Central Service - Central Config Utility

Most MOVEit Central settings, such as hostnames, directories, schedules, and logging, are managed by MOVEit Central Admin. However, a few settings are managed by a separate program, MOVEit Central Config. These are ordinarily set once at installation; there is rarely a need to change them.

The configuration program displays a dialog with several tabs.

General Tab

config-generaltab.gif (10575 bytes)

The settings on this tab are:

Whether connections from MOVEit Central Admin or API should be encrypted. Normally, you should enable encryption, for best security. However, you can disable encryption if, for instance, you have not obtained a certificate. Note: encryption is always disabled when MOVEit Central Admin or API is connecting from the same computer (localhost).
Encryption certificate. This is used only for encrypted links from MOVEit Central Admin or MOVEit Central API. The installation program will by default install a "test" (self-signed) certificate for this purpose. If you have an existing SSL certificate on the MOVEit Central system, you may select it here. Providing a secure connection for MOVEit Central Admin is not necessary, but it is recommended if MOVEit Central Admin sessions will be accessing the Central server from outside your private network. You can use MOVEit Central's SSL Certificate Manager to create a certificate suitable for use here.
Cache dir. This is the directory which will be used to store files while they are being processed by a task; files will automatically be deleted from here (with NIST 800-88-compliant cryptographic overwrite) when related tasks complete. Normally this directory should be on your largest available hard drive. WARNING: You must create any alternate folder specified by this location by hand; MOVEit Central will not create this folder if it is missing. Also, the user under which the MOVEit Central service runs must have read/write/delete/subdirectory access to this folder.
Delete from cache w/o overwrite. MOVEit Central normally takes care to delete and then overwrite its cache files with cryptographic-quality random data. If this option is enabled, file transfers may be faster (especially large, filesystem-to-filesystem transfers).
Start with scheduler disabled. Normally, MOVEit Central starts running tasks right after starting. Check this box if, for testing or operational purposes, you don't want MOVEit Central's scheduler active when MOVEit Central starts. MOVEit Central will still able to start tasks explicitly via MOVEit Central Admin or MOVEit Central API. If this option is selected, you can enable the scheduler after startup via MOVEit Central Admin; however, the next time MOVEit Central starts, the scheduler will again be disabled until this option is unselected in the configuration program.

License Tab

config-licensetab.gif (13574 bytes)

This tab shows the type of license (license file or key) and the features enabled by the license. A license file or license key is required to activate the program. The file or key is provided to you when you evaluate or license the program. In addition to enabling the basic operation of MOVEit Central, a license file or key can also activate optional features of the program. Each license file or key expires on a certain date; some license files or keys have different features which expire on different dates.

The settings on this tab are:

License file. This radio button is selected if you chose a license file during installation. To switch to a different license file, browse for your license file, and select to add it.
License key. If you already entered the key during installation, it is displayed here. If necessary, enter your license key. Both modern "letter" license codes (e.g., "C-ABCDE-ABCDE-ABCDE") and older 15-digit license codes (e.g., "12345-12345-12345") are supported.

The license file or license key is activated when you click Apply or OK.

Database Tab

config-databasetab.gif (12226 bytes)

This tab allows you to choose which database engine to use, and to select options specific to that database engine:

If Use MySQL is chosen, you can change these settings:

DSN. The ODBC Dataset Name of the database. There is rarely a need to change this from the default of "micstats".
MySQL root password. The password of the "root" user in the MySQL database. This is stored encrypted in the registry, and is used only by the install program. The previous value is not displayed in the dialog box when the program starts--even masked by *'s--for security reasons.

If Use Microsoft SQL Server is chosen, you can change these settings:

Host: The hostname of the SQL Server.
Instance: The name of the SQL Server "instance". This is usually empty, meaning the default instance. If you are using SQL Server Express, you may have to specify SQLExpress as the instance name.
Database: The name of the database. This is nearly always "micstats".
Use Windows Integrated Authentication. This causes MOVEit Central to authenticate to SQL Server using the credentials associated with the MOVEit Central service. These credentials are shown on the radio button; for instance, "(.\micsvc)" means the local Windows user micsvc (as opposed to a domain user). The SQL Server must have a login with the same name, associated with a Windows username of the same name.
Use SQL Server Authentication. This causes MOVEit Central to authenticate to SQL Server using the specified SQL login and password. The password is stored encrypted in the local registry. These credentials must exist on the SQL Server, and there must be a corresponding user in the micstats database on that server. Typically these are created during creation of the database, and usually do not need to be changed.

Test DB Connection. Click this button to test whether you can connect to the database using the specified credentials.

Errors Tab

config-errorstab.gif (10087 bytes)

The Errors tab is used to configure email messages that are sent when a serious error occurs. MOVEit Central sends these emails primarily when in failover mode. These settings are independent of the Host and Task email settings that are used in normal running of tasks.

The settings on this tab are:

"To" error email. This is an optional comma-separated list of email addresses to which a message should be sent when a serious error occurs. Some of the situations in which MOVEit Central will send messages to this/these address(es) include pending and actual failover and tamper detection instances. If this value is left empty, no email is sent.
"From" email. This is the address that MOVEit Central should place in the "From:" line of emails it sends as a result of a serious error.
Email server. This is the hostname or IP address of the email server to use for these messages.

Failover Tab (Enterprise only)

config-failovertab.gif (11475 bytes)

The Failover tab is used to configure the Failover capability of MOVEit Central. This tab is grayed out unless you have entered a license key that enables failover. Sites which have not licensed failover can ignore this tab.

The settings on this tab are:

This node

Startup role. This is the role that this node will assume when MOVEit Central starts. When installing failover for the first time, you should set one node to be Primary and the other node to be Secondary. Subsequently, MOVEit Central itself will manage this value on the two nodes when a failover occurs.
Node number. This is 0, 1, or 2. 0 disables the failover feature even if you have a license for failover. To enable failover, assign the number 1 to one node, and 2 to the other node. The numbers 1 and 2 have no special significance; however, by convention, the value 1 is typically given to the node that is initially assigned the primary role, and the value 2 is given to the node initially assigned the secondary role.
Nodes to ping. This is an optional comma-separated list of nodes that MOVEit Central should "ping" before assuming the primary role. If this list is empty, no ping test is done. If the list is not empty, at least one of the nodes must respond to a ping before MOVEit Central will start running tasks. The purpose of this feature is to prevent two copies of MOVEit Central from each thinking the other is down because the network between them is down. To take best advantage of this feature, you should enter the hostname of one or more computers that reside on the same network as the other node.
It is recommended that the value of a "nearby" and trusted router be configured in this field. If you do not have a dedicated network device which fits the bill, it is probably best to leave this value blank.

Other node

Hostname or IP. The hostname or IP address of the other node.
MOVEit Admin user. The Windows user on the other node which MOVEit Central should use to login to the other node. You must create this user on the other node, and make it a member of the "MOVEit Admin" group. It need not belong to the "Users" group. You may wish to follow the convention of using the username "micfailover" on both nodes.
Password. The password of the above user. This password is stored in the registry, using 256-bit AES encryption.

The buttons on this tab are typically used only during a resynchronization operation after MOVEit Central has been stopped:

Clear Admin Rep... This erases any MOVEit Central Admin commands that are scheduled to be replicated from this node to the other node. It does this by deleting the MICMisc.blg file. (A new blank file will be created automatically when MOVEit Central is next started.)
Clear SQL Rep... This erases any SQL statements that are scheduled to be replicated from this node to the other node. It does this by deleting the MICSQL.blg file. (A new blank file will be created automatically when MOVEit Central is next started.)
Copy Database... This allows you to copy the MICStats database from the other node to this node. This process overwrites the current node's statistics database with the contents of the other node's database. This operation should ordinarily be performed only on the secondary node.
You need to do a Copy Database on the secondary node when you first install the secondary node. You may also perform this operation subsequently if the database on the current node has gotten out-of-sync with the one on the other node.

When you choose Copy Database, you will be prompted for the remote directory from which to copy the database files, and the local directory to which you should copy them. The program's initial defaults assume that you have installed MySQL on C: and that you are using the default database name. Check the suggested paths and, if necessary, correct them for your installation before choosing OK to start the copy. The configuration program will remember the changed values the next time you choose Copy Database.

The Copy Database command requires that there be a Windows user on the remote node with the same username and password as the session under which you are running the configuration program. This user must have read access to the files in the MySQL\Data\micstats directory.

Please note that if you change the IP address of the other MOVEit Central node in this dialog, the Copy Database parameters will not automatically pick up on the change. If, however, you are using hostnames to define your other host, you may not need to make a change here.

Virus Tab

config-virustab.gif (13292 bytes)

The Virus tab is used to configure how MOVEit Central interacts with third-party real-time antivirus programs.

Definite Virus. This setting configures what MOVEit Central should do if it determines that a specific antivirus scanner has identified a file as having a specific virus.
Probable Virus. This setting configures what MOVEit Central should do if a file it is processing is suddenly deleted, but either:
- MOVEit Central cannot determine for certain that the deletion was done by an antivirus program, or
- MOVEit Central cannot determine from the antivirus program which virus was detected.
Typically, this situation arises when an antivirus program that is not supported by MOVEit Central is running.

For each case, there are three actions that can be taken by MOVEit Central (in addition to marking the individual file transfer as failed and task as partially failed):

Attempt to delete the source file. If the source file cannot be deleted from the host (perhaps due to insufficient permissions), MOVEit Central will "remember" the source file, as below.
Remember the source file and do not download it again. MOVEit Central will make an entry in the "Task Transfer Exceptions" list for this task, which will cause future runs of this task to not download the file. If you want MOVEit Central to download the apparently infected file again, remove these entries using MOVEit Central Admin's "Edit Task Transfer Exceptions" right-click menu option.
Do nothing. The file may be downloaded again next time. This option is rarely useful because the antivirus scanner will likely intercept the file again, causing the same situation to occur again.

Tamper Tab

config-tampertab.gif (9557 bytes)

The Tamper tab is used to reset the tamper detection key used to protect database records. Any value typed here will be encrypted and then stored in the registry. (Do not copy the "HashKey" value from the registry into this field; instead copy "HashKey" registry values from one registry to another.) The derived tamper key is used to maintain a cryptographic "hash chain" of database records. For security reasons, the current tamper detection key is not shown; you can use this tab only to set a new tamper detection key. Because the tamper detection key is set during installation and should not be changed once set, there is rarely a need to use this tab.

About Tab

config-abouttab.gif (12000 bytes)

The About tab shows the MOVEit Central edition you have, the version number, and the software build date.