Configuring Tasks - Hosts

Configuring Tasks - Hosts - Hosts Tab

MOVEit Central Admin displays all hosts defined on a MOVEit Central system on the Hosts tab. Each host may be of only one type (SSH, FTP(S), MOVEit DMZ, FileSystem or SMTP/Mail), and known hosts are organized by host type in the Hosts tab display. See also Host Operations.

Shot_Hosts.gif (16215 bytes)

The following types of hosts are currently supported:

Windows File System and Shares - The local computer on which MOVEit Central is running. This "placeholder" host includes the local filesystem, and any remote Windows shares MOVEit Central is configured to access. If you want to access files on a network share, either click the "Add Host..." button or right-click on the Windows File System and Shares host type and choose "Map Network Drive" to configure access to the remote share.
MOVEit DMZ - A MOVEit DMZ server accessible via HTTPS usually over TCP port 443.
FTP Server - A plain FTP server or FTP over SSL server, usually accessible over TCP port 21. (Note: The most common TCP port used for FTP over SSL in implicit mode is 990.)
SSH Server - An FTP over SSH server, usually accessible over TCP port 22.
SMTP Server - An outbound email server usually accessible over TCP port 25.
POP3 Server - An inbound email server usually accessible over TCP port 110.
AS1 - An AS1 trading partner relationship. AS1 uses email (SMTP and POP3) transports, often with SSL transport security.
AS2 - An AS2 trading partner relationship. AS2 uses mostly web (HTTP) transport, often with SSL transport security.
AS3 - An AS3 trading partner relationship. AS3 uses FTP transport, often with SSL transport security.

The following elements typically define a host:

Hostname or IP Address - The full hostname (i.e. "MOVEit.stdnet.com") or IP address (i.e. "192.168.1.1") of the remote server.
Name - This will be the name associated with this host in all tasks. Feel free to change this name at any time; hosts are really linked to tasks through the use of an invisible, unchanging host ID.
Username and Password - Authentication credentials. These are always stored encrypted on disk. A username is usually required. In the case of SSH hosts, a password is optional if you are using public key authentication. (Some SSH hosts may require both public key and password authentication, but this is unusual.) Both username and password may contain macro references.
For Share hosts, the permissions of the current user MOVEit Central is running as can be used instead of a specified username and password by selecting the "Use MOVEit Central Run-As credentials" option.
Port - Offers the opportunity to connect to a server offering its services on an unusual port.
Default Retry Count - The default number of extra times that a transfer (get or put) should be retried before MOVEit Central gives up. This defaults to 0-meaning try just once-and can be overridden by individual tasks.
Default Retry Timeout - The number of seconds between retries. This defaults to 120 seconds, and can be overridden by individual tasks.
Host ID - The automatically-generated unique ID for the host. This value is not editable.
Description - A description field for the host. This field does not affect the operation of the host and is used simply to provide operators with information about the host.

The following elements are also used with specific types of hosts. Many of these settings can be overridden by individual task sources or destinations. (AS1, AS2 and AS3 hosts are different enough to warrant their own section.)

Note: Depending on the host type, some of these options appear on the Host options dialog, and some on the Advanced options dialog, which is accessed from the Host options dialog. The Host options dialog is accessed from the Hosts tab by clicking Add Host, or by selecting an existing host and selecting Edit Host from the right-mouse menu.

Note: If any of the options are "greyed out," or if the Advanced Options button is greyed out, this indicates that your license does not include that feature.

Send Email As (SMTP Server only) - MOVEit Central will send attachments and message email through this server using this "from" address.
Default Transfer Type (FTP Server only) - FTP transfers can be performed in ASCII or BINARY mode. This option allows operators to configure the default setting for any FTP host. (This setting will be OVERRIDDEN if specified in any source/destination related to this host.)
Default Transfer Mode (FTP Server only) - FTP transfers can be performed in Active or Passive mode. Active mode is the normal mode of operation for FTP transfers, while Passive mode is generally used for FTP clients located behind a firewall. This feature allows operators to configure the default setting for any FTP host. (This setting will be OVERRIDDEN if specified in any source/destination related to this host.)
Account (FTP Server only) - Supplies the FTP "account" for this server. A few FTP servers require that an account be entered during login, after the username and password. In most cases, though, you will leave this empty. The account may contain macro references.
Additional Commands to Execute Upon Signon (FTP Server only) - Several FTP servers (especially those in front of enterprise servers or legacy equipment) work best if presented with special "quote" block formatting and file type commands before file transfers are performed. (Commands listed in this area will be executed IN ADDITION TO any additional commands specified in any source/destination related to this host.) Macros are supported in this field.

AS/400 (iSeries) FTP Server Hint: Enter a value of "SITE LISTFMT 1" here to ask the AS/400 to use a standard (Unix-like) listing format, which can be automatically recognized by MOVEit Central.
Additional Commands to Execute Per File Before Transfer (FTP Server only) - Several FTP servers (especially those in front of enterprise servers or legacy equipment) work best if presented with special "quote" block formatting and file type commands before file transfers are performed. (Commands listed in this area will be executed IN ADDITION TO any additional commands specified in any source/destination related to this host.) Macros are supported in this field.
Additional Commands to Execute Per File After Transfer (FTP Server only) - Specifies "quote" commands to send to the FTP server immediately after a successful transfer. (Commands listed in this area will be executed IN ADDITION TO any additional commands specified in any source/destination related to this host.) Macros are supported in this field.
Blind Downloads (skip directory listing) (FTP and SSH hosts only) - Specifies that when downloading from this host, MOVEit Central should not use any directory listing commands. In the case of FTP servers, this includes "change directory" (CWD) and "list directory" (LIST) commands. Instead, the "FileMask" specified in the source is actually a single filename, not a mask, and the program should download the file without first checking to see if it exists. This rarely-used option is intended primarily to accommodate unusual FTP servers.
Blind Uploads (FTP Server only) - Specifies that when uploading to this host, MOVEit Central should interpret all destination paths as absolute. In this case, the most that MOVEit Central should be doing is issuing a CWD to the path specified, and then doing a PUT to save the file in that location. This rarely-used option is intended primarily to accommodate unusual FTP servers.
Upload as TempFile then Rename and Temp Upload Filename (FTP, SSH and Filesystem hosts only) - This feature allows MOVEit Central to upload a file under a temporary filename, and then rename the just-uploaded file to something else. The most common reason for using this option is to avoid triggering another automation system which depends on the existence of a certain filename but which cannot detect the difference between open/closed or started/finished files. The checkbox field enables or disables this option. (It is off by default.) The text field allows an administrator to provide a specific pattern for the name of temporary files. By default a value of "CTMP[Rnd:4]" is used (this will yield values like "CTMP9243" and "CTMP2495"). If a different value is used, care should be taken to avoid duplicate temporary filenames. (Relying on minute-second timestamps may not be reliable for this purpose, but derivations of filenames may be reliable.) Renames will occur on a file-by-file basis as soon as each file has been uploaded; there is no "mass rename" step after all files have been uploaded.
Host adjusts timestamps for Daylight Savings Time (FTP, SSH, Filesystem, and Share hosts only) - Warns MOVEit Central that the host will automatically change the apparent time of existing files when Daylight Savings Time comes into effect, or reverts to Standard Time. The Windows filesystem, for instance, will do this if (as is usually the case) the host computer has the Windows setting "Automatically adjust clock for daylight savings changes" selected.
If this "Host adjusts timestamps" setting is selected, MOVEit Central changes the way that the "Collect Only New Files" source option is processed, and it also changes the way that synchronization works. In these situations, MOVEit Central compensates for the changes made by the host by adjusting the apparent timestamps of files by one hour. This is to prevent the unnecessary transfer of files that appear new because their apparent times have changed since they were last observed. For example, consider a file that is modified in January (during Standard Time) at 8:00AM. When Daylight Savings Time comes into effect in the spring, after months of having appeared to be modified at 8:00AM, the file's apparent modification time will suddenly change to 9:00AM. If "Host adjusts timestamps" is selected, MOVEit Central will internally adjust its view of the file's time back to 8:00AM for comparison purposes, and will not consider the file to be new.

Similar adjustments are made by MOVEit Central during the transition from Daylight Savings Time to Standard Time, in order to compensate for file timestamp changes made by the host computer on which the file resides.
Default Xfer Rescan (FTP, SSH, Filesystem, and Share hosts only) - Specifies that once one or more files matching the download criteria have been identified, MOVEit Central should rescan the directory, looking for changes in the files' size and date. If a file has changed, it will be removed from the list of files to download. The purpose of this feature is to detect when another application is currently changing the files, so that MOVEit Central will not download a partial file. The value is the number of seconds to wait between scans. The default is 0, which deactivates the feature. A reasonable value for when you do need the feature might be 60 or 120 seconds. (This setting will be OVERRIDDEN if specified in any source related to this host.)
IIS Virtual Directory (MOVEit DMZ Server only) - It is perfectly legal to install MOVEit DMZ into a subdirectory of another web site. (An installation may already host another secure web site on the same machine, for example.) However, MOVEit Central needs to know about any alternate locations used and this box provides the interface to define this location. (e.g., "/mysubdir/"; set this to "/" if you are unsure)
Secure ( MOVEit DMZ Server only) - When checked, this enables secure communications between MOVEit Central and the remote host. Secure MOVEit DMZ connections are usually initiated on port 433 rather than insecure port 80.

Secure Connection (FTP Server only) - Selects the style of encryption used when connecting to the FTP server. Your choice will depend on the styles offered by the particular FTP server.

Encryption style	Meaning
None	No encryption
TLS-P	Both the control connection and any data connections are encrypted. (Note to experts: MOVEit Central actually does an AUTH TLS, followed by an explicit PROT P.)
TLS-C	Only the control connection is encrypted.
Implicit	Both the control connection and any data connections are encrypted. This type of connection is usually done to port 990. This style is considered to be obsolete.

Cleartext after connection (CCC) (FTP Server only) - After connecting and signing on securely, switch to unencrypted mode for the control connection. This option applies only to the encrypted FTP options above.
The CCC option is slightly less secure, because it allows an opponent to see the names of the files you transfer. However, if the FTP server is behind a firewall that does NATing, this option allows the firewall to rewrite the responses to PASV commands, thus allowing MOVEit Central to transparently connect to the correct IP address.

This CCC option is rarely needed, because the "Ignore PASV IP in passive mode" option, which is on by default, accomplishes much the same thing.
Ignore Cert Errors (FTP Server and MOVEit DMZ Server only) - When checked, ignores SSL certificate problems. These problems include the certificate being expired, having the wrong hostname, or having been issued by an untrusted authority. This is used primarily during testing, when you have only a temporary test certificate. It applies only if Secure is checked. If this box is not checked and questionable certificate is detected, MOVEit Central will not connect to the host, and an error will be logged.
SSH Host Key (SSH Server only) - Specifies the host key expected from the SSH server. If "Specific Key" is checked, then if the public key presented by the SSH host does not match the approved key, or if no approved key has been designated, MOVEit Central will refuse to connect to the host, under the assumption that there may be a security problem. (For instance, another server may be masquerading as the original server.)
The "Any Key" option is the SSH equivalent of the SSL-oriented "Ignore Cert Errors" option. The difference is that SSL certificate errors pertain to attributes of the certificate itself, so MOVEit Central can detect problems (such as a hostname mismatch or an expired certificate) by inspecting the certificate itself. By contrast, SSH public keys are simpler and potential problems can be checked only by noticing changes. By choosing "Any Key", you are instructing MOVEit Central to accept any key presented by the host. This option makes it impossible for MOVEit Central to detect when a rouge SSH server has been substituted for the legitimate SSH server.

When an administrator sets up an SSH/FTP host, s/he normally obtains the host's current public key by choosing the "Specific Key / New" button, and marks it as approved via the Verify Host Fingerprint dialog. On subsequent connections to the host, MOVEit Central compares the public key presented by the host to the approved key.
SSH Client Key (SSH Servers only) - Specifies the optional SSH client key associated with this user. Typically, SSH servers will require either a username and password, or a username and client key. If you want to use client key authentication, choose the "..." button and either choose a previously-generated client key via the "Current Key" drop-down box, or create or import a new key via the "Add" button.
If you choose the Add button, you must enter a name for the key; the name you choose is for your own convenience and has no bearing on the authentication process. Then you will see the Add SSH Key dialog. You can choose "Generate new key" to create a new key, or "Import existing key" to import a key that has already been generated on a remote machine and downloaded to your PC.

Once you select, generate, or import a key, characteristics of the key are shown in the "Fingerprint (MD5)" and "Public Key" text boxes. The "Format" radio button controls whether you see the public key in SSH or OpenSSH format.

Note that the remote server must be configured to authorize the key for logon.
Client Certificate (MOVEit DMZ and FTP Servers only) - Specifies the SSL client certificate to use when establishing connections. MOVEit DMZ 4.0 and later servers can be configured to accept or require client certificates, although this is not the default. Some FTP servers also use SSL client certificates, although this is rare.
Client NAT Settings (FTP Servers only) - Specifies Network Address Translation (NAT) options to use in certain unusual network configurations.
Client External IP is the IP address that MOVEit Central should send to the FTP server when in active mode. Normally MOVEit Central will send its real IP address, but if there is a router between MOVEit Central and the FTP server that is doing NAT, it may be necessary to use a different "external" IP address.

Ignore PASV IP in passive mode means that when in passive mode, MOVEit Central should ignore the IP address given by the FTP server and instead use the IP address associated with the host configuration. This option is used to accommodate incorrectly configured networks.

Both of these options are rarely used.
Use Notifications (MOVEit DMZ, Filesystem, and Share hosts only) - Specifies that tasks accessing this host will be run when files arrive, rather than periodically by the scheduler. Choosing this option is recommended. See File Notifications.
Default File Sorting (MOVEit DMZ Server only) - Specifies how file listings should be sorted when retrieving listings from a MOVEit DMZ server. Files will be downloaded in the order they are listed, so this setting provides the ability to define which files should be downloaded first. Available options are "By Filename", "By Date/Time", and "By Size", each with an "Ascending" or "Descending" option.
Custom Parsing (FTP and SSH Servers only) - Specifies whether MOVEit Central's automatic directory listing recognition should be overridden with an explicit configuration. This feature is needed only for unusual brands of FTP and SSH servers. See Custom Directory Parsing.
MD5 Checking (FTP and SSH Servers only) - Specifies whether MOVEit Central should look for an MD5 file, containing MD5 hashes of source files on the FTP server, and what that MD5 file should be called (see the FTP Source Integrity page for more information). The following settings are available for checking for an MD5 file:
- Never - Central will not look for an MD5 file.
- If Present - Central will look for an MD5 file. If the file contains a hash for a source file, Central will check the file against the hash. If the file matches the hash, Central will allow the file to continue, otherwise it will generate an error. If Central does not find a hash for the source file, it will allow the file to continue.
- Required - Central will look for an MD5 file and generate an error if it is not found. All files downloaded will be checked against the MD5 file. If a file does not match its hash, or a hash does not exist for the file, Central will generate an error.
Download Limits (MOVEit DMZ, FTP, SSH, Filesystem, and Share hosts only) - Limits the number of files that Central will download from a source in a single task run against this host. The limit can be by file count or by byte count. In the case of a limit by byte count, Central will stop downloading files after the first file that causes the number of downloaded bytes to exceed the configured limit. If the limit is exceeded, the task will automatically be rerun. A value of 0 means no limit.
#145 (click image for info)
This option is useful in production only when the source has "new files only" or delete or rename after successful transfer set. Otherwise, the same files will be downloaded over and over.
Transport - Disable SSH Compression (SSH Servers only) - Turns off compression for all communications with the SSH server. This is recommended only for a few, rare SSH servers which do not support compression.
Transfer - Use XSHA1 Command (if available) (FTP Servers only) - Enables the use of the XSHA1 command if the FTP server supports it. This allows Central to compare the file it received or transmitted with the copy that the server has by comparing SHA1 hashes of the file.
Transfer - Resume Partial Transfers (if possible) (FTP, SSH Servers) - During a task run, enables MOVEit Central to resume an FTP upload or download that has failed. If the file is a binary file and the Default Retry Count is greater than zero, MOVEit Central tries to resume the transfer. Transfers will pick up where a previous one failed. The number of resume attempts is set by Default Retry Count. This setting can be overridden on sources and destinations.
Alternate Host - Select Host (Enterprise only) - designates a secondary host to "rollover" to when the primary host is not available. When running a task, MOVEit Central will use the alternate host if, after the designated number of retries, it encounters problems connecting or logging in to the primary host. MOVEit Central will not rollover if there are other problems, such as if the directory does not exist, or if there are insufficient permissions to access a file; these cases will instead cause an error. Also, this feature applies to an individual host, making it different from the failover feature that applies to nodes. Note: In order for a host to appear in this drop-down, you must create it in the Hosts tab of the MOVEit Central admin window. The alternate host must be the same type of host (FTP server, SSH server) as the primary host.

For a list of icons used to represent hosts, sources, and destinations, see Configuring Tasks - Overview.

Testing Hosts

All remote host types provide a testing option, to allow the administrator to check the current host configuration. Once the host settings are entered, click the Test button in the lower left corner of the Define Host dialog to test the host. The test results will be reported with a popup information dialog when the test is complete. Note that the test may take several seconds depending on the accessibility and speed of the host.

The following tests are executed, based on the type of the host:

MOVEit DMZ Servers - Attempt to sign on to the configured host and port using the configured security settings and username and password. If successful, attempt to execute a directory listing on the root directory.
FTP Servers - Attempt to sign on to the configured host and port using the configured security settings, transfer mode, username, password, and account. Use any advanced options configured, such as client certificate and/or NAT settings. If successful, attempt to execute a directory listing on the current directory returned by the signon transaction.
SSH Servers - Attempt to sign on to the configured host and port using the configured host key setting and username and password. If a client key is configured in the advanced options, it will be used. If successful, attempt to execute a directory listing on the current directory returned by the signon transaction.
SMTP Servers - First prompt for an email address to send a test email message to. Attempt to sign on to the configured host and port and send an email message using the configured sender address and the provided recipient address.
NOTE: A successful test here merely indicates that MOVEit Central was able to connect to the SMTP server and ask it to send an email message to the provided recipient address. Final confirmation of a successful test requires checking the provided recipient address to make sure the test message was accepted and delivered.
POP3 Servers - Attempt to sign on to the configured host and port using the configured username and password. If successful, attempt to get a count of waiting messages.