Enhanced File Transfer Server

Enhanced File Transfer Server COM API Manual

iii

Table Of Contents

Using the Enhanced File Transfer Server COM interface.........................1 COM interface methods and properties...................................................5 Server Interface Methods......................................................................11

Server interface................................................................................................................................11 Connecting users with the COM interface .................................................................................12

Syntax ....................................................................................................................... 12 Stopping the service with the COM interface ............................................................................12 Accessing the list of server sites with the COM interface ........................................................13 Finding the local IP address with the COM interface...............................................................13 Retrieving the local server time with the COM interface .........................................................14 Finding allowed IP masks with the COM interface ..................................................................14 Finding prohibited IP masks with the COM interface..............................................................14 Adding an IP mask with the COM interface..............................................................................15 Removing an IP mask with the COM interface.........................................................................15

Server Interface Properties ...................................................................17 Server interface................................................................................................................................17 Finding or setting the default IP access mode with the COM interface ................................18 Editing the server's connection message with the COM interface .........................................18 Editing the server's log path with the COM interface ..............................................................18 Editing the server log type with the COM interface .................................................................18 Rotating logs with the COM interface.........................................................................................19 Edit the file path for certificates with the COM interface........................................................19 Editing the file path for private key files with the COM interface..........................................20 Editing private key pass phrases with the COM interface........................................................20 Editing the administrator port with the COM interface...........................................................20 Editing the server administrator IP address with the COM interface ....................................20 Allowing remote administration with the COM interface........................................................21 Requiring SSL for remote administration with the COM interface ........................................21 Editing the mail server address with the COM interface..........................................................21 Editing the mail server port with the COM interface ...............................................................21 Editing the email user name with the COM interface...............................................................22 Editing the email password with the COM interface................................................................22

GlobalSCAPE Enhanced File Transfer Server COM Manual

iv

Choosing the server's email sender name with the COM interface ........................................22 Choosing the from address in server email with the COM interface .....................................22 Choosing email recipient names with the COM interface........................................................23 Choosing email recipient addresses with the COM interface ..................................................23 Applying changes to the server with the COM interface .........................................................23 Refreshing server settings..............................................................................................................23

Multiple Sites Interface Methods ..........................................................25 Sites interface...................................................................................................................................25 Retrieving a site's COM interface by site number .....................................................................25 Finding the number of sites ..........................................................................................................26 Retrieving a site's COM interface by site number .....................................................................26 Adding a site with the COM interface.........................................................................................26 Adding an NT authenticated site with the COM interface ......................................................27 Adding an Active Directory authenticated site ..........................................................................28 Adding an ODBC authenticated site with the COM interface................................................29 Adding a local site with the COM interface ...............................................................................31

Single Site Interface Methods ...............................................................33 Site interface ....................................................................................................................................33 Starting an individual site with the COM interface ...................................................................34 Stopping an individual site with the COM interface .................................................................35 Deleting a site with the COM interface.......................................................................................35 Site Information..............................................................................................................................35

Retrieve the number of connected users with the COM interface ............................ 35 Identifying the authentication manager for a site with the COM interface .............. 35 Retrieving a site's root folder with the COM interface ............................................. 35 Choosing a site's root folder with the COM interface .............................................. 36 Finding a site's IP address with the COM interface.................................................. 36 Setting a site's IP address with the COM interface ................................................... 36 Finding a site's IP address with the COM interface.................................................. 36 Setting a site's PORT with the COM interface ......................................................... 36 Checking a site's download speed with the COM interface...................................... 37 Checking a site's upload speed with the COM interface .......................................... 37 Retrieving the number of active downloads with the COM interface ...................... 37 Retrieving the number of active uploads with the COM interface ........................... 37 Retrieving the site start time with the COM interface .............................................. 37

Site FTP and SSL access................................................................................................................37 Verifying FTP access is enabled for a site with the COM interface......................... 37 Allowing FTP access to a site with the COM interface............................................ 38 Verifying explicit SSL is enabled for a site with the COM interface....................... 38 Verifying implicit SSL is enabled for a site with the COM interface ...................... 38 Allowing explicit SSL access to a site with the COM interface............................... 39 Allowing implicit SSL access to a site with the COM interface .............................. 39

Table Of Contents

v

Verifying FTP access is enabled for a site with the COM interface......................... 39 Allowing SFTP access to a site with the COM interface.......................................... 40

Site Certificates and Keys ..............................................................................................................40 Verifying that client certificates are required with the COM interface .................... 40 Requiring user certificates with the COM interface ................................................. 40 Changing the certificate file path with the COM interface....................................... 41 Finding the file path for certificates with the COM interface................................... 41 Finding the file path for private keys with the COM interface................................. 41 Changing the private key file path with the COM interface..................................... 41 Retrieving private key pass phrases with the COM interface................................... 41 Changing a private key pass phrase with the COM interface................................... 42 Retrieving the path to trusted certificates with the COM interface .......................... 42 Retrieving the path to pending certificates with the COM interface ........................ 42 Retrieving a list of trusted certificates ...................................................................... 42 Retrieving information for a trusted certificate ........................................................ 42 Retrieving a list of pending certificates .................................................................... 43 Retrieving information for a pending certificate ...................................................... 43 Retrieving a certificate's data string with the COM interface................................... 43 Saving a trusted certificate to a file with the COM interface ................................... 43 Deleting a trusted certificate ..................................................................................... 43 Deleting a pending certificate ................................................................................... 44 Adding a pending certificate to the trusted list ......................................................... 44

Site Folders ......................................................................................................................................44 Retrieving a list of folders with the COM interface ................................................. 44 Listing folder permissions with the COM interface ................................................. 44 Setting folder permissions with the COM interface ................................................. 45 Removing folder permissions with the COM interface ............................................ 45 Creating blank permissions with the COM interface................................................ 45 Creating a physical folder with the COM interface .................................................. 45 Creating a virtual folder with the COM interface..................................................... 46 Deleting a folder with the COM interface ................................................................ 46 Renaming a folder with the COM interface.............................................................. 46

Site Permission Groups .................................................................................................................47 Creating a permissions group with the COM interface ............................................ 47 Retrieving a list of permission groups with the COM interface ............................... 47 Deleting a permission group with the COM interface .............................................. 47 Renaming a permission group with the COM interface ........................................... 47 Adding a user to a permission group with the COM interface ................................. 48 Deleting a user from a permission group with the COM interface........................... 48 Retrieving a list of a user's permission groups with the COM interface .................. 48

Site Users and Settings Levels.......................................................................................................48 Creating a user with the COM interface ................................................................... 48 Retrieving a list of users with the COM interface .................................................... 50 Deleting a user with the COM interface ................................................................... 50 Renaming a user with the COM interface................................................................. 50 Retrieving a list of user Settings Levels with the COM interface ............................ 51


vi

Retrieving a list of users in a Settings Level with the COM interface ..................... 51 Creating a Settings Level with the COM interface................................................... 51 Deleting a Settings Level with the COM interface................................................... 51 Renaming a Settings Level with the COM interface ................................................ 52 Moving a user to a Settings Level............................................................................. 52 Changing a user's password with the COM interface ............................................... 52 Retrieving a list of a Settings Level's settings with the COM interface ................... 53 Retrieving a user's settings with the COM interface................................................. 53

Site Custom Commands ................................................................................................................54 Retrieving a list of custom commands...................................................................... 54 Retrieving a custom command's settings .................................................................. 54 Creating a new custom command............................................................................. 54 Deleting a custom command with the COM interface.............................................. 54

Site IP masks ...................................................................................................................................54 Adding an IP mask to a site with the COM interface ............................................... 54 Removing an IP mask from a site with the COM interface...................................... 55 Retrieving a list of allowed IP masks with the COM interface ................................ 55 Retrieving a list of denied IP masks with the COM interface .................................. 55

Single Site Interface Properties ............................................................57 Site interface ....................................................................................................................................57 Site Options.....................................................................................................................................58

Blocking site-to-site FTP .......................................................................................... 58 Blocking anti-time-out schemes ............................................................................... 59 Retrieving and modifying a list of banned file types................................................ 59 Handling a site's exit message with the COM interface ........................................... 60 Handling the user limit message with the COM interface........................................ 60 Checking if a site is started with the COM interface ................................................ 60 Retrieving a site's ID with the COM interface.......................................................... 60 Retrieving a site's name with the COM interface ..................................................... 60

User Options ...................................................................................................................................61 Setting the Grant Full Permissions option with the COM interface ......................... 61 Setting the Auto Create Home Folder option with the COM interface .................... 61

Connection Limits ..........................................................................................................................62 Allowing a site maximum transfer speed with the COM interface .......................... 62 Retrieving or setting maximum transfer speed with the COM interface .................. 62 Limiting concurrent connections to a site with the COM interface.......................... 63 Retrieving or setting maximum concurrent connections with the COM interface ... 63 Limiting users' connections to a site with the COM interface .................................. 63 Retrieving or setting a site's user connection limit with the COM interface ............ 64

IP Addresses....................................................................................................................................64 Limiting connections to a site from the same IP address with the COM interface .. 64 Retrieving or setting maximum concurrent connections allowed from the same IP address with the COM interface ............................................................................... 65 Limiting consecutive invalid commands with the COM interface ........................... 65

Table Of Contents

vii

Retrieving or setting the maximum number of consecutive invalid commands allowed with the COM interface............................................................................... 66 Banning connections from specific IP addresses with the COM interface............... 66 Banning IP addresses permanently or temporarily with the COM interface ............ 67 Enabling a range of ports for PASV connections with the COM interface .............. 67 Determining the IP address for PASV connections with the COM interface........... 68 Determining the low end of a PASV mode port range with the COM interface ...... 68 Setting IP addresses that have access to a site with the COM interface ................... 68 Determining the high end of a PASV mode port range with the COM interface..... 69

Permission Interface Properties............................................................71 Permissions interface......................................................................................................................71 Retrieving a folder name with the COM interface ....................................................................71 Retrieving a client or permission group name with the COM interface.................................72 Granting uploading permission with the COM interface.........................................................72 Granting deleting permission with the COM interface.............................................................72 Granting renaming permission with the COM interface..........................................................73 Granting file appending permission with the COM interface .................................................73 Granting downloading permission with the COM interface....................................................73 Granting folder creation permission with the COM interface.................................................74 Granting folder deletion permission with the COM interface.................................................74 Granting permission to see a list of folder contents with the COM interface ......................75 Showing files in a folder that usually remain hidden with the COM interface......................75 Showing read-only files with the COM interface.......................................................................76 Showing or hiding folders with the COM interface ..................................................................77

Client Settings Interface Methods.........................................................79 Client settings interface..................................................................................................................79 Checking if an account or Settings Level is enabled with the COM interface ......................80 Enabling a user account or Settings Level with the COM interface .......................................81 User settings ....................................................................................................................................82

Checking if the account home folder is the default root folder with the COM interface..................................................................................................................... 82 Setting the account home folder as the default root folder with the COM interface 82 Checking how users' log in messages are used......................................................... 83 Setting how users' log in messages are used............................................................. 84 Retrieving the log in messages for users................................................................... 84 Setting the log in messages for users ........................................................................ 85 Checking if users can have a home folder ................................................................ 85 Allowing users to have a home folder with the COM interface ............................... 85 Finding users' home folders ...................................................................................... 86 Choosing the path to users' home folders ................................................................. 86 Checking if users are restricted to a specific IP address ........................................... 86 Restricting users to a specific IP address.................................................................. 87


viii

Finding users' home IP address................................................................................. 87 Setting users' home IP address.................................................................................. 87 Retrieving a user's description .................................................................................. 88 Setting a user's description........................................................................................ 88 Checking Web Transfer Client access ...................................................................... 88 Setting Web Transfer Client access .......................................................................... 89

Allowed commands........................................................................................................................89 Checking if a user may send the NOOP command with the COM interface ........... 89 Allowing users to send the NOOP command with the COM interface .................... 90 Checking if a user can send the XCRC command with the COM interface............. 90 Allowing users to send the XCRC command with the COM interface .................... 91 Checking if users can change their passwords.......................................................... 91 Allowing users to change their passwords with the COM interface......................... 91

Connection limits............................................................................................................................92 Checking if a user can be timed out.......................................................................... 92 Enabling time outs for inactive connections............................................................. 93 Checking how long a connection can be inactive before it is closed........................ 93 Setting how long a connection can be inactive before being closed......................... 94 Checking if an account will be disabled after too many failed password attempts .. 94 Limiting failed password attempts............................................................................ 95 Retrieving the maximum number of failed login attempts allowed per user............ 95 Setting the number of failed log in attempts allowed ............................................... 96 Checking the number of failed password attempts ................................................... 96 Checking if the number of concurrent connections is limited for users ................... 96 Enabling a concurrent connection limit for users ..................................................... 97 Checking the maximum concurrent connections allowed per user .......................... 97 Setting the maximum concurrent connections allowed per user .............................. 98 Checking if an account is allowed to make SSL connections .................................. 98 Allowing users to make SSL connections with the COM interface ......................... 99 Checking if an account is allowed to make plain FTP connections ......................... 99 Allowing users to make FTP connections ................................................................ 99 Checking if the number of concurrent connections is limited for IP addresses...... 100 Enabling a concurrent connection limit for IP addresses........................................ 101 Checking the number of concurrent connections allowed from the same IP ......... 101 Setting the maximum number of concurrent connections allowed from the same IP address..................................................................................................................... 102

Transfer limits ...............................................................................................................................102 Checking if a user has a transfer speed limit .......................................................... 102 Enabling a transfer speed limit for users................................................................. 103 Checking the maximum allowed transfer speed ..................................................... 103 Setting the maximum allowed transfer speed ......................................................... 104 Checking if a user has a download size limit.......................................................... 104 Enabling a user's download size limit..................................................................... 104 Retrieving a user's download size limit .................................................................. 105 Setting the maximum file size a user is permitted to download ............................. 105 Checking if a user has a download per session limit .............................................. 105

Table Of Contents

ix

Enabling a user's download per session limit ......................................................... 106 Retrieving the number of downloads permitted to a user per session .................... 106 Setting the maximum number of downloads a user is permitted per session ......... 106 Checking if a user has an upload size limit............................................................. 107 Enabling a user's upload size limit.......................................................................... 107 Retrieving a user's upload size limit ....................................................................... 107 Setting the maximum file size a user is permitted to upload .................................. 108 Checking if a user has an upload per session limit ................................................. 108 Enabling a user's upload per session limit .............................................................. 108 Retrieving the number of uploads permitted to a user per session ......................... 109 Setting the maximum number of uploads a user is permitted per session .............. 109

Disk quotas ....................................................................................................................................110 Checking if an account has a disk quota................................................................. 110 Enabling a home folder disk quota for users .......................................................... 110 Checking the disk quota size................................................................................... 111 Setting the disk quota size....................................................................................... 111 Checking how much disk space a user has used..................................................... 112

Command Settings Interface Methods................................................113 Command settings interface........................................................................................................113 Listing users allowed to use a custom command.....................................................................113 Listing users allowed to use a command with the COM interface........................................114 Prohibiting users from using a custom command...................................................................114

Command Settings Interface Properties .............................................115 Command settings interface........................................................................................................115 Finding or changing the name of a custom command ...........................................................115 Finding or changing the name of a custom command ...........................................................116 Finding or changing the name of a custom command ...........................................................116 Enabling a custom command .....................................................................................................116 Defining custom command parameters ....................................................................................116 Requiring parameters for custom commands ..........................................................................117 Requiring a minimum number of parameters for custom commands .................................117 Choosing a message for an invalid number of command parameters..................................117 Redirecting command output to clients ....................................................................................118 Redirecting command output to a log .......................................................................................118 Enabling a time limit for a custom command..........................................................................118 Setting the time limit for a custom command..........................................................................118

Certificate Interface Properties...........................................................121 Certificate Information interface................................................................................................121 Retrieving a certificate ID ...........................................................................................................121 Retrieving a certificate description.............................................................................................122 Retrieving a certificate's start date ..............................................................................................122


x

Retrieving a certificate's expiration date ....................................................................................122 Certificate Issuer ...........................................................................................................................122

Finding who issued a certificate ............................................................................. 122 Retrieving a certificate issuer's unit ........................................................................ 123 Retrieving a certificate issuer's organization .......................................................... 123 Retrieving the issuer's common name on a certificate............................................ 123 Finding the certificate issuer's country ................................................................... 123

Certificate Subject.........................................................................................................................123 Retrieving a certificate subject's information ......................................................... 123 Retrieving a certificate subject's unit ...................................................................... 124 Retrieving a certificate subject's organization ........................................................ 124 Finding the certificate subject's country ................................................................. 124 Retrieving a certificate subject's common name..................................................... 124

Sample Scripts .....................................................................................125

1

1

Using the Enhanced File Transfer Server

COM interface You can interact with the GlobalSCAPE's Secure class products directly from your own custom applications using any COM enabled programming language such as Visual Basic (VB), Java, C++, with the development IDE of your choice. To create a new script file or program, you need to have some familiarity with programming concepts and, ideally, some experience with a COM enabled programming language. The COM interface consists of:

The SFTPCOMInterface.CIServer Class Several Interfaces The Methods and Properties for these Interfaces

Notes If you set up secure remote administration, you will not be able to use the COM

interface from remote machines. If you experience problems using COM remotely, try running your script or program

locally (on the same system that the server resides on). Due to the wide range of scripts that GlobalSCAPE Secure FTP Server is able to

accommodate we are unable to offer technical support on individual scripts other than what is available in the help files and online Knowledge Base.

If you are having trouble with your script, try to perform the desired action manually using the Administrator Interface.

If you move or copy the SFTPCOMInterface.dll file, you will also need to move or copy the SSL.dll file to the same location to use the COM interface for any SSL connections or functions.

If you are able to perform the desired actions, and in the desired sequence when using the Administrator Interface, then the problem is not with the Server. The next thing to do is to troubleshoot your script line by line.

If you use the COM interface from a remote machine, your administrator password will be sent over in plain text over the network you are using.

CIServer class


2

The SFTPCOMInterface.CIServer class is the only SFTPCOMServer class that user applications use directly. To start using the SFTP COM interface a user application should create the SFTPCOMInterface.CIServer class object, and then use its methods and properties.

Example Set SFTPServer = CreateObject("SFTPCOMInterface.CIServer")

CIServer implements the ICIServer interface.

Interfaces ICIServer interface Use the ICIServer interface to access and manage the server and its attributes ICISites Interface Use the ICISites interface to list all sites, to add sites, and to find individual sites on the server. It can be obtained by using the Sites method of the ICIServer interface.

Example Set Sites = SFTPServer.Sites

ICISite Interface Use the ICISite interface to manage individual sites on the server. It can be obtained by using the Item and SiteByID methods of the ICISites interface.

Example Set Site = Sites.Item(0)

IPermission Interface Use the IPermission interface to set and manage folder permissons. Use the ICISite::GetFolderPermissions method to get folder permissions.

Example aPerm = s.GetFolderPermissions("\pub\")

Use the ICISite::GetBlankPermission method to get blank folder permissions.

Example Set p = s.GetBlankPermission("\pub\"), "Administrative")

Note Once you have changed properties with IPermission you must call the ICISite::SetPermission method to apply your changes or create new folder permissions.

ICIClientSettings Interface

Using the COM interface

3

Use the ICIClientSettings interface to manage client user or client group settings. Use the ICISite::GetGroupSettings method to access the interface.

Example Set gs = s.GetGroupSettings(s_gr)

or use the ICISite::GetUserSettings method.

Example Set us = s.GetUserSettings(aUsr(j))

Note When you call methods or change properties of the ICIClientSettings interface, you must call ICIServer's ApplyChanges method in order for the changes to take effect.

ICICommandSettings Interface Use the ICICommandSettings interface to create or manage site custom commands. Use the ICISite::GetCommandSettings method to access the interface.

Example Set cs = s.GetCommandSettings(aCommands(i))

Note When you make changes with the ICICommandSettings interface the changes take effect immediately. You do not need to explicitly apply the changes.

ICICertInfo Interface Use the ICICertInfo interface to obtain information about certificates. Use the ICISite::GetTrustedCertificateInfo method or the ICISite::GetPendingCertificateInfo method to access the interface.

Examples Set ci = s.GetTrustedCertificateInfo(aCerts(i))

Set ci = s.GetPendingCertificateInfo(aCerts(i))

Note All the properties of the ICICertInfo interface are read only.

Related Topics Samples Overview

5

2

COM interface methods and properties This is a comprehensive list of methods and properties available for the COM interface for Server organized by API.

ICIServer interface Methods Properties

ICISites interface Methods

ICISite interface Methods Properties

IPermission interface Properties

ICICommandSettings interface Methods Properties

ICIClientSettings interface Methods

ICICertInfo interface Properties

ICIServer interface

Methods

Connect GetAllowedMasks

Close GetDeniedMasks

Sites AddIPAccessRule

GetLocalIP RemoveIPAccessRule

GetLocalTime


6

Properties

IPAccessAllowedDefault UseSSLForAdministration

ConnectMessage SMTPServer

LogPath SMTPPort

LogType SMTPLogin

LogRotation SMTPPassword

CertificateFilePath SMTPSenderName

KeyFilePath SMTPSenderAddr

PassPhrase SMTPRecipientName

AdminPort SMTPRecipientAddr

ListenIP ApplyChanges

AllowRemoteAdministration RefreshSettings

ICISites interface

Methods

Item AddNTLMSite

Count AddADSite

SiteById AddODBCSite

Add AddLocalSite

ICISite interface Methods GetConnectedCount GetKeyFilePath CreatePermissionGroup GetUserSettings

Start SetKeyFilePath GetPermissionGroups Remove

Stop GetPassPhrase RemovePermissionGroup GetCommands

GetAuthManagerID SetPassPhrase RenamePermissionGroup GetCommandSettings

GetRootFolder GetTrustedCertsPath AddUserToPermissionGroup CreateCommand

COM interface methods and properties

7

SetRootFolder GetAwaitingCertsPath RemoveUserFromPermissionGroup RemoveCommand

GetIP GetDownloadSpeed CreateUser GetTrustedCertificates

SetIP GetUploadSpeed CreateUserEx GetTrustedCertificateInfo

GetPort GetDownloadCount GetUsers GetPendingCertificates

SetPort GetUploadCount RemoveUser GetPendingCertificateInfo

GetFTPAccess GetStartTime RenameUser ExportTrustedCertificate

SetFTPAccess GetFolderList GetSettingLevels ImportTrustedCertificate

GetSSLAuth GetFolderPermissions GetSettingLevelUsers RemoveTrustedCertificate

GetSSLImp SetPermission CreateSettingLevel RemovePendingCertificate

SetSSLAuth RemovePermission RemoveSettingLevel AddCertificateToTrusted

SetSSLImp GetBlankPermission RenameSettingLevel GetAllowedMasks

GetCheckClientCert CreatePhysicalFolder MoveUserToSettingLevel GetDeniedMasks

SetCheckClientCert CreateVirtualFolder GetPermissionGroupsOfUser AddIPAccessRule

GetCertFilePath RemoveFolder ChangeUserPassword RemoveIPAccessRule

SetCertFilePath RenameFolder GetSettngsLevelSettings

Properties Name AssignFullPermissionsForHomeFolder DisconnectOnDos

ID HasMaxSpeed DOSLimit

IsStarted MaxTransferSpeed BanIPOnDos

UserLimitMessage HasMaxUsers AutoBanIPsPermanently

ExitMessage MaxConcurrentConnections EnablePortRange

VFSFilter HasMaxConnectionsPerAccount PASVListenIP

BlockAntiTimeOut MaxConnectionsPerUser PASVPortMin

BlockSiteToSite HasMaxIPPerAccount PASVPortMax

AutoCreateHomeFolder MaxConnectionsFromSameIP IPAccessAllowedDefault


8

IPermission interface Properties Folder DirCreate

Client DirDelete

FileUpload DirList

FileDelete DirShowHidden

FileRename DirShowReadOnly

FileAppend DirShowInList

FileDownload

ICIClientSettings interface Methods GetEnableAccount GetTimeOut SetClearFTP SetHasUploadsPerSession

SetEnableAccount SetTimeOut GetHasMaxIPs GetUploadsPerSession

GetHomeDirlsRoot GetHasMaxSpeed SetHasMaxIPs SetUploadsPerSession

SetHomeDirlsRoot SetHasMaxSpeed GetMaxIPs GetLoginMsg

GetAllowNoop GetMaxSpeed SetMaxIPs SetLoginMsg

SetAllowNoop SetMaxSpeed GetHasMaxDownloadSize GetLoginMsgString

GetAllowXCRC GetHasMaxUsers SetHasMaxDownloadSize SetLoginMsgString

SetAllowXCRC SetHasMaxUsers GetMaxDownloadSize GetHomeDir

GetChangePwd GetMaxUsers SetMaxDownloadSize SetHomeDir

SetChangePwd SetMaxUsers GetHasDownloadsPerSession GetHomeDirString

GetHasPwdRetries GetMaxSpace SetHasDownloadsPerSession SetHomeDirString

SetHasPwdRetries SetMaxSpace GetDownloadsPerSession GetHomeIP

GetPwdRetries GetUsedSpace SetDownloadsPerSession SetHomeIP

SetPwdRetries GetEnableDiskQuota GetHasMaxUploadSize GetHomeIPString

GetIncorrectPasswordAttempts SetEnableDiskQuota SetHasMaxUploadSize SetHomeIPString

GetEnableTimeOut GetSSL GetMaxUploadSize GetDescription

COM interface methods and properties

9

SetEnableTimeOut SetSSL SetMaxUploadSize SetDescription

GetClearFTP GetHasUploadsPerSession

ICICommandSettings interface Methods GetUserPermissions RemoveUserPermission

AddUserPermission

Properties

Name MinNumOfParams

Description MinNumOfParamsMsg

Executable RedirectOutputToClient

IsEnabled RedirectOutputToLog

Parameters EnableProcessTimeOut

RequireParams ProcessTimeOut

ICICertInfo interface

Properties

ID IssuerCountry SubjectCountry

Description IssuerCName SubjectCName

IssuerOneLine SubjectOneLine NotBefore

IssuerUnit SubjectUnit NotAfter

IssuerOrg SubjectOrg

11

3

Server Interface Methods

Server interface The ICIServer interface allows you to manage the server and access the server's attributes.

Methods Connect GetAllowedMasks




GetLocalTime

Properties IPAccessAllowedDefault UseSSLForAdministration


LogPath SMTPPort

LogType SMTPLogin









12

Connecting users with the COM interface Use the ICIServer interface Connect method to connect to the local or remote server as the administrator

Syntax

HRESULT Connect([in] BSTR Host, [in] UINT nPort, [in] BSTR Login, [in] BSTR Password);

VB Example:

Dim Server As CIServer 'assumes the SFTPCOMInterface Type Library is referenced by the VB IDE

Dim Site As CISite 'instantiates the ISite interface

Dim Sites As CISites 'instantiates the ISites interface

txtServer = "127.0.0.1" 'local IP address of server

txtPort = "1000" 'admin port

txtUserName = "Admin" 'admin username

txtPassword = "mypass" 'admin password

On Error Resume Next 'verify it could connect ok

Server.Connect txtServer, txtPort, txtUserName, txtPassword 'now connect using supplied information

If Err.Number <> 0 Then

MsgBox "Error connecting to '" & txtServer & ":" & txtPort & "' -- " & Err.Description & " [" & CStr(Err.Number) & "]", vbInformation, "Error" 'all this on one line!

End If

Set Sites = Server.Sites 'now retrieve the list of sites in the server

Set Site = Sites.Item(0) 'Instantiate the first and only, site (note, this script assumes only one site present)

'continue rest of code...

Stopping the service with the COM interface Use the ICIServer interface Close method to stop the Server Service.


13

HRESULT Close();

Accessing the list of server sites with the COM interface Use the ICIServer Interface Sites method to access the list of sites and open the ICISites interface. You can subsequently use the ICISites Item method to retrieve a pointer to a particular site.

HRESULT Sites([out, retval] ICISites** prop);

Example in VB:

Dim Server As CIServer 'assumes the SFTPCOMInterface Type Library is referenced by the VB IDE

Dim Site As CISite 'instantiates the ISite interface

Dim Sites As CISites 'instantiates the ISites interface

'insert connection routines here

'no retrieve the list of sites and then set a pointer to the first one

Set Sites = Server.Sites 'now retrieve the list of sites in the server

Set Site = Sites.Item(0)

'continue rest of code...

Related Topics Sites interface Site interface

Finding the local IP address with the COM interface Use the ICIServer interface GetLocalIP method to find the local IP address.

HRESULT GetLocalIP(

[in] long nIP,

[out, retval] BSTR *prop);


14

Retrieving the local server time with the COM interface Use the ICIServer interface GetLocalTime method to retrieve the time of day on the server.

HRESULT GetLocalTime([out, retval] BSTR *pTime);

Finding allowed IP masks with the COM interface Use the ICIServer interface GetAllowedMasks method to retrieve a list of allowed IP masks for the server.

HRESULT GetAllowedMasks([out, retval] VARIANT *aMasks);

Related topics Retrieving a list of denied IP masks for the server Adding an IP mask to the server Removing an IP mask from the server Adding an IP mask to a site Removing IP masks from a site Retrieving a list of allowed IP mask for a site Retrieving a list of denied IP masks for a site

Finding prohibited IP masks with the COM interface Use the ICIServer interface GetDeniedMasks method to retrieve a list of all prohibited IP masks for the server.

HRESULT GetDeniedMasks([out, retval] VARIANT *aMasks);

Related topics Retrieving a list of allowed IP masks for the server Adding an IP mask to the server Removing an IP mask from the server Adding an IP mask to a site Removing IP masks from a site Retrieving a list of allowed IP mask for a site


15

Retrieving a list of denied IP masks for a site

Adding an IP mask with the COM interface Use the ICIServer interface AddIPAccessRule method to add an allowed or denied IP mask to the server.

HRESULT AddIPAccessRule(

[in] BSTR bstrMask,

[in] VARIANT_BOOL bAllow);

Related topics Retrieving a list of allowed IP masks for the server Retrieving a list of denied IP masks for the server Removing an IP mask from the server Adding an IP mask to a site Removing IP masks from a site Retrieving a list of allowed IP mask for a site Retrieving a list of denied IP masks for a site

Removing an IP mask with the COM interface Use the ICIServer interface RemoveIPAccessRule method to delete an allowed or denied IP mask.

HRESULT RemoveIPAccessRule(

[in] BSTR bstrMask,


Related topics Retrieving a list of allowed IP masks for the server Retrieving a list of denied IP masks for the server Adding an IP mask to the server Adding an IP mask to a site Removing IP masks from a site Retrieving a list of allowed IP mask for a site Retrieving a list of denied IP masks for a site

17

4

Server Interface Properties

Server interface The ICIServer interface allows you to manage the server and access the server's attributes.

Methods Connect GetAllowedMasks




GetLocalTime

Properties IPAccessAllowedDefault UseSSLForAdministration


LogPath SMTPPort

LogType SMTPLogin









18

Finding or setting the default IP access mode with the COM interface Use the ICIServer interface IPAccessAllowedDefault property to find or set the default IP Access mode. TRUE = Allowed FALSE = Denied

HRESULT IPAccessAllowedDefault([out, retval] VARIANT_BOOL *pVal);

HRESULT IPAccessAllowedDefault([in] VARIANT_BOOL newVal);

Editing the server's connection message with the COM interface Use the ICIServer interface ConnectMessage property to retrieve or set the connection message sent to clients when users connect to the server.

HRESULT ConnectMessage([out, retval] BSTR *pVal);

HRESULT ConnectMessage([in] BSTR newVal);

Editing the server's log path with the COM interface Use the ICIServer interface LogPath property to retrieve or set the file path to the server's log. You must restart the server to complete any changes to the server's log path.

HRESULT LogPath([out, retval] BSTR *pVal);

HRESULT LogPath([in] BSTR newVal);

Editing the server log type with the COM interface Use the ICIServer interface LogType property to retrieve or set the server's log format. You can choose no log, or you can choose to generate a log in one of three formats.

Value Format

0 W3C


19

1 IIS

2 NCSA

3 No logging

HRESULT LogType([out, retval] int *pVal);

HRESULT LogType([in] int newVal);

Note You must restart the server for any changes to the log format to take effect.

Rotating logs with the COM interface Use the ICIServer interface LogRotation property to retrieve or set the amount of time before a new log is started. You can choose no rotation, or three different lengths of time.

Value Rotation period

0 Never

1 Daily

2 Weekly

3 Monthly

HRESULT LogRotation([out, retval] int *pVal);

HRESULT LogRotation([in] int newVal);

Note You must restart the server to complete any change to the log rotation period.

Edit the file path for certificates with the COM interface Use the ICIServer interface CertificateFilePath property to retrieve or modify the file path to the server's certificates.


20

HRESULT CertificateFilePath([out, retval] BSTR *pVal);

HRESULT CertificateFilePath([in] BSTR newVal);

Editing the file path for private key files with the COM interface Use the ICIServer interface KeyFilePath property to retrieve or modify the file path for the server's private key files.

HRESULT KeyFilePath([out, retval] BSTR *pVal);

HRESULT KeyFilePath([in] BSTR newVal);

Editing private key pass phrases with the COM interface Use the ICIServer interface PassPhrase property to retrieve or modify any certificate private key pass phrases.

HRESULT PassPhrase([out, retval] BSTR *pVal);

HRESULT PassPhrase([in] BSTR newVal);

Editing the administrator port with the COM interface Use the ICIServer interface AdminPort property to retrieve or modify the port used for connecting to administrated the server.

HRESULT AdminPort([out, retval] long *pVal);

HRESULT AdminPort([in] long newVal);

Note You must restart the server to apply any change to the server administrator port.

Editing the server administrator IP address with the COM interface Use the ICIServer interface ListenIP property to retrieve or modify the server administrator's IP address.

HRESULT ListenIP([out, retval] long *pVal);

HRESULT ListenIP([in] long newVal);


21

Allowing remote administration with the COM interface Use the ICIServer interface AllowRemoteAdministration property to allow or prohibit remote administration of the server.

HRESULT AllowRemoteAdministration([out, retval] VARIANT_BOOL *pVal);

HRESULT AllowRemoteAdministration([in] VARIANT_BOOL newVal);

Requiring SSL for remote administration with the COM interface Use the ICIServer interface UseSSLForAdministration property to enable or disable secure administration of the server over an SSL connection.

HRESULT UseSSLForAdministration([out, retval] VARIANT_BOOL *pVal);

HRESULT UseSSLForAdministration([in] VARIANT_BOOL newVal);

Note You must restart the server to apply changes made with the UseSSLForAdministration property.

Editing the mail server address with the COM interface Use the ICIServer interface SMTPServer property to retrieve or modify the address for the email server used by GlobalSCAPE Secure FTP Server for event notifications.

HRESULT SMTPServer([out, retval] BSTR *pVal);

HRESULT SMTPServer([in] BSTR newVal);

Editing the mail server port with the COM interface Use the ICIServer interface SMTPPort property to retrieve or modify the port number for the email server used by GlobalSCAPE Secure FTP Server for event notifications.

HRESULT SMTPPort([out, retval] long *pVal);


22

HRESULT SMTPPort([in] long newVal);

Editing the email user name with the COM interface Use the ICIServer interface SMTPLogin property to retrieve or modify the user name for the email server used by GlobalSCAPE Secure FTP Server for event notifications.

HRESULT SMTPLogin([out, retval] BSTR *pVal);

HRESULT SMTPLogin([in] BSTR newVal);

Editing the email password with the COM interface Use the ICIServer interface SMTPPassword property to retrieve or modify the password for the email server used by GlobalSCAPE Secure FTP Server for event notifications.

HRESULT SMTPPassword([out, retval] BSTR *pVal);

HRESULT SMTPPassword([in] BSTR newVal);

Choosing the server's email sender name with the COM interface Use the ICIServer interface SMTPSenderName property to retrieve or modify the name used in email notifications sent by GlobalSCAPE Secure FTP Server.

HRESULT SMTPSenderName([out, retval] BSTR *pVal);

HRESULT SMTPSenderName([in] BSTR newVal);

Choosing the from address in server email with the COM interface Use the ICIServer interface SMTPSenderAddr property to retrieve or modify the address in the From field of email messages sent by GlobalSCAPE Secure FTP Server for event notifications.

HRESULT SMTPSenderAddr([out, retval] BSTR *pVal);

HRESULT SMTPSenderAddr([in] BSTR newVal);


23

Choosing email recipient names with the COM interface Use the ICIServer interface SMTPRecipientName property to retrieve or modify the name of the recipient of email notifications sent by GlobalSCAPE Secure FTP Server.

HRESULT SMTPRecipientName([out, retval] BSTR *pVal);

HRESULT SMTPRecipientName([in] BSTR newVal);

Choosing email recipient addresses with the COM interface Use the ICIServer interface SMTPRecipientAddr property to retrieve or modify the email address of the recipient notifications sent by GlobalSCAPE Secure FTP Server.

HRESULT SMTPRecipientAddr([out, retval] BSTR *pVal);

HRESULT SMTPRecipientAddr([in] BSTR newVal);

Applying changes to the server with the COM interface Use the ICIServer interface ApplyChanges property to confirm and set changes you have made to GlobalSCAPE Secure FTP Server.

HRESULT ApplyChanges();

Refreshing server settings Use the ICIServer interface RefreshSettings property to reload all settings from the server.

HRESULT RefreshSettings();

25

5

Multiple Sites Interface Methods

Sites interface The ICISites interface represents the list of all sites of the server. Obtain it by using the Sites method of the ICIServer interface.

Example Set Sites = SFTPServer.Sites

ICISites interface Methods Item AddNTLMSite

Count AddADSite

SiteById AddODBCSite

Add AddLocalSite

Retrieving a site's COM interface by site number Use the ICISites interface Item method and an integer to retrieve the ICISite interface for a specific site.

Item(

[in] VARIANT* Index,

[out, retval] ICISite** prop);

Note The Index value must be between 0 and (Count-1). Example:

Set Sites = Server.Sites 'Retrieve list of sites

Set Site = Sites.Item(0) 'Instantiate the first one


26

Finding the number of sites Use the ICISites interface Count method to retrieve the number of sites you have in the server.

HRESULT Count([out, retval] long* prop);

Retrieving a site's COM interface by site number Use the ICISites interface SiteByID method to retrieve the ICISite interface.

HRESULT SiteByID(

[in] long ID,


Adding a site with the COM interface Use the ICISites interface Add method to create a new site and retrieve the site's ICISite interface.

HRESULT Add(

[in] BSTR bstrName,

[in] BSTR bstrRootFolder,

[in] int nAMID,

[in] BSTR bstrAMDB,

[in] VARIANT_BOOL bEncryptPasswords,

[in] int nIP,

[in] UINT nPort,

[in] VARIANT_BOOL bCreateHomeFolder,

[in] VARIANT_BOOL bPermHomeFolder,

[in] VARIANT_BOOL bAutoStart,


Parameters Definition

bstrName New site name

bstrRootFolder Site root folder

nAMID Authentication manager identifier


27

bstrAMDB Authentication manager database

bEncryptPasswords TRUE if database should contain encrypted passwords

nIP Index of the site IP address

nPort Port number of the site

bCreateHomeFolder TRUE means that a home folder for new site users should be created

bPermHomeFolder

TRUE means that new site users should be granted full permissions in their home folders

bAutoStart TRUE means that the site should start automatically

Adding an NT authenticated site with the COM interface Use the ICISites interface AddNTLMSite method to add a site that requires NTLM authentication to the server, and retrieve the site's COM interface.

HRESULT AddNTLMSite(

[in] BSTR bstrName,


[in] BSTR bstrDomainName,

[in] BSTR bstrAllowGroup,

[in] int nIP,

[in] UINT nPort,




28






bstrDomainName NT domain name

bstrAllowGroup NT group name




bPermHomeFolder TRUE means that new site users should be granted full permissions in their home folders


Adding an Active Directory authenticated site Use the ICISites interface AddADSite method to add a site that requires Active Directory authentication to the server, and retrieve the site's COM interface.

HRESULT AddADSite(

[in] BSTR bstrName,


[in] BSTR bstrDomainContext,

[in] BSTR bstrAllowGroup,

[in] int nIP,

[in] UINT nPort,


29








bstrDomainName Default domain context for Active Directory

bstrAllowGroup Group name




bPermHomeFolder



Adding an ODBC authenticated site with the COM interface Use the ICISites interface AddODBCSite method to add a site that uses an ODBC database for user authentication to the GlobalSCAPE Secure FTP server, and retrieve the site's COM interface.


30

HRESULT AddODBCSite(

[in] BSTR bstrName,


[in] BSTR bstrDSN,

[in] VARIANT_BOOL bEncryptPasswords,

[in] int nIP,

[in] UINT nPort,








bstrDSN Database DSN

bEncryptPasswords TRUE if the database should contain encrypted passwords




bPermHomeFolder




31

Adding a local site with the COM interface Use the ICISites interface AddLocalSite method to create a new unauthenticated site and retrieve the site's ICISite interface.

HRESULT AddLocalSite(

[in] BSTR bstrName,


[in] BSTR bstrFilePath,

[in] int nIP,

[in] UINT nPort,








bstrFilePath Path to the file that will contain user data




bPermHomeFolder



32


33

6

Single Site Interface Methods

Site interface The ICISite interface represents an FTP/HTTP site. Use this interface to manage individual sites and to access their attributes. It can be obtained by using the Item and SiteByID methods of the ICISites interface.


Methods Properties

Methods GetConnectedCount GetKeyFilePath CreatePermissionGroup GetUserSettings














34

















Starting an individual site with the COM interface Use the ICISite interface Start method to start an individual site (start listening for incoming connections).

HRESULT Start();


35

Stopping an individual site with the COM interface Use the ICISite interface Stop method to stop an individual site from listening for incoming connections.

HRESULT Stop();

Deleting a site with the COM interface Use the ICISite interface Remove method to delete a site from the server.

HRESULT Remove();

Site Information

Retrieve the number of connected users with the COM interface

Use the ICISite interface GetConnectedCount method to retrieve the number of users currently connected to a site.

HRESULT GetConnectedCount([out, retval] long* prop);

Identifying the authentication manager for a site with the COM interface

Use the ICISite Interface GetAuthManagerID method to identify or retrieve the authentication manager ID of a site. The authentication manager ID is the type of authentication used (GS Auth, NT/AD, or ODBC).

HRESULT GetAuthManagerID([out, retval] long *prop);

Retrieving a site's root folder with the COM interface

Use the ICISite interface GetRootFolder method to retrieve the root folder for an individual site.

HRESULT GetRootFolder([out, retval] BSTR *prop);


36

Choosing a site's root folder with the COM interface

Use the ICISite interface SetRootFolder method to designate the root folder for an individual site. If the site has to be restarted for the change to take effect, the SetRootFolder method will return TRUE.

HRESULT SetRootFolder(

[in] BSTR newVal,

[out, retval] VARIANT_BOOL *pNeedRestart);

Finding a site's IP address with the COM interface

Use the ICISite interface GetIP method to retrieve the IP address where a site listens for incoming connections.

HRESULT GetIP([out, retval] long *prop);

Setting a site's IP address with the COM interface

Use the ICISite interface SetIP method to set the IP address where a site listens for incoming connections. If the site must be restarted after changing IP address the SetIP method returns TRUE.

HRESULT SetIP(

[in] long newVal,


Finding a site's IP address with the COM interface

Use the ICISite interface GetPort method to retrieve the port number a site uses for connections (default for FTP connections).

HRESULT GetPORT([out, retval] UINT *prop);

Setting a site's PORT with the COM interface

Use the ICISite interface SetPort method to set the a site's default PORT (used for FTP connections). If the site must be restarted after changing the port the SetPort method returns TRUE.

HRESULT SetPort(

[in] UINT newVal,


37


Checking a site's download speed with the COM interface

Use the ICISite interface GetDownloadSpeed method to retrieve the download speed of a site.

HRESULT GetDownloadSpeed([out, retval] ULONG *pSpeed);

Checking a site's upload speed with the COM interface

Use the ICISite interface GetUploadSpeed method to retrieve the upload speed of a site.

HRESULT GetUploadSpeed([out, retval] ULONG *pSpeed);

Retrieving the number of active downloads with the COM interface

Use the ICISite interface GetDownloadCount method to retrieve the number of current active downloads.

HRESULT GetDownloadCount([out, retval] UINT *pCnt);

Retrieving the number of active uploads with the COM interface

Use the ICISite interface GetUploadCount method to retrieve the number of current active uploads.

HRESULT GetUploadCount([out, retval] UINT *pCnt);

Retrieving the site start time with the COM interface

Use the ICISite interface GetStartTime method to retrieve the time the site was started.

HRESULT GetStartTime([out, retval] BSTR *bstrStartTime);

Site FTP and SSL access

Verifying FTP access is enabled for a site with the COM interface

Use the ICISite interface GetFTPAccess method to verify that access is enabled for a site.

HRESULT GetFTPAccess([out, retval] VARIANT_BOOL *prop);


38

Value FTP Access

True Access enabled

False Access disabled

Allowing FTP access to a site with the COM interface

Use the ICISite interface SetFTPAccess method to enable or disable FTP access for a site. If the site must be restarted for the change to take effect, the SetFTPAccess method returns TRUE.

HRESULT SetFTPAccess(

[in] VARIANT_BOOL newVal,


Verifying explicit SSL is enabled for a site with the COM interface

Use the ICISite interface GetSSLAuth method to verify that explicit SSL is enabled for a site.

HRESULT GetSSLAuth([out, retval] VARIANT_BOOL *prop);

Value Explicit SSL

True Enabled

False Disabled

Verifying implicit SSL is enabled for a site with the COM interface

Use the ICISite interface GetSSLImp method to verify that implicit SSL is enabled for a site.


39

HRESULT GetSSLAuth([out, retval] VARIANT_BOOL *prop);

Value Implicit SSL

True Enabled

False Disabled

Allowing explicit SSL access to a site with the COM interface

Use the ICISite interface SetSSLAuth method to enable or disable explicit SSL for a site. If the site must be restarted for the change to take effect, the SetSSLAuth method returns TRUE.

HRESULT SetSSLAuth(



Allowing implicit SSL access to a site with the COM interface

Use the ICISite interface SetSSLImp method to enable or disable implicit SSL for a site. If the site must be restarted for the change to take effect, the SetSSLImp method returns TRUE.

HRESULT SetSSLImp(



Verifying FTP access is enabled for a site with the COM interface

Use the ICISite interface GetSFTP method to verify that SFTP (SSH) access is enabled for a site.

HRESULT GetSFTP([out, retval] VARIANT_BOOL *prop);

Value SFTP Access


40

True Access enabled

False Access disabled

Allowing SFTP access to a site with the COM interface

Use the ICISite interface SetSFTP method to enable or disable SFTP (SSH) access for a site. If the site must be restarted for the change to take effect, the SetSFTP method returns TRUE.

HRESULT SetSFTP(



Site Certificates and Keys

Verifying that client certificates are required with the COM interface

Use the ICISite GetCheckClientCert method to check that the server requires certificates from users connecting via implicit SSL. If the server does require certificates the GetCheckClientCert method returns a value of TRUE.

HRESULT GetCheckClientCert([out, retval] VARIANT_BOOL *prop);

Value Certificates

True Required

False Not required

Requiring user certificates with the COM interface

Use the ICISite interface SetCheckClientCert method to enable or disable the requirement of certificates on implicit SSL sites. If you must restart the server for the change to take effect the SetCheckClientCert method returns a value of TRUE.


41

HRESULT SetCheckClientCert(



Changing the certificate file path with the COM interface

Use the ICISite interface SetCertFilePath method to change the file path to server certificates.

HRESULT SetCertFilePath(

[in] BSTR newVal,


Finding the file path for certificates with the COM interface

Use the ICISite GetCertFilePath method to retrieve the file path for SSL certificates.

HRESULT GetCertFilePath([out, retval] BSTR *prop);

Finding the file path for private keys with the COM interface

Use the ICISite GetKeyFilePath method to retrieve the file path for private keys.

HRESULT GetKeyFilePath([out, retval] BSTR *prop);

Changing the private key file path with the COM interface

Use the ICISite interface SetKeyFilePath method to change the file path to private keys. If you must restart the server for the changes to take effect, the SetKeyFilePath method returns a value of TRUE.

HRESULT SetKeyFilePath(

[in] BSTR newVal,


Retrieving private key pass phrases with the COM interface

Use the ICISite interface GetPassPhrase method to retrieve private key pass phrases.

HRESULT GetPassPhrase([out, retval] BSTR *prop);


42

Changing a private key pass phrase with the COM interface

Use the ICISite interface SetPassPhrase method to change a private key pass phrase. If you must restart the server for the changes to take effect, the SetPassPhrase method returns a value of TRUE.

HRESULT SetPassPhrase(

[in] BSTR newVal,


Retrieving the path to trusted certificates with the COM interface

Use the ICISite interface GetTrustedCertsPath method to retrieve the file path to the server's trusted certificates.

HRESULT GetTrustedCertsPath([out, retval] BSTR *prop);

Retrieving the path to pending certificates with the COM interface

Use the ICISite interface GetAwaitingCertsPath method to retrieve the file path to the server's trusted certificates.

HRESULT GetAwaitingCertsPath([out, retval] BSTR *prop);

Retrieving a list of trusted certificates

Use the ICISite interface GetTrustedCertificates method to retrieve a list of trusted certificates.

HRESULT GetTrustedCertificates([out, retval] VARIANT *aCerts);

Retrieving information for a trusted certificate

Use the ICISite interface GetTrustedCertificateInfo method and a trusted certificate's ID to retrieve the trusted certificate's information from the server. This method will open the ICICertInfo interface.

HRESULT GetTrustedCertificateInfo(

[in] long lID,

[out, retval] ICICertInfo **prop);


43

Retrieving a list of pending certificates

Use the ICISite interface GetPendingCertificates method to retrieve a list of untrusted, pending certificates.

HRESULT GetPendingCertificates([out, retval] VARIANT *aCerts);

Retrieving information for a pending certificate

Use the ICISite interface GetPendingCertificateInfo method and a pending certificate's ID to retrieve the pending certificate's information from the server. This method will open the ICICertInfo interface.

HRESULT GetPendingCertificateInfo(

[in] long lID,

[out, retval] ICICertInfo **prop);

Retrieving a certificate's data string with the COM interface

Use the ICISite interface ExportTrustedCertificate method and a trusted certificate's ID to retrieve the actual certificate data string from the server.

HRESULT ExportTrustedCertificate(

[in] long lID,

[out, retval] BSTR *bstrCertData);

Saving a trusted certificate to a file with the COM interface

Use the ICISite interface ImportTrustedCertificate method, to save a trusted certificate to a file on the server.

HRESULT ImportTrustedCertificate([in] BSTR bstrCertPath);

Deleting a trusted certificate

Use the ICISite interface RemoveTrustedCertificate method to delete a trusted certificate from the server.

HRESULT RemoveTrustedCertificate([in] long lID);


44

Deleting a pending certificate

Use the ICISite interface RemovePendingCertificate method to delete a pending certificate from the server.

HRESULT RemovePendingCertificate([in] long lID);

Adding a pending certificate to the trusted list

Use the ICISite interface AddCertificateToTrusted method to move a pending certificate to the list of trusted certificates.

HRESULT AddCertificateToTrusted([in] long lID);

Site Folders

Retrieving a list of folders with the COM interface

Use the ICISite interface GetFolderList method and a folder name to retrieve a list of all the folder's physical and virtual subfolders. Each subfolder will be followed by a carriage return (0D0A).

HRESULT GetFolderList(

[in] BSTR bstrFolderAlias,

[out, retval] BSTR *prop);

Note If a listed subfolder also has folders within it the subfolder name will have a double-quote mark at the end. If you need to use the subfolder name in your script or program, parse out the double-quote mark.

Listing folder permissions with the COM interface

Use the ICISite interface GetFolderPermissions method to retrieve a list of all folder permissions, including inherited permissions.

HRESULT GetFolderPermissions(

[in] BSTR bstrFolder,

[out, retval] VARIANT *aPermissions);


45

Setting folder permissions with the COM interface

Use the ICISite interface SetPermission method to add folder permissions or to change existing permissions.

HRESULT SetPermission([in] IPermission *pPermission);

Removing folder permissions with the COM interface

Use the ICISite interface RemovePermission method, a folder name, and a client name to delete permissions from folders.

HRESULT RemovePermission(


[in] BSTR bstrClient);

Creating blank permissions with the COM interface

Use the ICISite interface GetBlankPermission method, a folder name, and a client name to create a new set of permissions.

HRESULT GetBlankPermission(


[in] BSTR bstrClient,

[out, retval] IPermission **pPermission);

Note Once you have defined the permissions you must use the SetPermisson method to apply the changes you have made.

Creating a physical folder with the COM interface

Use the ICISite interface CreatePhysicalFolder method and a relative path to create a new physical folder on the server.

HRESULT CreatePhysicalFolder([in] BSTR bstrNewFolder);

Note: Use forward slashes instead of back slashes. Example in VB:


46

Call Object.CreatePhysicalFolder("/folderpath/")

'another example:

MySite.CreatePhysicalFolder("/Usr/jsmith/")

'Note that backslashes "\" will not work:

MySite.CreatePhysicalFolder("\Usr\jsmith\") <--will fail!

Creating a virtual folder with the COM interface

Use the ICISite interface CreateVirtualFolder method and a file path for a physical folder to create a new virtual folder on a site.

HRESULT CreateVirtualFolder(

[in] BSTR bstrNewFolder,

[in] BSTR bstrTarget);

Note: Use forward slashes instead of back slashes. Example in VB:

Call Site.CreateVirtualFolder("/Temp", "C://WINNT//") 'creates a virtual folder called "temp" and points it to my WINNT folder on the C drive.

Deleting a folder with the COM interface

Use the ICISite interface RemoveFolder method to delete a folder from a site.

HRESULT RemoveFolder([in] BSTR bstrFolder);

Renaming a folder with the COM interface

Use the ICISite interface RenameFolder method to change a folder's name.

HRESULT RenameFolder(

[in] BSTR bstrSrcFolder,

[in] BSTR bstrDstFolder);


47

Site Permission Groups

Creating a permissions group with the COM interface

Use the ICISite interface CreatePermissionGroup method to add a new permission group to a site.

HRESULT CreatePermissionGroup([in] BSTR bstrName);

Note Permission Groups control user access to files and folders. Settings Levels control user access (bandwidth resources, banned file times, disk quota, etc.) to the server's resources.

Retrieving a list of permission groups with the COM interface

Use the ICISite GetPermissionGroups method to retrieve a list of permission groups on a site.

HRESULT GetPermissionGroups([out, retval] VARIANT *aGroups);

Note Permission Groups control user access to files and folders. Settings Levels control user access (bandwidth resources, banned file times, disk quota, etc.) to the server's resources.

Deleting a permission group with the COM interface

Use the ICISite interface RemovePermissionGroup method to delete a permission group from a site.

HRESULT RemovePermissionGroup([in] BSTR bstrName);

Renaming a permission group with the COM interface

Use the ICISite interface RenamePermissionGroup method to change the name of a permission group.

HRESULT RenamePermissionGroup(

[in] BSTR bstrOldName,

[in] BSTR bstrNewName);


48

Adding a user to a permission group with the COM interface

Use the ICISite interface AddUserToPermissionGroup method to add a user to a permission group.

HRESULT AddUserToPermissionGroup(

[in] BSTR bstrUser,

[in] BSTR bstrGroup);

Deleting a user from a permission group with the COM interface

Use the ICISite interface RemoveUserFromPermissionGroup method to delete a user from a permission group.

HHRESULT RemoveUserFromPermissionGroup(

[in] BSTR bstrUser,


Retrieving a list of a user's permission groups with the COM interface

Use the ICISite interface GetPermissionGroupsOfUser method to list all of a user's permission groups.

HRESULT GetPermissionGroupsOfUser(

[in] BSTR bstrUser,

[out, retval] VARIANT *aGroups);

Site Users and Settings Levels

Creating a user with the COM interface

Use the ICISite interface CreateUser method or the CreateUserEx method to create a new user on a site. The CreateUser method creates users with the parameters marked in bold text in the Parameters table set at default values. The CreateUserEx method allows you to set values for all parameters.

HRESULT CreateUser(

[in] BSTR bstrLogin,

[in] BSTR bstrPwd,

[in] int nPwdType,

[in] BSTR bstrDescription);


49

HRESULT CreateUserEx(

[in] BSTR bstrLogin,

[in] BSTR bstrPwd,

[in] int nPwdType,

[in] BSTR bstrDescription,

[in] BSTR bstrFullName,


[in] VARIANT_BOOL bFullPermissionsForHomeFolder,

[in, optional] BSTR bstrSettingsLevel);

Parameters Table

Parameter Input

bstrLogin User name

bstrPwd User password

nPwdType Password type (see Password Table)

bstrDescription Description of user

bstrFullName User's full name

bCreateHomeFolder TRUE if user home folder should be created and assigned

bFullPermissionsForHomeFolder TRUE if the user should have administrator rights for their home folder

bstrSettingsLevel User's settings level name or ID.

Password Table

Password value Password type

0 Regular (hashed)


50

1 Anonymous (regular with empty password)

2 Anonymous (require email as password)

3 OTP-MD4

4 OTP-MD5

5

Literal (no hash) - For use when importing shadow passwords from a *nix password file. The format must follow: $1$*$* For example, user: test, password: test would be:

site.ChangeUserPassword "test", "$1$Bn3YdWKv$.BS3Qb2UQTV4SmV1JNN.w/", 5

Note: DES format passwords are not supported. These are password formats without the salt defined, that is, without the $1$.

Retrieving a list of users with the COM interface

Use the ICISite GetUsers method to retrieve a list of users on a site.

HRESULT GetUsers([out, retval] VARIANT *aUsers);

Deleting a user with the COM interface

Use the ICISite RemoveUser method to delete a user from a site.

HRESULT RemoveUser([in] BSTR bstrLogin);

Renaming a user with the COM interface

Use the ICISite RenameUser method to change a user's name.

HRESULT RenameUser(




51

Retrieving a list of user Settings Levels with the COM interface

Use the ICISite GetSettingsLevel method to retrieve a list of Settings Levels on a site.

HRESULT GetSettingsLevel([out, retval] VARIANT *aGroups);

Note Settings Levels control user access (bandwidth resources, banned file times, disk quota, etc.) to the server's resources. Permission Groups control user access to files and folders.

Retrieving a list of users in a Settings Level with the COM interface

Use the ICISite GetSettingsLevelUsers method to retrieve a list of users assigned to a Settings Level.

HRESULT GetSettingsLevelUsers(

[in] BSTR bstrGroup,

[out, retval] VARIANT *aUsers);


Creating a Settings Level with the COM interface

Use the ICISite interface CreateSettingsLevel method to add a new Settings Level to a site.

HRESULT CreateSettingsLevel(

[in] BSTR bstrName,

[in] BSTR bstrDescription);


Deleting a Settings Level with the COM interface

Use the ICISite interface RemoveSettingsLevel method to delete a Settings Level from a site.


52

HRESULT RemoveSettingsLevel([in] BSTR bstrName);

Renaming a Settings Level with the COM interface

Use the ICISite interface RenameSettingsLevel method to rename a Settings Level.

HRESULT RenameSettingsLevel(



Moving a user to a Settings Level

Use the ICISite interface MoveUserToSettingsLevel method to move a user to a new Settings Level.

HRESULT MoveUserToSettingsLevel(

[in] BSTR bstrUser,


Changing a user's password with the COM interface

Use the ICISite interface ChangeUserPassword method to change a user's password and password type.

HRESULT ChangeUserPassword([in] BSTR bstrUser,

[in] BSTR bstrPwd,

[in] int nPwdType);

Password Table

Password value Password type

0 Regular (hashed)

1 Anonymous (regular with empty password)

2 Anonymous (require email as password)

3 OTP-MD4


53

4 OTP-MD5

5

Literal (no hash) - For use when importing shadow passwords from a *nix password file. The format must follow: $1$*$* For example, user: test, password: test would be:

site.ChangeUserPassword "test", "$1$Bn3YdWKv$.BS3Qb2UQTV4SmV1JNN.w/", 5

Note: DES format passwords are not supported. These are password formats without the salt defined, that is, without the $1$.

Retrieving a list of a Settings Level's settings with the COM interface

Use the ICISite GetSettingsLevelSettings method to retrieve a list of settings in a Settings Level.

HRESULT GetSettingsLevelSettings(

[in] BSTR bstrGroup,

[out, retval] ICIClientSettings **prop);

Note Settings Levels control user access to the GlobalSCAPE Secure FTP Server. Permission Groups control user access to files and folders.

Retrieving a user's settings with the COM interface

Use the ICISite GetUserSettings method to retrieve a list of a user's settings.

HRESULT GetUserSettings(

[in] BSTR bstrUser,

[out, retval] ICIClientSettings **prop);


54

Site Custom Commands

Retrieving a list of custom commands

Use the ICISite interface GetCommands method to retrieve a list of custom commands.

HRESULT GetCommands([out, retval] VARIANT *aCommands);

Retrieving a custom command's settings

Use the ICISite interface GetCommandSettings method to retrieve a list of a custom commands settings and to access the ICICommandSettings interface.

HRESULT GetCommandSettings(

[in] BSTR bstrCommand,

[out, retval] ICICommandSettings **prop);

Creating a new custom command

Use the ICISite interface CreateCommand method to create a new custom command for a site and to open the ICICommandSettings interface.

HRESULT CreateCommand(

[in] BSTR bstrName,

[out, retval] ICICommandSettings **prop);

Deleting a custom command with the COM interface

Use the ICISite interface RemoveCommand method to delete a custom command from a site.

HRESULT RemoveCommand([in] BSTR bstrName);

Site IP masks

Adding an IP mask to a site with the COM interface

Use the ICISite interface AddIPAccessRule method to add an allowed or denied IP mask to a site.

HRESULT AddIPAccessRule(


55

[in] BSTR bstrMask,


Removing an IP mask from a site with the COM interface

Use the ICISite interface RemoveIPAccessRule method to delete an allowed or denied IP mask from a site.

HRESULT RemoveIPAccessRule(

[in] BSTR bstrMask,


Retrieving a list of allowed IP masks with the COM interface

Use the ICISite interface GetAllowedMasks method to retrieve a list of allowed IP masks for a site.

HRESULT GetAllowedMasks([out, retval] VARIANT *aMasks);

Retrieving a list of denied IP masks with the COM interface

Use the ICISite interface GetDeniedMasks method to retrieve a list of IP masks prohibited for a site.

HRESULT GetDeniedMasks([out, retval] VARIANT *aMasks);

57

7

Single Site Interface Properties

Site interface The ICISite interface represents an FTP/HTTP site. Use this interface to manage individual sites and to access their attributes. It can be obtained by using the Item and SiteByID methods of the ICISites interface.


Methods Properties

Methods GetConnectedCount GetKeyFilePath CreatePermissionGroup GetUserSettings














58

















Site Options

Blocking site-to-site FTP

Use the ICISite interface BlockSiteToSite property to check if site-to-site transfers are blocked, and to allow or prohibit site-to-site transfers.

HRESULT BlockSiteToSite([out, retval] VARIANT_BOOL *pVal);


59

HRESULT BlockSiteToSite([in] VARIANT_BOOL newVal);

Value Site-to-

site transfers

True Blocked

False Allowed

Blocking anti-time-out schemes

Use the ICISite interface BlockAntiTimeOut property to check if the site is blocking anti-time-out traffic, or to block or allow anti-time-out traffic from clients.

HRESULT BlockAntiTimeOut([out, retval] VARIANT_BOOL *pVal);

HRESULT BlockAntiTimeOut([in] VARIANT_BOOL newVal);

Value Anti-time-out

traffic

True Blocked

False Allowed

Retrieving and modifying a list of banned file types

Use the ICISite interface VFSFilter property to retrieve or edit the list of file types banned from the site.

HRESULT VFSFilter([out, retval] BSTR *pVal);

HRESULT VFSFilter([in] BSTR newVal);


60

Handling a site's exit message with the COM interface

Use the ICISite interface ExitMessage property to retrieve or edit the exit message shown when users disconnect.

HRESULT ExitMessage([out, retval] BSTR *pVal);

HRESULT ExitMessage([in] BSTR newVal);

Handling the user limit message with the COM interface

Use the ICISite interface UserLimitMessage property to retrieve or edit the text of the message shown when the site's user limit is reached.

HRESULT UserLimitMessage([out, retval] BSTR *pVal);

HRESULT UserLimitMessage([in] BSTR newVal);

Checking if a site is started with the COM interface

Use the ICISite IsStarted property to check if a site is active and available.

HRESULT IsStarted([out, retval] BOOL *pVal);

Value Server Status

True Started

False Stopped

Retrieving a site's ID with the COM interface

Use the ICISite interface ID property to retrieve the site Identifier. This returns a read-only version of the ID.

HRESULT ID([out, retval] long *pVal);

Retrieving a site's name with the COM interface

Use the ICISite interface Name property to retrieve the name of the site. This returns a read-only version of the name.


61

HRESULT Name([out, retval] BSTR *pVal);

User Options

Setting the Grant Full Permissions option with the COM interface

Use the ICISite interface AssignFullPermissionsForHomeFolder property to check if new users will have full permissions in their home folders, and to either grant or deny users full permissions to their home folders.

HRESULT AssignFullPermissionsForHomeFolder([out, retval] VARIANT_BOOL *pVal);

HRESULT AssignFullPermissionsForHomeFolder([in] VARIANT_BOOL newVal);

Value Full home

folder permissions

True Granted

False Denied

Note The AutoCreateHomeFolder property must be set to TRUE before you can use this property. If you do not grant users full permissions to their home folders, they will inherit permissions from their groups.

Setting the Auto Create Home Folder option with the COM interface

Use the ICISite interface AutoCreateHomeFolder property to check if GlobalSCAPE Secure FTP Server will automatically create a home folder for users, and to either enable or disable the automatic folder creation.

HRESULT AutoCreateHomeFolder([out, retval] VARIANT_BOOL *pVal);

HRESULT AutoCreateHomeFolder([in] VARIANT_BOOL newVal);


62

Value Auto folder

creation

True Enabled

False Disabled

Connection Limits

Allowing a site maximum transfer speed with the COM interface

Use the ICISite interface HasMaxSpeed property to determine if the site has a maximum transfer speed limit. Also use this property to enable or disable a transfer speed limit.

HRESULT HasMaxSpeed([out, retval] VARIANT_BOOL *pVal);

HRESULT HasMaxSpeed([in] VARIANT_BOOL newVal);

Value Maximum

transfer speed

True Enabled

False Disabled

Related topic Setting the maximum transfer speed

Retrieving or setting maximum transfer speed with the COM interface

Use the ICISite interface MaxTransferSpeed property to retrieve or set the maximum transfer speed allowed on a site.

HRESULT MaxTransferSpeed([out, retval] long *pVal);

HRESULT MaxTransferSpeed([in] long newVal);

Related Topic


63

Allowing a site maximum transfer speed

Limiting concurrent connections to a site with the COM interface

Use the ICISite interface HasMaxUsers property to determine if the site has a maximum concurrent users limit. Also use this property to enable or disable the concurrent connections limit.

HRESULT HasMaxUsers([out, retval] VARIANT_BOOL *pVal);

HRESULT HasMaxUsers([in] VARIANT_BOOL newVal);

Value Maximum concurrent

connections

True Enabled

False Disabled

Related topic Setting a site's maximum allowed connections

Retrieving or setting maximum concurrent connections with the COM interface

Use the ICISite interface MaxConcurrentConnections property to retrieve or set the maximum number of concurrent connections allowed on a site.

HRESULT MaxConcurrentConnections([out, retval] long *pVal);

HRESULT MaxConcurrentConnections([in] long newVal);

Related Topic Limiting a site's concurrent connections

Limiting users' connections to a site with the COM interface

Use the ICISite interface HasMaxConnectionsPerAccount property to determine if the site limits the number of connections per user. Also use this property to enable or disable the user connection limit.


64

HRESULT HasMaxConnectionsPerAccount([out, retval] VARIANT_BOOL *pVal);

HRESULT HasMaxConnectionsPerAccount([in] VARIANT_BOOL newVal);

Value User

connection limit

True Enabled

False Disabled

Related topic Setting a site's user connection limit

Retrieving or setting a site's user connection limit with the COM interface

Use the ICISite interface MaxConnectionsPerUser property to retrieve or set the maximum number of concurrent connections a user can make to a site.

HRESULT MaxConnectionsPerUser([out, retval] long *pVal);

HRESULT MaxConnectionsPerUser([in] long newVal);

Related Topic Limiting a site's users' connections

IP Addresses

Limiting connections to a site from the same IP address with the COM interface

Use the ICISite interface HasMaxIPPerAccount property to determine if the site limits the number of concurrent connections from one IP address. Also use this property to enable or disable a limit of concurrent connections from one IP address.

HRESULT HasMaxIPPerAccount([out, retval] VARIANT_BOOL *pVal);


65

HRESULT HasMaxIPPerAccount([in] VARIANT_BOOL newVal);

Value Maximum

connections from same

IP

True Enabled

False Disabled

Related topic Setting a site's maximum allowed connections from the same IP address

Retrieving or setting maximum concurrent connections allowed from the same IP address with the COM interface

Use the ICISite interface MaxConnectionsFromSameIP property to retrieve or set the maximum number of concurrent connections allowed from one IP address to a site.

HRESULT MaxConnectionsFromSameIP([out, retval] long *pVal);

HRESULT MaxConnectionsFromSameIP([in] long newVal);

Related Topic Limiting connections from the same IP address

Limiting consecutive invalid commands with the COM interface

Use the ICISite interface DisConnectOnDOS property to determine if the site will disconnect after a certain number consecutive invalid commands. Also use this property to enable or disable such disconnections.

HRESULT DisconnectOnDOS([out, retval] VARIANT_BOOL *pVal);

HRESULT DisconnectOnDOS([in] VARIANT_BOOL newVal);

Value Disconnect after n


66

invalid commands

True Enabled

False Disabled

Related topic Setting the maximum number of consecutive invalid commands allowed

Retrieving or setting the maximum number of consecutive invalid commands allowed with the COM interface

Use the ICISite interface DOSLimit property to retrieve or set the number of consecutive invalid commands that will cause the site to disconnect a user.

HRESULT DOSLimit([out, retval] long *pVal);

HRESULT DOSLimit([in] long newVal);

Related Topic Limiting invalid commands

Banning connections from specific IP addresses with the COM interface

Use the ICISite interface BanIPOnDOS property to determine if the server will automatically ban connections from an IP address that has sent too many consecutive invalid commands. Use the same property to enable or disable automatic bans.

HRESULT BanIPOnDOS([out, retval] VARIANT_BOOL *pVal);

HRESULT BanIPOnDOS([in] VARIANT_BOOL newVal);

Value Banning IPs

True Enabled

False Disabled


67

Related topics Choosing to ban IP addresses temporarily or permanently

Banning IP addresses permanently or temporarily with the COM interface

Use the ICISite interface AutoBanIPsPermanently property to determine if the server will permanently or temporarily ban connections from an IP address that has sent too many consecutive invalid commands.

HRESULT AutoBanIPsPermanently([out, retval] VARIANT_BOOL *pVal);

HRESULT AutoBanIPsPermanently([in] VARIANT_BOOL newVal);

Value Banning IPs

True Permanently

False Temporarily

Related topics Banning connections from IP addresses that send too many invalid commands

Enabling a range of ports for PASV connections with the COM interface

Use the ICISite interface EnablePortRange property to determine if a specific IP address and port ranges have been assigned for PASV connections to the site. Use the same property to enable or disable the use of a specific IP address and port ranges.

HRESULT EnablePortRange([out, retval] VARIANT_BOOL *pVal);

HRESULT EnablePortRange([in] VARIANT_BOOL newVal);

Related topics Determining an IP address for PASV connections Determining the lowest port in a range for PASV connections Determining the highest port in a range for PASV connections


68

Determining the IP address for PASV connections with the COM interface

Use the ICISite interface PASVListenIP property to determine or set the IP address where the site listens for PASV mode connections.

HRESULT PASVListenIP([out, retval] long *pVal);

HRESULT PASVListenIP([in] long newVal);

Related topics Enabling a range of ports for PASV connections Determining the lowest port in a range for PASV connections Determining the highest port in a range for PASV connections

Determining the low end of a PASV mode port range with the COM interface

Use the ICISite interface PASVPortMin property to determine or set the lowest port in a range where a site listens for PASV connections.

HRESULT PASVPortMin([out, retval] long *pVal);

HRESULT PASVPortMin([in] long newVal);

Related topics Enabling a range of ports for PASV connections Determining an IP address for PASV connections Determining the highest port in a range for PASV connections

Setting IP addresses that have access to a site with the COM interface

Use the ICISite interface IPAccessAllowedDefault property to determine which IP addresses are denied or allowed by default. Use the same property to deny or allow a range of IP addresses based on masks you choose with the AddIPAccessRule method.

HRESULT IPAccessAllowedDefault([out, retval] VARIANT_BOOL *pVal);

HRESULT IPAccessAllowedDefault([in] VARIANT_BOOL newVal);


69

Value Default

IP addresses

True Allowed

False Denied

Related topics Adding an IP mask to a site Removing an IP mask from a site Retrieving a list of allowed IP masks Retrieving a list of denied IP masks

Determining the high end of a PASV mode port range with the COM interface

Use the ICISite interface PASVPortMin property to determine or set the highest port in a range where a site listens for PASV connections.

HRESULT PASVPortMax([out, retval] long *pVal);

HRESULT PASVPortMax([in] long newVal);

Related topics Enabling a range of ports for PASV connections Determining an IP address for PASV connections Determining the lowest port in a range for PASV connections

71

8

Permission Interface Properties

Permissions interface The ICIPermissions interface represents the permissions for folders. Obtain it by using the GetFolderPermissions method of the ICISite interface. You can also use the GetBlankPermission method to start with no permissions.

Examples aPerm = s.GetFolderPermissions("\pub\")

Set p = s.GetBlankPermission("\pub\", "Administrative")

Properties Folder DirCreate

Client DirDelete

FileUpload DirList

FileDelete DirShowHidden

FileRename DirShowReadOnly

FileAppend DirShowInList

FileDownload

Note Changing properties in the IPermission interface has no effect until you call the ICISite SetPermission method.

Retrieving a folder name with the COM interface Use the IPermission interface Folder property to retrieve a folder's name.

HRESULT Folder([out, retval] BSTR *pVal);


72

Retrieving a client or permission group name with the COM interface Use the IPermission interface Client property to retrieve a client's name or a permission group's name.

HRESULT Client([out, retval] BSTR *pVal);

Granting uploading permission with the COM interface Use the IPermission interface FileUpload property to determine if group or client has permission to upload to a folder, and to allow or deny uploading permisson.

HRESULT FileUpload([out, retval] VARIANT_BOOL *pVal);

HRESULT FileUpload([in] VARIANT_BOOL newVal);

Value Uploads

True Allowed

False Prohibited

Granting deleting permission with the COM interface Use the IPermission interface FileDelete property to determine if a group or client has permissions to delete files and folders from a folder, and to allow or deny deletions.

HRESULT FileDelete([out, retval] VARIANT_BOOL *pVal);

HRESULT FileDelete([in] VARIANT_BOOL newVal);

Value Deletion

True Allowed

False Prohibited


73

Granting renaming permission with the COM interface Use the IPermission interface FileRename property to determine if a group or client has permissions to rename files and folders in a folder, and to allow or deny renaming permission.

HRESULT FileRename([out, retval] VARIANT_BOOL *pVal);

HRESULT FileRename([in] VARIANT_BOOL newVal);

Value Renaming

True Allowed

False Prohibited

Granting file appending permission with the COM interface Use the IPermission interface FileAppend property to determine if a group or client has permissions to append files in a folder, and to allow or deny appending permission.

HRESULT FileAppend([out, retval] VARIANT_BOOL *pVal);

HRESULT FileAppend([in] VARIANT_BOOL newVal);

Value Appending

True Allowed

False Prohibited

Granting downloading permission with the COM interface Use the IPermission interface FileDownload property to determine if group or client has permission to download from a folder, and to allow or deny downloading permisson.

HRESULT FileDownload([out, retval] VARIANT_BOOL *pVal);


74

HRESULT FileDownload([in] VARIANT_BOOL newVal);

Value Downloads

True Allowed

False Prohibited

Granting folder creation permission with the COM interface Use the IPermission interface DirCreate property to determine if a group or client has permissions to create folders within a folder, and to allow or deny folder creation permission.

HRESULT DirCreate([out, retval] VARIANT_BOOL *pVal);

HRESULT DirCreate([in] VARIANT_BOOL newVal);

Value Folder creation

True Allowed

False Prohibited

Granting folder deletion permission with the COM interface Use the IPermission interface DirDelete property to determine if a group or client has permissions to delete folders within a folder, and to allow or prohibit folder deletion.

HRESULT DirDelete([out, retval] VARIANT_BOOL *pVal);

HRESULT DirDelete([in] VARIANT_BOOL newVal);

Value Folder


75

deletion

True Allowed

False Prohibited

Granting permission to see a list of folder contents with the COM interface Use the IPermission interface Dirlist property to determine if a group or client has permissions to see a list of folder contents, and to allow or deny permission to see folder lists.

HRESULT DirList([out, retval] VARIANT_BOOL *pVal);

HRESULT DirList([in] VARIANT_BOOL newVal);

Value Folder lists

True Allowed

False Prohibited

Related topics Showing hidden files Showing read-only files Showing or hiding folders

Showing files in a folder that usually remain hidden with the COM interface Use the IPermission interface DirShowHidden property to determine if a group or client can see hidden files, and to display or hide hidden files.

HRESULT DirShowHidden([out, retval] VARIANT_BOOL *pVal);

HRESULT DirShowHidden([in] VARIANT_BOOL newVal);


76

Value Hidden files

True Displayed

False Hidden

Note You must allow folder listing before you can choose to hide or display hidden files.

Related topics Showing a list of folder contents Showing read-only files Showing or hiding folders

Showing read-only files with the COM interface Use the IPermission interface DirShowReadOnly property to determine if a group or client can see read-only files, and to display or hide read-only files.

HRESULT DirShowReadOnly([out, retval] VARIANT_BOOL *pVal);

HRESULT DirShowReadOnly([in] VARIANT_BOOL newVal);

Value Read-only files

True Displayed

False Hidden

Note You must allow folder listing before you can choose to hide or display read-only files.

Related topics Showing a list of folder contents Showing hidden files Showing or hiding folders


77

Showing or hiding folders with the COM interface Use the IPermission interface DirShowInList property to determine if a group or client can see a folder, and to display or hide the folder.

HRESULT DirShowInList([out, retval] VARIANT_BOOL *pVal);

HRESULT DirShowInList([in] VARIANT_BOOL newVal);

Value Folder

True Displayed

False Hidden

Related topics Showing a list of folder contents Showing hidden files Showing read-only files

79

9

Client Settings Interface Methods

Client settings interface The ICIClientSettings interface allows you to make changes to specific user accounts or Settings Levels. Access the ICIClientSettings interface with either the ICISite GetUserSettings method or the ICISite GetSettingsLevelSettings method.

Examples Set gs = s.GetSettingsLevelSettings(s_gr)

Set us = s.GetUserSettings(aUsr(j))

SFTPAdvBool Datatype Some methods of the ICIClientSettings interface use the SFTPAdvBool datatype. It is an enumeration datatype and it is similar to VARIANT_BOOL, but it has one additional value: abInherited. When a user setting is given the abInherited value, it means the user setting is inherited from the user's Settings Level.

SFTPAdvBool datatype definition typedef enum

{

abFalse = 0,

abTrue = 1,

abInherited = -2

} SFTPAdvBool;

Note When you change a user account or Settings Level with the ICIClientSettings interface, you must call ICIServer's ApplyChanges method in order for the changes to take effect.

Methods GetEnableAccount GetTimeOut SetClearFTP SetHasUploadsPerSession

SetEnableAccount SetTimeOut GetHasMaxIPs GetUploadsPerSession

GetHomeDirlsRoot GetHasMaxSpeed SetHasMaxIPs SetUploadsPerSession


80

SetHomeDirlsRoot SetHasMaxSpeed GetMaxIPs GetLoginMsg

GetAllowNoop GetMaxSpeed SetMaxIPs SetLoginMsg

SetAllowNoop SetMaxSpeed GetHasMaxDownloadSize GetLoginMsgString

GetAllowXCRC GetHasMaxUsers SetHasMaxDownloadSize SetLoginMsgString

SetAllowXCRC SetHasMaxUsers GetMaxDownloadSize GetHomeDir

GetChangePwd GetMaxUsers SetMaxDownloadSize SetHomeDir

SetChangePwd SetMaxUsers GetHasDownloadsPerSession GetHomeDirString

GetHasPwdRetries GetMaxSpace SetHasDownloadsPerSession SetHomeDirString

SetHasPwdRetries SetMaxSpace GetDownloadsPerSession GetHomeIP

GetPwdRetries GetUsedSpace SetDownloadsPerSession SetHomeIP

SetPwdRetries GetEnableDiskQuota GetHasMaxUploadSize GetHomeIPString

GetIncorrectPasswordAttempts SetEnableDiskQuota SetHasMaxUploadSize SetHomeIPString

GetEnableTimeOut GetSSL GetMaxUploadSize GetDescription

SetEnableTimeOut SetSSL SetMaxUploadSize SetDescription

GetAppletEnabled SetAppletEnabled GetClearFTP GetHasUploadsPerSession

Checking if an account or Settings Level is enabled with the COM interface Use the ICIClientSettings GetEnableAccount method to check if a user account or Settings level is enabled.

HRESULT GetEnableAccount(

[out, optional] VARIANT_BOOL *pInherited,

[out, retval] VARIANT_BOOL *pVal);

Value Account status

0 Disabled

1 Enabled


81

Enabling a user account or Settings Level with the COM interface Use the ICIClientSettings interface SetEnableAccount method to enable a user account or Settings Level.

HRESULT SetEnableAccount([in] SFTPAdvBool val);


0 Disable

1 Enable

-2 Inherit

Note You need to obtain a handle to the specific user or settings level from ICISite's GetUserSettings method or ICISite's GetSettingsLevelSettings method before you can perform an action upon that user or settings level. Here is a sample code snippet using PHP that demonstrates this technique:

<?php // first create server object $Server = new COM("SFTPCOMInterface.CIServer") or die("Unable to instantiate Server"); // connect to server $Server->Connect("localhost",1000,"admin","admin"); // get handle to list of sites $Sites = $Server->Sites(); // chose your site. On most one-site systems this will be "0" $MySite = $Sites->Item(0); // Pull the settings for the user that you want. $Settings = $MySite->GetUserSettings("juser");


82

// enable or disable or inherit. // Enable is 1. Disable is 0. Inherit is -2 // Notice that you apply this to the settings for the user that you just pulled $Settings->SetEnableAccount(1); // Be sure to apply the settings or else nothing will really change $Server->ApplyChanges(); // close the connection. $Server->Close(); ?>

User settings

Checking if the account home folder is the default root folder with the COM interface

Use the ICIClientSettings GetHomeDirIsRoot method to check if a user account home folder is set as the user's default root folder.

HRESULT GetHomeDirIsRoot(



Value Home

folder is root

0 No

1 Yes

Setting the account home folder as the default root folder with the COM interface

Use the ICIClientSettings SetHomeDirIsRoot method to set a user's home folder as the user's default root folder.

HRESULT SetHomeDirIsRoot([in] SFTPAdvBool val);


83

Value Home

folder is root

0 No

1 Yes

-2 Inherited

Checking how users' log in messages are used

Use the ICIClientSettings GetLoginMsg method to find the whether the server uses the default log in message, adds a custom string to the default message, replaces the default message with a custom string, or if the server uses no login message.

HRESULT GetLoginMsg(


[out, retval] long *pVal);

Value Process type

0 Use default

-1 Add to default

-2 Replace default

-3 None

Related topic Setting how the login message is used Retrieving the log in messages for users


84

Setting the log in messages for users

Setting how users' log in messages are used

Use the ICIClientSettings SetLoginMsg method to choose whether the server uses the default log in message, adds a custom string to the default message, replaces the default message with a custom string, or if the server uses no log in message.

HRESULT SetLoginMsg([in] long val);

Value Process type

0 Use default

-1 Add to default

-2 Replace default

-3 None

Related topic Checking how the login message is used Retrieving the log in messages for users Setting the log in messages for users

Retrieving the log in messages for users

Use the ICIClientSettings GetLoginMsgString method to retrieve a login message.

HRESULT GetLoginMsgString([out, retval] BSTR *prop);

Related topic Checking how the login message is used Setting how the login message is used Setting the log in messages for users


85

Setting the log in messages for users

Use the ICIClientSettings SetLoginMsgString method to create a login message.

HRESULT SetLoginMsgString([in] BSTR bstrVal);

Related topic Checking how the login message is used Setting how the login message is used Retrieving the log in messages for users

Checking if users can have a home folder

Use the ICIClientSettings GetHomeDir method to find the whether the user or Settings Level can have a home folder.

HRESULT GetHomeDir(



Related topics Allowing users to have a home directory Finding users' home directories Choosing users' home directories

Allowing users to have a home folder with the COM interface

Use the ICIClientSettings SetHomeDir method to allow users to have a home folder. Use the same method to prohibit users from having a home folder.

HRESULT SetHomeDir([in] long val);

Related topics Checking if users can have a home directory Finding users' home directories Choosing users' home directories


86

Finding users' home folders

Use the ICIClientSettings GetHomeDirString method to retrieve the path to a user or Settings Level home folder.

HRESULT GetHomeDirString([out, retval] BSTR *prop);

Related topics Checking if users can have a home directory Allowing users to have a home directory Choosing users' home directories

Choosing the path to users' home folders

Use the ICIClientSettings SetHomeDirString method to set the path to a user or Settings Level home folder.

HRESULT SetHomeDirString([in] BSTR bstrVal);

Related topics Checking if users can have a home directory Allowing users to have a home directory Finding users' home directories

Checking if users are restricted to a specific IP address

Use the ICIClientSettings GetHomeIP method to find the whether a user or Settings Level is restricted to connections on one specific IP address.

HRESULT GetHomeIP(



Related topics Restricting users to one IP address Finding users' home IP address


87

Setting users' home IP address

Restricting users to a specific IP address

Use the ICIClientSettings SetHomeIP method to restrict a user or Settings Level to connections on one specific IP address.

HRESULT SetHomeIP([in] long val);

Related topics Checking if users are restricted to one IP address Finding users' home IP address Setting users' home IP address

Finding users' home IP address

Use the ICIClientSettings GetHomeIPString method to retrieve the IP address where the user or Settings Level must make connections.

HRESULT GetHomeIPString([out, retval] BSTR *prop);

Related topics Checking if users are restricted to one IP address Restricting users to one IP address Setting users' home IP address

Setting users' home IP address

Use the ICIClientSettings SetHomeIPString method to designate the IP address where the user or Settings Level must make connections.

HRESULT SetHomeIPString([in] BSTR bstrVal);

Related topics Checking if users are restricted to one IP address Restricting users to one IP address Finding users' home IP address


88

Retrieving a user's description

Use the ICIClientSettings GetDescription method to retrieve the description for a user or Settings Level.

HRESULT GetDescription([out, retval] BSTR *prop);

Related topic Setting a user's description

Setting a user's description

Use the ICIClientSettings SetDescription method to enter the description for a user or Settings Level.

HRESULT SetDescription([in] BSTR bstrVal);

Related topic Retrieving a user's description

Checking Web Transfer Client access

Use the ICIClientSettings GetAppletEnabled method to check the client applet access setting for a user or Settings Level.

GetAppletEnabled([out, optional]VARIANT_BOOL *pInherited,[out, retval] VARIANT_BOOL *pVal);

Example: Querying the state:

slSettings = GetSettingsLevelSettings("Default Settings")

bEnabled = slSettings.GetAppletEnabled( bInherited )


89

Setting Web Transfer Client access

Use the ICIClientSettings SetAppletEnabled method to set the client applet access setting for a user or Settings Level.

SetAppletEnabled([in]SFTPAdvBool val);

Example: Setting the enabled/disabled state:

slSettings = GetSettingsLevelSettings("Default Settings")

slSettings.SetAppletEnabled( True )

Allowed commands

Checking if a user may send the NOOP command with the COM interface

Use the ICIClientSettings GetAllowNoop method to check if a user is allowed to use the NOOP command to keep a connection open.

HRESULT GetAllowNoop(



Value NOOP command

0 Prohibited

1 Allowed


90

Allowing users to send the NOOP command with the COM interface

Use the ICIClientSettings interface SetAllowNoop method to allow a user to send the NOOP command to keep a connection open. Use the same method to prohibit the user from sending the NOOP command.

HRESULT SetAllowNoop([in] SFTPAdvBool val);

Value NOOP command

0 Prohibit

1 Allow

-2 Inherit

Checking if a user can send the XCRC command with the COM interface

Use the ICIClientSettings GetAllowXCRC method to check if a user can send the XCRC command to confirm successful transfer.

HRESULT GetAllowXCRC(




0 Disabled

1 Enabled


91

Allowing users to send the XCRC command with the COM interface

Use the ICIClientSettings interface SetAllowXCRC method to allow a user to send the XCRC command to confirm transfers. Use the same method to prohibit the user from sending the XCRC command.

HRESULT SetAllowXCRC([in] SFTPAdvBool val);

Value XCRC command

0 Prohibit

1 Allow

-2 Inherit

Checking if users can change their passwords

Use the ICIClientSettings GetChangePwd method to check if users can change their passwords.

HRESULT GetChangePwd(



Value Change password

0 Prohibited

1 Allowed

Allowing users to change their passwords with the COM interface

Use the ICIClientSettings interface SetChangePwd method to allow a user to change passwords. Use the same method to prohibit the user from changing passwords.


92

HRESULT SetChangePwd([in] SFTPAdvBool val);

Value Change password

0 Prohibit

1 Allow

-2 Inherit

Connection limits

Checking if a user can be timed out

Use the ICIClientSettings GetEnableTimeOut method to check if a user will be timed out after their connection is inactive too long.

HRESULT GetEnableTimeOut(



Value Timed out

0 No

1 Yes

Related topic Enabling connection timeouts Checking how long a connection can be inactive Setting the time a connection can be inactive


93

Enabling time outs for inactive connections

Use the ICIClientSettings interface SetEnableTimeOut method to enable the timeout feature for a user or Settings Level. Use the same method to disable the timeout feature.

HRESULT SetEnableTimeOut([in] SFTPAdvBool val);

Value Timeout

0 Disable

1 Enable

-2 Inherit

Related topic Checking if a user can be timed out Checking how long a connection can be inactive Setting the time a connection can be inactive

Checking how long a connection can be inactive before it is closed

Use the ICIClientSettings GetTimeOut method to find the number of seconds the server will allow a user's connection to be inactive before closing the connection.

HRESULT GetTimeOut(



Related topic Checking if a user can be timed out Enabling connection timeouts Setting the time a connection can be inactive


94

Setting how long a connection can be inactive before being closed

Use the ICIClientSettings SetTimeOut method to choose the number of seconds the server will wait before closing a user's inactive connection.

HRESULT SetTimeOut([in] long val);

Related topic Checking if a user can be timed out Enabling connection timeouts Checking how long a connection can be inactive

Checking if an account will be disabled after too many failed password attempts

Use the ICIClientSettings GetHasPwdRetries method to determine if a user account will be disabled after trying too many bad passwords in a row.

HRESULT GetHasPwdRetries(



Value Max

password retries

0 Unlimited

1 Limited

Related topic Enabling a user's failed password limit Retrieving the number of failed log in attempts allowed Setting the number of failed log in attempts allowed


95

Limiting failed password attempts

Use the ICIClientSettings interface SetHasPwdRetries method to disable an account if a user enters bad passwords too many times in a row. Use the same method to allow an unlimited number of bad passwords.

HRESULT SetHasPwdRetries([in] SFTPAdvBool val);

Value Password

Retry limit

0 Disable

1 Enable

-2 Inherit

Related topic Checking if a user has a failed password limit Retrieving the number of failed log in attempts allowed Setting the number of failed log in attempts allowed

Retrieving the maximum number of failed login attempts allowed per user

Use the ICIClientSettings GetPwdRetries method to determine the number of times a user can try to connect with an incorrect password.

HRESULT GetPwdRetries(



Related topic Checking if a user has a failed password limit Enabling a user's failed password limit Setting the number of failed log in attempts allowed


96

Setting the number of failed log in attempts allowed

Use the ICIClientSettings SetPwdRetries method to choose the maximum number of times a user can try to connect to the server with incorrect log in information.

HRESULT SetPwdRetries([in] long val);

Related topic Checking if a user has a failed password limit Enabling a user's failed password limit Retrieving the number of failed log in attempts allowed

Checking the number of failed password attempts

Use the ICIClientSettings GetIncorrectPasswordAttempts method to show how many times a user has tried to connect with incorrect log in information.

HRESULT GetIncorrectPasswordAttempts(



Checking if the number of concurrent connections is limited for users

Use the ICIClientSettings GetHasMaxUsers method to check if a user account has a maximum number of allowed concurrent connections.

HRESULT GetHasMaxUsers(



Value Max connections

0 Unlimited

1 Limited


97

Related topic Checking for a user's connection limit Enabling a user's connection limit Checking the maximum connections limit Setting the maximum connections limit

Enabling a concurrent connection limit for users

Use the ICIClientSettings interface SetHasMaxUsers method to limit a user to a maximum number of concurrent connections. Use the same method to turn off the limit.

HRESULT SetHasMaxUsers([in] SFTPAdvBool val);

Value Connection limit

0 Disable

1 Enable

-2 Inherit

Related topic Checking for a user's connection limit Enabling a user's connection limit Checking the maximum connections limit Setting the maximum connections limit

Checking the maximum concurrent connections allowed per user

Use the ICIClientSettings GetMaxUsers method to determine the maximum number of concurrent connections allowed for an account or Settings Level.

HRESULT GetMaxUsers(




98

Related topic Checking for a user's connection limit Enabling a user's connection limit Setting the maximum connections limit

Setting the maximum concurrent connections allowed per user

Use the ICIClientSettings SetMaxUsers method to choose the maximum number of concurrent connections a user can make, either for an individual account or through a Settings Level.

HRESULT SetMaxUsers([in] long val);

Related topic Checking for a user's connection limit Enabling a user's connection limit Checking the maximum connections limit

Checking if an account is allowed to make SSL connections

Use the ICIClientSettings GetSSL method to determine if a user account can make connections using SSL over FTP.

HRESULT GetSSL(



Value SSL Connections

0 Prohibited

1 Allowed


99

Allowing users to make SSL connections with the COM interface

Use the ICIClientSettings interface SetSSL method to allow a user to connect using SSL over FTP. Use the same method to prohibit the user from making SSL connections.

HRESULT SetSSL([in] SFTPAdvBool val);

Value SSL Connections

0 Prohibit

1 Allow

-2 Inherit

Checking if an account is allowed to make plain FTP connections

Use the ICIClientSettings GetClearFTP method to determine if a user account can make connections using unsecured FTP.

HRESULT GetClearFTP(



Value FTP Connections

0 Prohibited

1 Allowed

Allowing users to make FTP connections

Use the ICIClientSettings interface SetClearFTP method to allow a user to connect using unsecure FTP. Use the same method to prohibit the user from making unsecure FTP connections.


100

HRESULT SetClearFTP([in] SFTPAdvBool val);

Value FTP Connections

0 Prohibit

1 Allow

-2 Inherit

Checking if the number of concurrent connections is limited for IP addresses

Use the ICIClientSettings GetHasMaxIPs method to check if IP addresses have a maximum number of allowed concurrent connections.

HRESULT GetHasMaxIPs(



Value Max IP connections

0 Unlimited

1 Limited

Related topic Enable an IP connection limit Checking the number of connections allowed from the same IP Setting the maximum connections for IP addresses


101

Enabling a concurrent connection limit for IP addresses

Use the ICIClientSettings interface SetHasMaxIPs method to limit the maximum number of concurrent connections from the same IP address. Use the same method to turn off the limit.

HRESULT SetHasMaxIPs([in] SFTPAdvBool val);

Value Connection limit

0 Disable

1 Enable

-2 Inherit

Related topic Checking for an IP connection limit Checking the number of connections allowed from the same IP Setting the maximum connections for IP addresses

Checking the number of concurrent connections allowed from the same IP

Use the ICIClientSettings GetMaxIPs method to determine the number of concurrent connections allowed from the same IP address.

HRESULT GetMaxIPs(



Related topic Checking for an IP connection limit Enabling an IP address connection limit Setting the maximum connections for IP addresses


102

Setting the maximum number of concurrent connections allowed from the same IP address

Use the ICIClientSettings SetMaxIPs method to choose the number of concurrent connections allowed from the same IP address.

HRESULT SetMaxIPs([in] long val);

Related topic Checking for an IP connection limit Enabling an IP address connection limit Checking the number of connections allowed from the same IP

Transfer limits

Checking if a user has a transfer speed limit

Use the ICIClientSettings GetHasMaxSpeed method to check if a user account has a maximum allowed transfer speed.

HRESULT GetHasMaxSpeed(



Value Max Speed

0 Disabled

1 Enabled

Related topic Enabling the transfer speed limit


103

Checking the maximum allowed speed Choosing the maximum allowed speed

Enabling a transfer speed limit for users

Use the ICIClientSettings interface SetHasMaxSpeed method to limit a user to a maximum transfer speed. Use the same method to turn off the limit.

HRESULT SetHasMaxSpeed([in] SFTPAdvBool val);

Value Speed limit

0 Disable

1 Enable

-2 Inherit

Related topic Checking for a transfer speed limit Checking the maximum allowed speed Choosing the maximum allowed speed

Checking the maximum allowed transfer speed

Use the ICIClientSettings GetMaxSpeed method to determine, in kilobytes per second, the maximum transfer speed allowed for an account or Settings Level.

HRESULT GetMaxSpeed(



Related topic Checking for a transfer speed limit Enabling the transfer speed limit Checking the maximum allowed speed


104

Choosing the maximum allowed speed

Setting the maximum allowed transfer speed

Use the ICIClientSettings SetMaxSpeed method to the speed at which an account or Settings Level can transfer file. The number you enter represents kilobytes per second.

HRESULT SetMaxSpeed([in] long val);

Related topic Checking for a transfer speed limit Enabling the transfer speed limit Checking the maximum allowed speed

Checking if a user has a download size limit

Use the ICIClientSettings GetHasMaxDownloadSize method to determine if there is a maximum file size a user is allowed to download.

HRESULT GetHasMaxDownloadSize(



Related topic Enabling a user's download size limit Retrieving a download size limit Setting the maximum download size limit

Enabling a user's download size limit

Use the ICIClientSettings SetHasMaxDownloadSize method to limit a user to a maximum download size.

HRESULT SetHasMaxDownloadSize([in] SFTPAdvBool val);


105

Related topic Checking if a user has a download size limit Retrieving a download size limit Setting the maximum download size limit

Retrieving a user's download size limit

Use the ICIClientSettings GetMaxDownloadSize method to determine the maximum file size, in kilobytes, a user is allowed to download.

HRESULT GetMaxDownloadSize(



Related topic Checking if a user has a download size limit Enabling a user's download size limit Setting the maximum download size limit

Setting the maximum file size a user is permitted to download

Use the ICIClientSettings SetMaxDownloadSize method to choose the maximum file size, in kilobytes, a user is permitted download.

HRESULT SetMaxDownloadSize([in] long val);

Related topic Checking if a user has a download size limit Enabling a user's download size limit Retrieving a download size limit

Checking if a user has a download per session limit

Use the ICIClientSettings GetHasDownloadsPerSession method to determine if there is a maximum number of files a user is allowed to download per session.

HRESULT GetHasDownloadsPerSession(




106

Related topic Enabling a user's download per session limit Retrieving the number of downloads allowed per session Setting the number of downloads allowed per session

Enabling a user's download per session limit

Use the ICIClientSettings SetHasDownloadsPerSession method to limit a user to a maximum number of downloads per session.

HRESULT SetHasDownloadsPerSession([in] SFTPAdvBool val);

Related topic Checking if a user has a download per session limit Retrieving the number of downloads allowed per session Setting the maximum number of downloads allowed per session

Retrieving the number of downloads permitted to a user per session

Use the ICIClientSettings GetDownloadsPerSession method to determine the maximum number of downloads a user is permitted per session.

HRESULT GetDownloadsPerSession(



Related topic Enabling a user's download per session limit Checking if a user has a download per session limit Setting the maximum download per session limit

Setting the maximum number of downloads a user is permitted per session

Use the ICIClientSettings SetDownloadsPerSession method to choose the maximum number of downloads a user is permitted per session.


107

HRESULT SetDownloadsPerSession([in] long val);

Related topic Enabling a user's download per session limit Checking if a user has a download per session limit Retrieving a download per session limit

Checking if a user has an upload size limit

Use the ICIClientSettings GetHasMaxUploadSize method to determine if there is a maximum file size a user is allowed to upload.

HRESULT GetHasMaxUploadSize(



Related topic Enabling a user's download size limit Retrieving an upload size limit Setting the maximum upload size limit

Enabling a user's upload size limit

Use the ICIClientSettings SetHasMaxUploadSize method to limit a user to a maximum upload size.

HRESULT SetHasMaxUploadSize([in] SFTPAdvBool val);

Related topic Checking if a user has a download size limit Retrieving a download size limit Setting the maximum download size limit

Retrieving a user's upload size limit

Use the ICIClientSettings GetMaxUploadSize method to determine the maximum file size, in kilobytes, a user is allowed to upload.


108

HRESULT GetMaxUploadSize(



Related topic Setting the maximum upload size limit

Setting the maximum file size a user is permitted to upload

Use the ICIClientSettings SetMaxUploadSize method to choose the maximum file size, in kilobytes, a user is permitted upload.

HRESULT SetMaxUploadSize([in] long val);

Related topic Retrieving a upload size limit

Checking if a user has an upload per session limit

Use the ICIClientSettings GetHasUploadsPerSession method to determine if there is a maximum number of files a user is allowed to upload per session.

HRESULT GetHasUploadsPerSession(



Related topic Enabling a user's upload per session limit Retrieving the number of uploads allowed per session Setting the number of uploads allowed per session

Enabling a user's upload per session limit

Use the ICIClientSettings SetHasUploadsPerSession method to limit a user to a maximum number of uploads per session.

HRESULT SetHasUploadsPerSession([in] SFTPAdvBool val);


109

Related topic Checking if a user has an upload per session limit Retrieving the number of uploads allowed per session Setting the number of uploads allowed per session

Retrieving the number of uploads permitted to a user per session

Use the ICIClientSettings GetUploadsPerSession method to determine the maximum number of uploads a user is permitted per session.

HRESULT GetUploadsPerSession(



Related topic Checking if a user has an upload per session limit Enabling a user's upload per session limit Setting the maximum upload per session limit

Setting the maximum number of uploads a user is permitted per session

Use the ICIClientSettings SetUploadsPerSession method to choose the maximum number of uploads a user is permitted per session.

HRESULT SetUploadsPerSession([in] long val);

Related topic Checking if a user has an upload per session limit Enabling a user's upload per session limit Retrieving an upload per session limit


110

Disk quotas

Checking if an account has a disk quota

Use the ICIClientSettings GetEnableDiskQuota method to determine if a user account's home folder space is restricted.

HRESULT GetEnableDiskQuota(



Value Disk Quota

0 Disabled

1 Enabled

Related topic Checking disk quota size Enabling a disk quota Setting disk quota size Checking current space used

Enabling a home folder disk quota for users

Use the ICIClientSettings interface SetEnableDiskQuota method to limit the amount of space a user can use in a home folder. Use the same method to turn off the limit.

HRESULT SetEnableDiskQuota([in] SFTPAdvBool val);

Value Disk Quota

0 Disable

1 Enable


111

-2 Inherit

Related topic Checking if a disk quota is enabled Checking disk quota size Setting disk quota size Checking current space used

Checking the disk quota size

Use the ICIClientSettings GetMaxSpace method to determine the amount of space a user can use in a home folder. The number returned represents kilobytes.

HRESULT GetMaxSpace(



Related topic Checking if a disk quota is enabled Enabling a disk quota Setting disk quota size Checking current space used

Setting the disk quota size

Use the ICIClientSettings SetMaxSpace method to choose the amount of space, in kilobytes, a user can use in a home folder.

HRESULT SetMaxSpace([in] long val);

Related topic Checking if a disk quota is enabled Checking disk quota size Enabling a disk quota Checking current space used


112

Checking how much disk space a user has used

Use the ICIClientSettings GetUsedSpace method to determine the amount of disk space, in kilobytes, a user has used in a home folder.

HRESULT GetUsedSpace(



Related topic Checking if a disk quota is enabled Checking disk quota size Enabling a disk quota Setting disk quota size

113

10

Command Settings Interface Methods

Command settings interface The ICICommandSettings interface allows you to make changes to the settings of site custom commands. Access the ICICommandSettings interface with the ICISite GetCommandSettings method.


Note When you change a custom command with the ICICommandSettings interface, you must call ICIServer's ApplyChanges method in order for the changes to take effect.

Methods GetUserPermissions RemoveUserPermission

AddUserPermission

Properties Name MinNumOfParams






Listing users allowed to use a custom command Use the ICICommandSettings interface GetUserPermissions method to retrieve a list of users or Settings Levels that have permission to use a custom command.


114

HRESULT GetUserPermissions([out, retval] VARIANT *aUsers);

Related topics Listing users allowed to use a custom command Allowing users a custom command Prohibiting users from using a custom command

Listing users allowed to use a command with the COM interface Use the ICICommandSettings interface AddUserPermission method to add a user or Settings Levels to the list of those allowed to use a specific command.

HRESULT AddUserPermission([in] BSTR bstrUser);

Related topics Listing users allowed to use a custom command Prohibiting users from using a custom command

Prohibiting users from using a custom command Use the ICICommandSettings interface RemoveUserPermission method to remove a user or Settings Level from the list of those that have permission to use a custom command.

HRESULT RemoveUserPermission([in] BSTR bstrUser);

Related topics Listing users allowed to use a custom command Allowing users a custom command

115

11

Command Settings Interface Properties

Command settings interface The ICICommandSettings interface allows you to make changes to the settings of site custom commands. Access the ICICommandSettings interface with the ICISite GetCommandSettings method.


Note When you change a custom command with the ICICommandSettings interface, you must call ICIServer's ApplyChanges method in order for the changes to take effect.

Methods GetUserPermissions RemoveUserPermission

AddUserPermission

Properties Name MinNumOfParams






Finding or changing the name of a custom command Use the ICICommandSettings interface Name property to retrieve the name of a custom command. You can also use the property to change the name.


116

HRESULT Name([out, retval] BSTR *pVal);

HRESULT Name([in] BSTR newVal);

Finding or changing the name of a custom command Use the ICICommandSettings interface Description property to retrieve the description of a custom command. You can also use the property to change the description.

HRESULT Description([out, retval] BSTR *pVal);

HRESULT Description([in] BSTR newVal);

Finding or changing the name of a custom command Use the ICICommandSettings interface Executable property to retrieve or change the path to a custom command's executable program.

HRESULT Executable([out, retval] BSTR *pVal);

HRESULT Executable([in] BSTR newVal);

Enabling a custom command Use the ICICommandSettings interface IsEnabled property to check if a custom command is available, and to either enable or disable a custom command.

HRESULT IsEnabled([out, retval] VARIANT_BOOL *pVal);

HRESULT IsEnabled([in] VARIANT_BOOL newVal);

Defining custom command parameters Use the ICICommandSettings interface Parameters property to retrieve or change a custom command's parameters.

HRESULT Parameters([out, retval] BSTR *pVal);

HRESULT Parameters([in] BSTR newVal);


117

Requiring parameters for custom commands Use the ICICommandSettings interface RequireParams property to check if a custom command must have parameters. Use the same property to require or parameters, or to allow custom commands without parameters.

HRESULT RequireParams([out, retval] VARIANT_BOOL *pVal);

HRESULT RequireParams([in] VARIANT_BOOL newVal);

Related topics Requiring a minimum number of parameters Choosing an invalid parameter count message

Requiring a minimum number of parameters for custom commands Use the ICICommandSettings interface MinNumOfParams property to check if a custom command must have a minimum number of parameters. Use the same property to set the minimum number of required parameters. You can use any integer from 0 to 10.

HRESULT MinNumOfParams([out, retval] long *pVal);

HRESULT MinNumOfParams([in] long newVal);

Related topics Requiring parameters for custom commands Choosing an invalid parameter count message

Choosing a message for an invalid number of command parameters Use the ICICommandSettings interface MinNumOfParamsMsg property to check or change the message sent when the wrong number of parameters is entered for a command.

HRESULT MinNumOfParamsMsg([out, retval] BSTR *pVal);

HRESULT MinNumOfParamsMsg([in] BSTR newVal);

Related topics Requiring a minimum number of parameters Requiring parameters for custom commands


118

Redirecting command output to clients Use the ICICommandSettings interface RedirectOutputToClient property to check if output is sent to users. Also use the property to send output to users.

HRESULT RedirectOutputToClient([out, retval] VARIANT_BOOL *pVal);

HRESULT RedirectOutputToClient([in] VARIANT_BOOL newVal);

Related topics Redirect command output to a log

Redirecting command output to a log Use the ICICommandSettings interface RedirectOutputToClient property to check if output is sent to a log. Also use the property to send output to a log.

HRESULT RedirectOutputToLog([out, retval] VARIANT_BOOL *pVal);

HRESULT RedirectOutputToLog([in] VARIANT_BOOL newVal);

Related topics Redirect command output to users

Enabling a time limit for a custom command Use the ICICommandSettings interface EnableProcessTimeOut property to check if a custom command has a time limit, and to either enable or disable the time limit.

HRESULT EnableProcessTimeOut([out, retval] VARIANT_BOOL *pVal);

HRESULT EnableProcessTimeOut([in] VARIANT_BOOL newVal);

Related topic Setting the time limit for a custom command

Setting the time limit for a custom command Use the ICICommandSettings interface ProcessTimeOut property to check how long a custom command time limit will be, and to set a time limit, in seconds.


119

HRESULT ProcessTimeOut([out, retval] long *pVal);

HRESULT ProcessTimeOut([in] long newVal);

Related topic Enabling a time limit for a custom command

121

12

Certificate Interface Properties

Certificate Information interface The ICICertInfo interface allows you to retrieve information about certificates. Access the ICICertInfo interface with either the ICISite GetTrustedCertificateInfo method or the ICISite GetPendingCertificateInfo method.

Examples Set ci = s.GetTrustedCertificateInfo(aCerts(i))

Set ci = s.GetPendingCertificateInfo(aCerts(i))

Properties ID IssuerCountry SubjectCountry

Description IssuerCName SubjectCName

IssuerOneLine SubjectOneLine NotBefore

IssuerUnit SubjectUnit NotAfter

IssuerOrg SubjectOrg

Note All properties of the ICICertInfo are Read-Only.

Retrieving a certificate ID Use the ICICertInfo interface ID property to retrieve the ID of a certificate.

HRESULT ID([out, retval] long *pVal);


122

Retrieving a certificate description Use the ICICertInfo interface Description property to retrieve the description of a certificate.

HRESULT Description([out, retval] BSTR *pVal);

Retrieving a certificate's start date Use the ICICertInfo interface NotBefore property to retrieve the first date the certificate became valid.

HRESULT NotBefore([out, retval] BSTR *pVal);

Related topic Retrieving a certificate's expiration date

Retrieving a certificate's expiration date Use the ICICertInfo interface NotAfter property to retrieve the certificate's expiration date.

HRESULT NotAfter([out, retval] BSTR *pVal);

Related topic Retrieving a certificate's start date

Certificate Issuer

Finding who issued a certificate

Use the ICICertInfo interface IssuerOneLine property to find who issued a certificate, their email address, location, name and organization. The IssuerOneLine property will return all the information in one comma delimited string.

HRESULT IssuerOneLine([out, retval] BSTR *pVal);

Certificate Interface Properties

123

Retrieving a certificate issuer's unit

Use the ICICertInfo interface IssuerUnit property to retrieve the unit of a certificate's issuer.

HRESULT IssuerUnit([out, retval] BSTR *pVal);

Retrieving a certificate issuer's organization

Use the ICICertInfo interface IssuerOrg property to learn the organization that issued a certificate.

HRESULT IssuerOrg([out, retval] BSTR *pVal);

Retrieving the issuer's common name on a certificate

Use the ICICertInfo interface IssuerCName property to retrieve the issuer's common name on a certificate.

HRESULT IssuerCName([out, retval] BSTR *pVal);

Finding the certificate issuer's country

Use the ICICertInfo interface IssuerCountry property to find the country of a certificate's issuer.

HRESULT IssuerCountry([out, retval] BSTR *pVal);

Certificate Subject

Retrieving a certificate subject's information

Use the ICICertInfo interface SubjectOneLine property to retrieve a certificate subject's name, their location, organization and other information. The SubjectOneLine property will return all the information in one comma delimited string.


124

HRESULT SubjectOneLine([out, retval] BSTR *pVal);

Retrieving a certificate subject's unit

Use the ICICertInfo interface SubjectUnit property to retrieve a certificate subject's unit.

HRESULT SubjectUnit([out, retval] BSTR *pVal);

Retrieving a certificate subject's organization

Use the ICICertInfo interface SubjectOrg property to learn the organization that is the subject of a certificate.

HRESULT SubjectOrg([out, retval] BSTR *pVal);

Finding the certificate subject's country

Use the ICICertInfo interface SubjectCountry property to retrieve the country of a certificate's subject.

HRESULT SubjectCountry([out, retval] BSTR *pVal);

Retrieving a certificate subject's common name

Use the ICICertInfo interface SubjectCName property to retrieve the certificate subject's common name.

HRESULT SubjectCName([out, retval] BSTR *pVal);

125

13

Sample Script Following is a VB Script that connects to the server, retrieves a list of users and publishes them to an Excel file. Save the sample with a .vbs extension and then run it from the command line.

'

' FILE: CreateUserListSpreadSheet

' CREATED: 13 OCT 2004 GTH

' PURPOSE: List the users of a site and create an excel spreadsheet.

'

Set SFTPServer = WScript.CreateObject("SFTPCOMInterface.CIServer")

CRLF = (Chr(13)& Chr(10))

txtServer = "192.168.134.142"

txtPort = "1100"

txtUserName = "admin"

txtPassword = "admin"

' On Error Resume Next

SFTPServer.Connect txtServer, txtPort, txtUserName, txtPassword

If Err.Number <> 0 Then

WScript.Echo "Error connecting to '" & txtServer & ":" & txtPort & "' -- " & err.Description & " [" & CStr(err.Number) & "]", vbInformation, "Error"

WScript.Quite(255)

Else

WScript.Echo "Connected to " & txtServer

End If

set Sites=SFTPServer.Sites

Set oExcel = WScript.CreateObject("Excel.Application")

oExcel.visible = true

126

Set oWorkbook = oExcel.Workbooks.Add

For i = 0 to SFTPServer.Sites.Count-1

set theSite=Sites.Item(i)

Set theSheet = oWorkbook.Worksheets.add

theSheet.name = theSite.Name

theSheet.Cells(1, 1) = "Users:"

arUsers = theSite.GetUsers()

For j = LBound(arUsers) to UBound(arUsers)

theSheet.Cells((j+2), 1) = arUsers(j)

Next

theSheet.Columns("A:A").EntireColumn.Autofit

Next

Set oExcel = nothing

SFTPServer.Close

Set theSite = nothing

Set SFTPServer = nothing

Enhanced File Transfer Server

Documents

Transcript of Enhanced File Transfer Server