CrushFTP Support Forums
  [Search] Search   [Recent Topics] Recent Topics   [Hottest Topics] Hottest Topics   [Members]  Member Listing   [Groups] Back to home page 
[Register] Register / 
[Login] Login 
Messages posted by: spinkb
Forum Index » Profile for spinkb » Messages posted by spinkb
Author Message
There is no apache. CrushFTP is a complete server, doesn't rely on anything else.

That is the file, login.html. CrushFTP dynamically alters it slightly as it serves it out to web browsers so that options can be adjusted according to the prefs. Think of it like 1% template file. The rest is taken literally.

Thanks,
Ben
Make a user in the user manager called "the_special". Give "the_special" access to the additional folders.

Now in the plugin, specify for the role "cn=Specials,ou=Development,dc=domain.dc=com" to reference "the_special".

Thanks,
Ben
Create a group for him in AD.

Configure that group in the plugin to be tied to a User Manager template account. Give access in that template account to the specified folders.

Anyone who logs in who is a member of that AD role, now gets those folders (him).

Thanks,
Ben
I really think cookies are being lost.

Or...maybe your OS localization is not English? I've seen an issue there once too for Turkish...

A chrome debug session watching the network tab and looking at the calls for everything except css, js, and images would be helpful to. Email us directly and we can do a screen sharing session to debug.

Thanks,
Ben
We'll have a new build of v7 tomorrow to address this. It will give you an option on your encrypt task to add the hinted file size to the encrypted archive. Its a new checkbox in the task.

Thanks,
Ben
Append {name} on the end of the URL so it knows to copy the filename there.

smb://...................../path/{name}

Thanks,
Ben
In your example, your SMB Url has an issue...so it couldn't connect properly.

Robocopy is connecting to what? A UNC path with credentials?
Use copy, and specify a destination using SMB not a UNC path which has no credentials. The SMB URL has credentials. But ideally...in DMZ mode, the DMZ server doesn't hold files, everything rests on the internal server and jobs all run internally...

Thanks,
Ben
These are the columns.

user{tab}pass{tab}/home/folder/{tab}(read)(write)(delete)(view)(resume)...{tab}email{tab}first_name{tab}last_name{tab}group{tab}notes


Thanks,
Ben
Is the file being encrypted by CrushTask?

Not a prior file...but a newly encrypted by CrushTask file. That still has an issue?
I assume this is resolved now with the emails to support. Let me know if not.

Thanks,
Ben
Errors in the CrushFTP log before it crashes?
Pretty sure its a simple fix...upgrade to v7.

The issue is crush task in v6 didn't write the file size into the header of the encrypted file. So IE doesn't like the download of an unknown size.

You need to upgrade anyway regardless...but now you have and excuse.

Thanks,
Ben
Have a drop-down that has a name ending with "_cascade". Now the drop-down's elements when chosen will effect the other elements later on in your overall from.


So, let’s say you have a drop-down called “order_form_cascade” and then create three options within that drop-down called, “poster”, “photo_prints”, and “generic”.


Then the following from elements have names like below:

item1_poster
item2_poster
item3_poster
item4_poster
Item5 <----is always shown since it has no matching tag on the end of it.
item6_photo_prints
item7_photo_prints
item8_generic
item9_generic
item10_generic
etc.

Its the end of the form element name that tags it to be hidden with the cascade functionality.

--Ben
Yes, using VFS collisions.

Click the + to add another extra vfs above the VFS area.

If the user's home is "bob"...then add a virtual folder called "bob". Then inside that virtual folder, add another real item.

Now when the user logs in, the /bob/ path that they start in will be a combined listing of items.

We suggest using something more generic like "home" to make the collisions easier to do.

Thanks,
Ben
A single form can be dynamically changed based on a drop down...so the entire form can change based on the selection.

Would that work?
No...you have to specify the folders. But you can specify a lower folder so it gets all user home locations...
The current build is 7.1.0_131+.

Click update now to be updated, or the download on the web page is *always* the latest, so _35 is an old build already by now.

So update now to get a new build.

Thanks,
Ben
Sorry I missed the reply here, but got your direct email. Glad you have it now.

Thanks,
Ben
I'll document this here for other people as well as its good for people to understand the whole process.

Every single SSL app uses the same sort of structure for SSL. So every SSL server's certs are interchangeable, they just sometimes package them in different ways that have other benefits.

The process:
Before anything, a private key is created that has the "CN" attribute referencing your domain name. CN=common name. There is a bunch of other "fluff" that describes you as the company too, but the single critical element is the CN. From a private key, you can generate the (C)ertificate (S)ighning (R)equest. This describes your private key in such a way that a certificate authority (CA) can vouch that you are who you say you are, and they sign the CSR and sent you the cert (CRT) file (also known as the CA reply file). This CRT is worthless without the private key. It literally points back at that specific key's unique signature, and is 100% worthless without that private key. So that is the entire process.

Now all cert authorities also do a little more in-between...they don't sign your cert with their own super super super secret CA key, they instead sign with an intermediate certificate. The structure is something like this:

CA key (super super super secret)
CA root (signed by their super super super secret)
CA intermediate (signed by their root)
your key (signed by their intermediate)

Everyone in the world trusts the CA key for say 10 years...and they also trust keys that it has signed. Its the "chain" of trust.

Now servers like Apache, and IIS may ask you for your private key, and the signed key. (The CSR is only useful to get the CRT, then its garbage. Don't save it thinking you have something useful...) They likely have a list of most server's intermediate and root certs, and they build a chain internally for you and use your keys.

CrushFTP and other servers use a "keystore" to hold the chain of keys, and these have a way to link the keys together. CrushFTP will accept either a JavaKeyStore (JKS) or a PFX, P12, (PKCS12) formatted keystore. A keystore is like a folder of keys, but with a password on the folder of keys to secure them.

So a keystore needs a private key in it, plus the root cert, plus the intermediate cert, and finally your signed cert.

So going from apache individual files to a keystore is a documented process of a few steps. You basically are importing the files into a PKCS12 keystore. Then CrushFTP can use that kesytore file directly.

A JKS keystore for practical purposes works the same as a PFX file. (Not 100% the same, but for what you care about, it is.)

Here is a link for converting Apache files into a PKCS12 file. http://www.crushftp.com/crush7wiki/Wiki.jsp?page=Openssl_key_convert

--Ben
Make sure there is no "caching" going on by Squid...

Otherwise I see no reason why it should really matter. People use apache as a reverse proxy all the time.

Is this CrushFTP 7.1?

What is logged in CrushFTP?

Is squid passing through cookies and everything?

Thanks,
Ben
Karolis wrote:BTW, I have shared a folder. And downloaded a file from that folder.
but when I look into Manage Shares, i see Download count as 0.
http://www.vips.lt/temp/Download_count.png

I can see download counts in Upload/Download reports for that user.


If this is still an issue, email us directly at support.

After the download, logout with the user to make sure their session is complete.

Let me know,
Ben
I am 99% sure this is something fixed by v7.

This is specifically related to a session object item, and we re-wrote sessions tuff in v7.

Basically its checking for an error message for the upload, and failing here...maybe the upload failed for some reason....and that is why there is no object to check, so this might be misleading.

Any chance you want to try v7 if your planning on staying current and buying that upgrade anyway? Email us directly and we will give you a two month code to try it out with so you don't need to pay for an upgrade if its not going to help.

Let me know,
Ben
Please email support directly so we can further assist. We need to do a screen sharing session.

Thanks,
Ben
This query might need to be adjusted in your prefs, user config area...

db_user_email_query

It should be correct, but may not always be correct.

Secondly, update to latest build again now, the url encoding issue should now be fixed too. 7.1.0_128+

Let me know if it still fails.

Thanks,
Ben
So its all working now then...right?
Your using XML users and not SQL though...right?

Maybe a secondary issue is SQL users...

Jozef, can you export SQL to XML, restart CrushFTP, and try it there to verify it works?

Thanks,
Ben
Your prior info.xml file looked fine and had all the references in it.

Does it still have the same event references?

Are there any log messages in relation to "event" now? Before it just had the adding item to event blah blah. Does it still have that, plus a second message indicating it had an event?

Let me know,
Ben
I would try 6.5.0_29 then to see if there is a fix there... Click update now.

Otherwise send the new log.

This might be a case where CrushFTP v7 has to be used.

Thanks,
Ben
Latest build fixes SQL, it never supported token based reset until now.

Click update now to get 7.1.0_127

Thanks,
Ben
What exact v6 version is this?

This looks like a bug.

Let me know,
Ben
When changing use rode from Xml to DB, or DB to XML, you need to restart CrushFTP as well.

That might be the issue your experiencing and the partial appearance of success too...

When on DB mode, clear out your folders of Xml items in users/MainUsers to make sure its not being used for the reset.

We tested here on XML mode and are having no issues at all. Working on getting a DB fired up for me to test with DB mode too...
This is now fixed in the latest build. 7.1.0_125+


To update to a later build in CrushFTP, login to the WebInterface, then click on Admin, then go to the About tab of the Server Admin interface that loads initially. Clicking 'Update Now' will update to the latest build. The check for update only checks the major version number, and not the _build numbers. So ignore it when it says you are up to date.

If this is Windows, and you have not installed the service, you will need to right click and run the update.bat that appears after the update runs. In some cases, you will have to do this regardless if your Windows install doesn't run this file automatically.

You can also manually grab files and add them individually from here: https://www.crushftp.com/early7
Wait...so even Xml isn't working entirely?
Click export SQL to XML, then change to XML, and try it using XML mode. Does it work then?

If so, I will debug here to figure out what is going wrong.

Thanks,
Ben
Does the user have the email configured on it?

The function folder is just a placeholder, it should be empty.

Thanks,
Ben
I'll get back to you...I have a sample from jozef.
Yes, edit the default user in the User Manager, WebInterface section, customizations, and adjust the values there. Filter on share items.

Thanks,
Ben
OK, lets just try and clear this up a bit as the two different scenarios are confusing even me.

This is what I did for a simple test to verify the event configuration is working as intended.

I made a new user, gave them access to a folder, full permissions including share.

Then I added one event, run plugin, when a share this user creates has activity: Downloads

Do the event immediately.

CrushTask (user defined)

Static plain email, no variables.

Please confirm at least this much is working for you. If not, we need to debug that first before we try and track down why you aren't seeing the variables you want. The above scenario worked perfectly for me in testing.

The next step is referencing variables.

All of the %user_ variables come from the info.xml file for the share. So you can look at the info.xml file and see the variables there. This is where the emailFrom, emailTo, etc are being pulled from for the share user. Those can be referenced in the event. If referencing inside a CrushTask event, use { } notation instead of % % notation.


Using LDAP and template users for LDAP doesn't really affect this whole scenario at all either. Once the share is created, it should be "pointing" with a linked event back to the original user the share came from...which for LDAP might complicate things...

Send me one of your info.xml files if the straight forward User Manager method works, but ldap fails.

Thanks,
Ben
Users can mange one group only. If they need to manage multiple groups, they need separate eulogies for each group. There is no subgrouping scenario like you described either.

The limited admin can make their own groups for organizational purposes....but that is all.

Thanks,
Ben
All ldap variables can be referenced like this:

%user_ldap_variable%

So if you wanted to reference an ldap attribute called personFirstName:

%user_ldap_personFirstName%

Thanks,
Ben
Better to just email us directly...support at CrushFTP.com
Please provide exact logs, or screenshots. We are misunderstanding each other entirely.

If you have connection refused, your pointing to a location that doesn't have a port listening.

Is your sftp port on 22 or 2222? What did you test towards? Make sure you change the port to be where your testing to and expecting to use.
Logging has nothing to do with this.

So your ldap config has an event, and in the second line of event triggers, you have selected downloads, and filled in the rest of it.

Then you logged out and logged in as an LDAP user, and shared a file. Then click the link, and download the file. Then logout.

Now see what all was logged for this and provide it here.

Thanks,
Ben
Connect to the admin on your internal server, use the instance selector to then change to the DMZ, and go to the prefs, FTP port. There you set the PASV port range.

Thanks,
Ben
Then those can be referenced in the event with %user_emailFrom% etc.

Is the event being triggered in the log?

Is it logging an error?

Is your event setup on your ldap template user so it applies to all the ldap users?

Thanks,
Ben
The info.xml happens when you right click, and share...its builds a temporary user in the TempAccount folder, and there you will find a info.xml file.

Thanks,
Ben
Latest version is meaningless. We produce builds daily. You are never on the latest because we have just published a new build if you think you are.

Look at the info.xml file. Does it have the field you are trying to use? emailFrom ? That is what is being referenced with user_emailFrom.

The download count is related to the reports. Are they working?

Thanks,
Ben
Set the to: to be %user_emailFrom% variable.

Then test a new share.

Thanks,
Ben
Use:

%user_emailFrom%

This comes from the info.xml file in the share account info.

%user_emailTo% is possible as well, but unlikely you want to notified the recipient...

Thanks,
Ben
 
Forum Index » Profile for spinkb » Messages posted by spinkb
Go to:   
Powered by JForum 2.1.8 © JForum Team