System Configuration - Configuration Utility
The MOVEit DMZ Configuration Utility is a GUI application used to
configure global settings from the local console.
This utility is the only place certain licensing, debugging, FTP, and SSH options are set.
Run the configuration program by choosing the Start menu shortcut "MOVEit DMZ Config"
from the local console (or terminal session) on your MOVEit DMZ server.
License Tab
You will have either a license file or license key, which will be shown here.
Note: Beginning with MOVEit DMZ v.7.0, product licenses are distributed in the form of a license file rather than a license key. Existing customers who already have a license key can continue to use their current license key. It is not necessary to replace the key with a license file.
If you have a MOVEit DMZ license file, the file name will be displayed in the "License File" field.
If you have a MOVEit DMZ license key, it will be displayed in the "License Key" field.
Use the the "license file" field and the Import button to import a new license file.
Use the "license key" field to apply a new license key. Any change to the license fields will take place immediately.
Underneath the license fields, a list of items you are currently licensed for will be displayed with their status and expiration.
Each licensed option could be shown (display only) as set to: Production, Evaluation or Off.
Evaluation options behave exactly like production options, but evaluation options will shut off
after their time has expired.
- Base License - # organizations:
This item lists the number of organizations this MOVEit DMZ license is currently authorized to support.
When you purchase MOVEit DMZ, a Base License for at least one organization is always included.
- MOVEit DMZ API:
When enabled, this license option allows an unlimited number of copies of MOVEit DMZ API to connect to MOVEit DMZ.
Your MOVEit DMZ API license may limit the number of clients which can actually be deployed, however.
- Ad Hoc Transfer:
With this license option, people can use MOVEit DMZ to send secure, email-like packages with files included.
Packages can be composed online using the web interface or read/composed using Microsoft Outlook.
- Web Farm - # nodes:
This license option enables server deployment in a web farm environment and controls the number of nodes that may be so deployed.
Each MOVEit DMZ server deployed in such an arrangement is counted as a node.
- Files and Folders:
With this licensed option, people can use MOVEit DMZ to access files and folders using the web interface.
- User Bands - # Users:
This item specifies the licensed (system) maximum number of users, per user band licensing:
- 1 to 50 Users
- 51 to 200 Users
- 251 to 500 Users
- Unlimited Users
HINT:
MOVEit AS2 and AS3 support licensing is controlled in MOVEit Central; MOVEit DMZ requires no additional license.
Paths
WARNING:
Most of the "Folder" values listed below are also saved in locations currently outside the control
of the MOVEit DMZ Config utility. If you wish to move the MySQL database to another location
or move the encrypted filesystem to another location, please check Ipswitch's current
recommendation in our Support Site Knowledge Base first!
Folders
- Web App: this directory contains all of the web application files needed for MOVEit DMZ to run.
- Non Web: this directory contains MOVEit DMZ specific files that are needed for the internal functions of the program.
- Files: this directory contains the root filesystem for MOVEit DMZ. If the root filesystem is stored on a remote location, click the Advanced button to configure the UNC path of the remote location, as well as the username and password needed to access it. For more information about using a remote location for the root filesystem, see the
Remote Filesystem doc page.
- ISAPI: this directory contains the MOVEit ISAPI files that are required for making secure transfers.
- Database: this directory specifies the location of MySQL, if MySQL is the database engine being used by MOVEit DMZ.
URLs
- Machine: this URL is used to access authentication and other services from MOVEit DMZ. This URL should refer to the local machines (localhost).
The Machine URL's are generated during installation of MOVEit and rarely need to be changed, except in cases
where IIS access rules have been changed.
- Machine2: is derived from the "Machine URL".
- Ignore certificate problems on machine URL's: if checked, this option allows the use of Machine URLs starting with "https" even if the certificate on this webserver was not issued by a trusted Certificating Authority.
This will allow you to set the IIS setting of "Require Secure connection". In this case you will need to use https for the Machine URL.
- Base: is the URL that is used to connect users to the interface of MOVEit DMZ. If there is no DNS name available or it has not resolved yet, you need to use an IP address. Also, if you have installed an SSL certificate you should specify the https protocol here also.
Whether to allow the secure connection with MOVEit DMZ with a test certificate which may not be able to be confirmed from a trusted source. Since the Machine URLs are usually set to the localhost, they do not normally need to use https encryption. But if they do, and if the certificate is not trusted, MOVEit DMZ FTP would not be able to communicate with the machine URLs unless this is set.
Email
SMTP Configuration
- Server: this is the the IP address or DNS name of the mail server to be used to send e-mail.
- Timeout: this is the number of seconds MOVEit DMZ will timeout after if it cannot connect to the mail server.
Key Email Addresses
- Default From: this specifies the return address that will be used to send out informational messages from MOVEit DMZ.
- Send Errors To: this specifies the e-mail address to whom error messages from MOVEit DMZ will be sent.
The scheduler uses will send error reports to this address.
Multiple email addresses may be specified by separating them with commas.
For example, "support1@mymoveit.com,support2@mymoveit.com" is a valid address, although most
sites use a mailing list or an alias controlled on the mail server to accomplish the same thing.
Hint:
If you need more sophisticated email options such as authentication or queueing,
please set up the local IIS SMTP server.
In fact, use of a local SMTP server is recommended at high volume sites to avoid waiting for
responses from remote mail servers!
Settings
Statistics Gathering
MOVEit DMZ periodically polls the local server for various status and performance statistics, and records them into a database for later processing. These settings determine how that statistics gathering mechanism operates.
For more information, see the documentation on the MOVEit SysStat Service.
- Retention: how long records will exist in the statistics database. Default: 30 days.
- Interval: how often the statistics gathering process will poll the local server. Default: 323 seconds.
- Long Process Skip Count: one of the statistics that MOVEit DMZ gathers is the amount of used disk space in various DMZ folders on the server. This involves recursively counting the bytecounts of all files and folders underneath the selected folders, a process which can take a significant amount of time and resources. Therefore, these particular statistics are not gathered every time the statistics gathering process runs. This value determines how many runs the process will skip before gathering the more intensive statistics. Default: 72.
Other Settings
- IP Masks to Ignore DNS: MOVEit DMZ uses the Windows DNS client to look up the hostnames of IP addresses. Sometimes internal IP addresses cannot be resolved by the available DNS servers, but timeouts involved obtaining this information can make operations which require reverse lookups (such as signons) very slow from the end user's perspective. Adding specific IP addresses and/or ranges of IP addresses into this list will cause MOVEit DMZ to skip DNS reverse lookups of those addresses and may speed signons and similar actions.
- Max Session Timeout: user sessions are automatically extended during file transfers to permit slow or very large transfers to succeed. This value indicates, in minutes, the maximum length of long file transfer sessions. Default: 120 minutes.
- Disk Space Low Warning: MOVEit DMZ periodically checks the remaining disk space on all local drives. If the remaining space on any of the drives falls below this level, an email will be sent to the Send Errors To email address containing a message about the low disk space. Default: 1024 MB.
Database
The database tab will reflect the settings of the current database engine being used by MOVEit DMZ.
MySQL
- Configuration
- Server: this is the IP address or host name and instance of the MySQL database server being used by MOVEit DMZ. Typically MOVEit DMZ will use a local MySQL database, so the server will usually be "localhost".
- Database Name: this is the name of the database used by MOVEit DMZ. This was configured during setup and should not be changed.
- MOVEit User
- Username: this is the name of the database user used by MOVEit DMZ to access the DMZ database. This was configured during setup and should normally not be changed.
- Password (and Confirm): this is the password of the above database user. This password was configured during the MOVEit DMZ setup and should normally not be changed.
- MySQL Root User
- Username: this is the name of the database root user. This was configured during setup and should normally not be changed.
- Password (and Confirm): this is the root password that is used to access the MySQL database for MOVEit DMZ. This password was configured during setup and should normally not be changed.
-->
Microsoft SQL Server
- Server\Instance: this is the IP address or host name of the SQL Server database server being used by MOVEit DMZ. When using a local SQL Server Express instance, this will typically be "localhost". Otherwise, it will typically be the address of a separate database server or database cluster.
- Database Name: this is the name of the database used by MOVEit DMZ. This was configured during setup and should not be changed.
- Username: this is the name of the database user used by MOVEit DMZ to access the DMZ database. This was configured during setup and should normally not be changed.
- Password (and Confirm): this is the password of the above database user. This password was configured during the MOVEit DMZ setup and should normally not be changed.
Status
Diagnostic Log Settings
Diagnostic logging levels and log filesizes for the major MOVEit DMZ components are set here. For each component, the
Debug Level and Max Size settings can be adjusted.
- Debug Level: specifies the amount of debugging information to be logged. "All Debug" means log everything and "None" means log nothing. "Success" is the default and
provides a good tradeoff between performance and troubleshooting capability.
"Some Debug" is usually best for diagnosing errors on your own.
Ipswitch support will typically ask you to run at least one test of a failed event at "All Debug".
- Max Size: specifies the maximum size in megabytes of the log file before it is renamed and a new file is created in its place.
The three diagnostic MOVEit DMZ component options are:
- Web: sets the debug level for the Web Interface and scheduling components of MOVEit DMZ.
- FTP: sets the debug level for the FTP component of MOVEit DMZ.
- SSH: sets the debug level for the SSH component of MOVEit DMZ.
Hints:
Set Core Application debug level to "User Errors" and the FTP and SSH debug levels to "Connect Messages" while in production.
The debug levels listed here may also be set and the resulting logs may also be downloaded by any SysAdmin.
Primary Services
Here the status of each of the primary MOVEit DMZ services is available, and can be controlled. Each service displays its current
status, along with a button to start or stop the service. Additionally, buttons are available to start and/or stop all MOVEit DMZ
services. Finally, a refresh option is available to change how frequently the config program checks the status of the services,
and the time of the most recent refresh is displayed.
High Availability Service
If the MOVEit DMZ server is participating in a webfarm, the High Availability Service section will be displayed. Here the status
of the High Availability Service is available, and can be controlled. As with the primary services, the current status is displayed,
along with a button to start or stop the service.
NOTE: This service will also be started and stopped when the Start All and Stop All buttons in the Primary Services section are pressed.
SSH Tab
See the "SSH Server" section of this document for information about this tab.
FTP Tabs
See the "FTP Server" section of this document for information about these tabs.