Release Notes for WS_FTP Server 7.5.1.2, WS_FTP Server 7.5.1.2 with SSH, and WS_FTP Server 7.5.1.2 Corporate

In this File

About this document

This document contains information on how to install and configure WS_FTP Server, WS_FTP Server with SSH, and WS_FTP Server Corporate. Depending on which WS_FTP Server product you have purchased, portions of this document may not apply.

The document also describes how to install and configure add-on modules for the WS_FTP Server and WS_FTP Server with SSH.

What is WS_FTP Server?

Ipswitch WS_FTP® Server is a highly secure, fully featured and easy-to-administer file transfer server for Microsoft Windows® systems. WS_FTP Server lets you create a host that makes files and folders on your server available to other people. Users can connect (via the Internet or a local area network) to your host, list folders and files, and (depending on permissions) download and upload data. Administrators can control access to data and files with granular permissions by folder, user, and group. Administrators can also create multiple hosts that function as completely distinct sites.

WS_FTP Server is proven and reliable. It is used by administrators globally to support millions of end users and enable the transfer of billions of files.

WS_FTP Server complies with the current Internet standards for FTP and SSL protocols. Users can connect to the server and transfer files by using an FTP client that complies with these protocols, such as Ipswitch WS_FTP Home or Ipswitch WS_FTP Professional.

WS_FTP Server with SSH also includes support for SFTP transfers over a secure SSH2 connection.

Our product offerings are described in WS_FTP Server product family.

Administration

Performance

Security and Compliance

WS_FTP Server Product Family

The WS_FTP Server product family provides a broad range of file transfer functionality, from fast file transfer via the FTP protocol, to secure transfer over SSH, to a complete file transfer (server/client) solutions.

New in 7.5.1

Version 7.5.1 introduces failover support to the WS_FTP Server family of products. You can now deploy WS_FTP Server on a two-node failover cluster in a Windows Server environment using Microsoft Cluster Services (MSCS) or Microsoft Network Load Balancing (NLB). The failover solution consists of one "active" and one "passive" node, each running identical configurations of WS_FTP Server. If the primary node is unavailable, or if a server (FTP or SSH) is unavailable on the primary node (MSCS only), processing switches over to the secondary node. This two-node configuration uses shared resources for the user database, configuration data (SQL Server), and the file system for user directories and log data.

Version 7.5.1 also includes multiple SSH improvements:

New in 7.5

Version 7.5 introduces the Ad Hoc Transfer capability to the WS_FTP Server family of products. Ad Hoc Transfer lets your users send file transfers to an individual, rather than to a folder or file transfer site. Files can be sent to any valid email address, meaning you do not have to maintain accounts for all recipients, or set up temporary accounts.

Files sent via Ad Hoc Transfer are stored in a folder on the WS_FTP Server computer. Recipients receive a notification in their email inbox, and click on a web link to access the posted files.

As the administrator, you can set options that require Ad Hoc Transfers to be password protected, and to manage the size and availability of an Ad Hoc Transfer "package," which is the user-generated email message plus associated files.

The Ad Hoc Transfer Module provides two ways for a WS_FTP Server user to send a transfer:

New in 7.1

Version 7.1 includes the following new features:

New in 7.0

Version 7 introduces a third product offering, WS_FTP Server Corporate, to the WS_FTP Server family of products. WS_FTP Server Corporate offers a convenient way to purchase the full range of secure, managed file transfer functionality that we provide. For a description of each of the WS_FTP Server product offerings and the major features included, see WS_FTP Server Product Family.

Version 7 is a major release that includes the following new features:

System requirements for WS_FTP Server

Tip: If a listed requirement is hyperlinked, you can click the link to get more information on obtaining and installing that prerequisite.

WS_FTP Server

Supported Operating Systems

For a standalone WS_FTP Server installation:

Operating System

Edition

Service Packs

Supported Versions

Windows Server 2008

  • Standard
  • Enterprise

SP2 or later

  • 32-bit: English and German
  • 64-bit: English

Windows Server 2008 R2

  • Standard
  • Enterprise

 

  • 64-bit: English

Windows Server 2003

  • Standard
  • Enterprise

SP2 or later

  • 32-bit: English and German
  • 64-bit: English

Windows Server 2003 R2

  • Standard
  • Enterprise

 

  • 32-bit: English
  • 64-bit: English

Windows XP

  • Professional

SP3 or later

  • 32-bit: English

For a WS_FTP Server failover cluster using Microsoft Clustering Services:

Operating System

Edition

Service Packs

Supported Versions

Windows Server 2008

Enterprise

SP2 or later

32-bit: English

Windows Server 2008 R2

Enterprise

 

64-bit: English

For a WS_FTP Server failover cluster using Microsoft Network Load Balancing:

Operating System

Edition

Service Packs

Supported Versions

Windows Server 2008

  • Standard
  • Enterprise

SP2 or later

  • 32-bit: English

Windows Server 2008 R2

  • Standard
  • Enterprise

 

  • 64-bit: English

Windows Server 2003

  • Standard
  • Enterprise

SP2 or later

  • 32-bit: English

Windows Server 2003 R2

  • Standard
  • Enterprise

 

  • 64-bit: English

System Requirements

Required Hardware

Virtualization Requirements

Ipswitch Notification Server

All requirements for WS_FTP Server (above), plus:

Ipswitch Notification Server is a part of WS_FTP Server and is typically installed on the same machine as the original software by the original package.

WS_FTP Server Manager

Server Requirements:

Client Requirements:

WS_FTP Server Server Manager is a part of WS_FTP Server and is installed on the same machine as the original software by the original package.

Installing WS_FTP Server on Windows 2008 Server

The WS_FTP Server installer automatically activates certain components in your Windows 2008 installation. This is necessary because after installation, Windows 2008 does not turn on non-core operating system components. However, before installing WS_FTP Server, you should be sure that these changes conform to your organization’s security policies.

When you install WS_FTP Server, the install activates the following 2008 Server roles:

Upgrade notes

Upgrading a license to add a feature(s)

If you are upgrading an existing WS_FTP Server 7 license, use the following procedure. Upgrading an existing license includes the following:

  1. Purchase the feature.
  2. Click Program Files > Ipswitch WS_FTP Server > Activate or Refresh WS_FTP Server License. The Ipswitch Product Activation program opens.

activation screen

Note that your serial number should appear in the Serial Number box. If it does not appear, please enter it.

  1. Click Activate to upgrade your license.

Your license will be upgraded to include the new purchased feature. This upgrade process does not create a second activation of the product, it just updates the existing license.

Upgrading from WS_FTP Server 6

Installing WS_FTP Server

Important:If upgrading from a previous version of WS_FTP Server, before running the installation program, see the section on upgrades.

During the installation, a host using the internal WS_FTP Server user database is created. You can create hosts using Microsoft Active Directory, Microsoft Windows, or other external user database types after the install is completed.

Important: Installing WS_FTP Server on a domain controller is not recommended.

Important: Installing WS_FTP Server via Terminal Services is not recommended. You can use Terminal Services to install subsequent WS_FTP Server updates and installations.

Note:If you are installing on Windows 2008 Server, a command window may display and pause at various points during install. These pauses may last a minute or longer and are an expected part of the product installation.

To install WS_FTP Server:

  1. If you are using Microsoft IIS as your web server, before you begin the WS_FTP Server installation, confirm that Microsoft IIS is running and that you can access the Web site on which you will install the WS_FTP Server Manager web application.
  2. If you received an installation CD, insert it into a drive. If the Welcome screen does not appear, select Start > Run, and enter the drive path followed by launch.exe.

    Example: D:\launch.exe

    - OR -

    If you downloaded the software from our Web site, double-click the executable (.exe) file to begin the installation.

  3. On the installation Welcome screen, click Read to read the release notes or View to download and view an electronic copy of the Getting Started Guide. Click Next to continue. The License Agreement dialog appears.
  4. Read the license agreement carefully. If you agree to its terms, select I accept the terms of the license agreement and click Next. The Setup Type dialog appears.
  5. The Setup Type dialog lets you select from two installation methods, Express and Custom.
    • Express installs the WS_FTP web server and installs the following components to default locations: WS_FTP Server or WS_FTP Server with SSH, Ipswitch Notification Server, Ipswitch Logging Server, and PostgreSQL. The option to install WS_FTP Server with a Microsoft IIS web server, or with a SQL Server database, will not be available with express install.
    • Custom installation allows you to select the specific components you want to install and also specify locations for each component install. Custom install also allows you the option of using a Microsoft IIS web server and/or MS SQL Server database.
  6. Select the installation method you want to use, then click Next.

To use the express install option:

Important:The express installation option does not include the option of installing WS_FTP Server with Microsoft IIS as the web server for WS_FTP Server Server Manager, or Microsoft SQL Server as your database. If you wish to run WS_FTP Server with IIS or SQL Server, click the back button and choose the Custom install option.

  1. If you are installing on Windows 2008, you will first see the Enable Ports dialogue. Selecting Yes will configure the Windows firewall to allow incoming connections from the FTP and SSH services. (If you select No, you will still be able to configure the firewall manually later.)
  2. Enter the port that your WS_FTP Web Server will use for WS_FTP Server Server Manager. (The install will verify that the port is not in use.) Click Next.
  3. Verify or enter the fully qualified host name for this server. The installation program provides the host name of the server, but you may need to add domain information. This host name is used to create the first host.
  4. When you click Next, one of the following screens opens:
    • Specify a PostgreSQL Server and Administrator Account. This screen opens if PostgreSQL database server was previously installed on your computer. Go to step 4.
    • Create User Accounts. Continue to step 5.
  5. In the Administrator Password box, enter a System Administrator Password for access to the system administrator (sa) account for the PostgreSQL database that hosts WS_FTP Server data. Click Next. The Enter Host Name screen opens.
  6. The Create User Accounts screen opens. Set the appropriate options.
    • Create the WS_FTP Server system administrator account on this host. Select the host on which you want to create a system administrator account. If you are installing for the first time, only one host is available.
    • Username. Enter a username. This username is used to create:
      • a WS_FTP Server user to serve as the system administrator. This user belongs to the specified host, but is granted full system administrator permissions for all hosts on the server.
      • a non-privileged Windows user account named IPS_ plus the name you provide. For example, if you enter admin, the Windows user is named IPS_admin. This account is used by the configuration data store (PostgreSQL) and serves as the run-as user for the WSFTPSVR virtual folder.
    • Password and Confirm Password. Enter and confirm a password. This password is assigned to both the WS_FTP Server system administrator user and the Windows user account.

      Important: Your domain password policy may require that you use complex password rules. If so, make sure that you use a password that conforms to the domain requirements. The account will not be created without conforming to the domain password requirements.

  7. Click Next. The Ready to Install the Program screen opens.
  8. The install program is now ready to install the components you selected. Click Install. The install program installs and configures the components you selected. This may take a few minutes.
  9. If you do not have an active product license, the License Activation dialog will appear. See "Activating WS_FTP Server for New or Upgraded Licenses" below for details.
  10. Click Finish to complete the installation.

To use the custom install option:

  1. If you are installing on Windows 2008, you will first see the Enable Ports dialogue. Selecting Yes will configure the Windows firewall to allow incoming connections from the FTP and SSH services. (If you select No, you will still be able to configure the firewall manually later.)
  2. The Select Features screen opens. Select the checkboxes next to the components you want to install. Click Next.
  3. Choose the database you wish to use for WS_FTP Server: PostgreSQL or Microsoft SQL Server (you will be asked for configuration values later in the install).
  4. For each component that you selected, confirm the Destination Folder where the install program will install the component. To choose a new folder, select Browse and choose another folder. After you have made your selection, click Next. Repeat this step for each component (including the database components). When the destination folder for each component has been selected, the Select Web Host screen appears.
  5. Select the web server that you will use with WS_FTP Server. (If you select Microsoft IIS, be sure that IIS is running on the PC that you are installing to.) Click Next.
  6. If you chose the PostgreSQL database, enter the port that your WS_FTP Web Server will use. (The install will verify that the port is not in use.) Click Next.
  7. Next, enter the fully qualified host name for this server. The installation program provides the host name of the server, but you may need to add domain information. This host name is used to create the first host.
  8. When you click Next, one of the following screens appears:
    • Specify a PostgreSQL Server and Administrator Account. This screen opens if PostgreSQL database server was previously installed on your computer. Go to step 8.
    • Create User Accounts. Continue to step 9.
  9. In the Administrator Password box, enter a System Administrator Password for access to the system administrator account for the PostgreSQL database that hosts WS_FTP Server data. Click Next. The Enter Host Name screen opens.
  10. The Create User Accounts screen opens. Set the appropriate options.
    • Create the WS_FTP Server system administrator account on this host. Select the host on which you want to create a system administrator account (if you are using WS_FTP Server). If you are installing for the first time, only one host is available.
    • Username. Enter a username. This username is used to create:
      • a WS_FTP Server user (if applicable) to serve as the system administrator. This user belongs to the specified host, but is granted full system administrator permissions for all hosts on the server.
      • a non-privileged Windows user account named IPS_ plus the name you provide. For example, if you enter admin, the Windows user is named IPS_admin. This account is used by the configuration data store (PostgreSQL) and serves as the run-as user for the WSFTPSVR Microsoft IIS virtual folder (if you use Microsoft IIS).
    • Password and Confirm Password. Enter and confirm a password. This password is assigned to both the WS_FTP Server system administrator user (if applicable) and the Windows user account. Click Next.

      Important: Your domain password policy may require that you use complex password rules. If so, make sure that you use a password that conforms to the domain requirements. The account will not be created without conforming to the domain password requirements.

      Important: The Windows user account must comply with the security policies on your Windows server. Once the install completes, verify that the account is not set to expire at the next logon and that you are aware of any expiration policies that apply to the account.

  11. If you chose Microsoft SQL Server for your database (in step 2), next you will be asked to enter the Server's name or IP address with the instance name (formatted as Server/Instance), a Port number (the install autofills SQL Server's default value of 1433), the Master Database Username, and Password. Click Next.
  12. If you chose Microsoft IIS as your web server, the Web Configuration screen opens. In the Use this Web site dropdown, select the preferred Internet Information Services (IIS) Web site. Click Next.
  13. The Ready to Install the Program screen opens, which will install the components you selected. Click Install. This may take a few minutes.
  14. If you do not have an active product license, the License Activation dialog will appear. See "Activating WS_FTP Server for New or Upgraded Licenses" below for details.
  15. Click Finish to complete the installation.

Activating WS_FTP Server for new or upgraded licenses

There are four ways you can make a WS_FTP Server installation active:

To manually activate the license on an existing installation:

Note: Before you start the manual activation process, make sure that you have your product serial number, MyIpswitch account name, and password available for use during activation.

- or -

Follow the on-screen instructions, entering your product serial number, MyIpswitch account name, and password.

Note: When the activation is complete, a confirmation page indicates the license has been activated. If the activation does not complete successfully, you may be behind a proxy or firewall that is blocking the activation request. In this case, click the Offline button, then follow the onscreen instructions.

For more help and information about licensing, go to the MyIpswitch (www.myipswitch.com) licensing portal.

Fixed in 7.5.1.2

The following issue was addressed in V7.5.1.2:

Fixed in 7.5.1

The following issues were addressed in V7.5.1:

Fixed in 7.5

Fixed in 7.1

The following issues were addressed in 7.1:

Fixed in 7.0

The following issues were addressed in this release:

Fixed in 6.1.1

The following issues were addressed in this release:

Ipswitch would like to thank Secunia (secunia.com) for reporting the following issues, which have been fixed in this release:

Fixed in 6.1

The following issues were addressed in this release:

Ipswitch would like to thank Secunia (secunia.com) for reporting the following issues, which have been fixed in this release:

Release notes

OpenSSL conflicts when installing WS_FTP Server V7.5.1

The WS_FTP Server 7.5.1 installation program installs a new version of the OpenSSL library. The new version, OpenSSL 0.9.8p, is required and gets installed to the installation folder (the default is: C:\Program Files\Ipswitch\WS_FTP Server).

If the installation program finds a version of the library in the Windows system folders, it will stop the installation and ask you to move or rename the library files. If these library files are used by other programs, you want to make sure that you retain a copy of them. We suggest you create a backup in another folder, or rename these files, then remove the files from these locations:

32-bit OS

64-bit OS

C:\Windows\libeay32.dll

C:\Windows\libeay32.dll

C:\Windows\ssleay32.dll

C:\Windows\ssleay32.dll

C:\Windows\system32\libeay32.dll

C:\Windows\SysWOW64\libeay32.dll

C:\Windows\system32\ssleay32.dll

C:\Windows\SysWOW64\ssleay32.dll

C:\Users\[username]\Windows\libeay32.dll or
C:\Documents and Settings\[username]\Windows\libeay32.dll

C:\Users\[username]\Windows\libeay32.dll or
C:\Documents and Settings\[username]\Windows\libeay32.dll

C:\Users\[username]\Windows\ssleay32.dll or
C:\Documents and Settings\[username]\Windows\ssleay32.dll

C:\Users\[username]\Windows\ssleay32.dll or
C:\Documents and Settings\[username]\Windows\ssleay32.dll

Upgrading WS_FTP Server V7.5 to V7.5.1 (PostgreSQL)

When upgrading a WS_FTP Server installation that uses a PostgreSQL database from V7.5 to V7.5.1, you must install Microsoft .NET framework 3.5 or 3.5 SP1 before running the installer to upgrade, otherwise the installer will halt the installation.

IP Lockouts do not carry over failed logon attempts after cluster failover

When a cluster fails over from node 1 to node 2, the number of failed logon attempts does not carry over to node 2. Therefore, the server does not lock out the user even if the failed logon count is cumulatively greater than the limit set by the IP Lockouts rule since the failed logon count per node is less than the IP Lockout rule allows. Once a user fails a number of logons on a single node equal to the IP Lockouts limit, then the user is locked out.

For example, assume a user account’s IP Lockouts rule is set to blacklist the user after 5 failed attempts. If a user fails to log on 3 times while node 1 is the active node and then the cluster fails over, the user will have to fail 5 more log on attempts on node 2 in order for WS_FTP Server to blacklist the user because the failed attempts do not transfer between nodes.

Currently, there is no work around for this issue.

See IP Lockouts do not carry over failed logon attempts after cluster failover in the Ipswitch Knowledge Base for more information.

Unhandled exception when using AHT and switching nodes after a failed send

When a cluster fails over from node 1 to node 2 while an Ad Hoc Transfer user attempts to send a package from the AHT site, the file transfer fails, the user is logged out, and the browser displays the Microsoft error "Internet Explorer cannot display the webpage." After node 2 becomes the active node, users attempting to log on to the AHT site again receive an error message about an unhandled exception.

To resolve this issue, the user must restart the browser session before logging back onto the site. Then the user can send packages normally.

See An unhandled exception when using AHT and switching nodes after a failed send in the Ipswitch Knowledge Base for more details and the content of the exception.

Unable to resume transfer or delete file after failover

When a cluster fails over from node 1 to node 2 during an upload, the transfer fails and the file transfer client‘s connection to the cluster drops (the message is "Connection is dead"). The upload does not resume when the user logs back into the server. Although the partially uploaded file is present, it cannot be deleted. This is caused by the share host (Windows UNC or Linux NAS) holding an open handle for node 1 on the partially uploaded file, presumably waiting for the client to (possibly) reconnect. Node 2 cannot modify the file at this time.

Since resuming the transfer is impossible, the user must delete the file and then restart the transfer.

To delete the file, the user must wait a few minutes until the share host releases its hold on the file handle, and then the user can delete the file. ("A few minutes" ranges from about 2 minutes on Windows, up to about 10 minutes on a Linux NAS.)

To delete the file sooner, an administrator can force a failover so that node 1 is active, allowing the user to modify the file again.

See Unable to resume transfer or delete file after failover in the Ipswitch Knowledge Base for more information.

Unable to delete files in the Web Transfer Client after failover

When a cluster fails over from node 1 to node 2 during an upload using the Web Transfer Client, both the browser session and the file transfer fail. When the user logs back in, the upload does not resume. Although the partially uploaded file is present, it cannot be deleted. This is caused by the share host (Windows UNC or Linux NAS) holding an open handle for node 1 on the partially uploaded file. Node 2 cannot modify the file at this time.

Since resuming the transfer is impossible, the user must delete the file and then restart the transfer, or overwrite the file on another upload attempt.

To delete or overwrite the file, the user must wait a few minutes until the share host releases its hold on the file handle, and then the user can delete the file. ("A few minutes" ranges from about 2 minutes on Windows, up to about 10 minutes on a Linux NAS.)

To delete the file sooner, an administrator can force a failover so that node 1 is active, allowing the user to modify files again.

See Unable to delete files in the Web Transfer Client after failover in the Ipswitch Knowledge Base for more information.

Error connecting in FIPS mode (FIPS mode cannot use the pre-7 default SSL certificate)

If you installed WS_FTP Server 6.x with the default SSL certificate, when you upgrade to WS_FTP Server 7, that default certificate is maintained. If you then enable FIPS mode, which requires the use of FIPS-validated ciphers in the certificate, the default certificate will cause a connection error when a user attempts a secure connection. The server log will show the following error:

Failed to begin accepting connection: SSL failed to load key file. Non-FIPS algorithms might be used in the selected SSL certificate.

To work around this issue, you need to use a certificate that uses a FIPS-validated algorithm, such as SHA1. You can select to use your own certificate, or create a new certificate in the WS_FTP Server Manager (from the Home page, select SSL Certificates).

IIS notes

Operating system notes

Select Account is disabled and click OK.

Configuring the database for remote connections

By default, the Microsoft SQL Server database will only accept connections coming from the local system. To use a remote notification server, to allow multiple servers to share a data store, or to allow a remote Web Transfer Client connection, you have to enable remote connections.

Microsoft's Knowledge Base (KB) provides the following information on remote connections:

"When you try to connect to an instance of Microsoft SQL Server 2005 from a remote computer, you may receive an error message. This problem may occur when you use any program to connect to SQL Server. For example, you receive the following error message when you use the SQLCMD utility to connect to SQL Server:

Sqlcmd: Error: Microsoft SQL Native Client: An error has occurred while establishing a connection to the server. When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections.This problem may occur when SQL Server 2005 is not configured to accept remote connections. By default, SQL Server 2005 Express Edition and SQL Server 2005 Developer Edition do not allow remote connections.

For instructions, see the Microsoft KB article: How to Configure SQL Server 2005 to Allow Remote Connections

Other notes

Uninstalling WS_FTP Server

  1. In the Control Panel, select Add/Remove Programs.
  2. Select Ipswitch WS_FTP Server, then click Change/Remove and follow the onscreen prompts to uninstall.

    The User Configuration Data Exists screen presents options for removing the configuration database:

    • Remove the WS_FTP Server configuration data from the data store
    • Remove the Ipswitch Notification Server configuration from the data store
    • Also, remove the PostgreSQL database server. (Note: You may have other databases on that server.)

    If you want to maintain the configuration data in the database, for example when you plan to upgrade or migrate to another database, make sure that these options are not selected.

For more assistance

For more assistance with WS_FTP Server, consult the following resources:

Installing and Configuring the WS_FTP Server Web Transfer Module

Whether you purchased the WS_FTP Server Web Transfer Module as an add-on to WS_FTP Server or WS_FTP Server with SSH, or you received it with your WS_FTP Server Corporate purchase, you need to run the WS_FTP Server Web Transfer Module installation program. For system requirements, installation procedure, and release notes, go to Installing and Configuring the WS_FTP Server Web Transfer Module.

Installing and Configuring the Ad Hoc Transfer Module

The Ad Hoc Transfer Module is installed separately from WS_FTP Server. For system requirements, installation procedure, and release notes, go to Installing and Configuring the Ad Hoc Transfer Module.


Ipswitch Logo