wizard, in the Destination path box, provide the path and variables. For example, type:

    C:\Documents and Settings\Administrator\My Documents\upload\%EVENT.DATESTAMP%_%EVENT.TIMESTAMP%_%FS.FILE_NAME%

    With this path and variables, when a file is uploaded to the monitored folder, the file is moved to \My Documents\upload and the date and time are prepended to the filename. For example, 20080422_101212_mydailyprogress.doc.

Related Topics