Search

GlobalSCAPE Knowledge Base

EFT lost its user/group associations when AD server is unavailable

Karla Marsh
EFT

THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT, all versions
  • EFT v4.x to v7.4.x stores advanced properties in the registry.
  • EFT v8.x stores Advanced Properties in a JSON file.
    • When you upgrade from EFT v7.4.x to EFT v8, the non-default settings that you have defined in the registry will be added to the Advanced Properties file during upgrade. (Default settings are part of the EFT configuration files.)

    For a spreadsheet of advanced properties, please refer to the EFT help for your version of EFT .

DISCUSSION

When EFT connects to an authentication server (LDAP/AD), the server usually replies with its list of users. Just like any other server, EFT will lose its group associations if it connects to the AD server and those users aren’t returned or AD server is unavailable. If the server returns a list with 0 users, EFT will to lose all of its user/group associations that you have configured in EFT.

The advanced properties below cause EFT to ignore that list of 0 users and keep the user/group associations that you have configured.

"UserDatabaseSynchronizationMode"

0 = normal

1 = log auth provider synchronization to event log, but otherwise normal

2 = log auth provider synchronization and do not delete users; if this "Do Not Delete" mode (2) is chosen, users will not be deleted from EFT during synchronization or after a TE Service restart.

"IgnoreZeroUsersResult"

0 = normal

1 = If zero users received, abort and do not honor sync attempt. Event is logged to the Windows Application log.

To activate this feature

 In v8.0 and later, add the name:value pairs to the advancedproperties.json file as described in the "Advanced Properties" topic in the online help for your version of EFT.

{
"UserDatabaseSynchronizationMode":"2",
IgnoreZeroUsersResult"="1"
}

In versions prior to v8.0, create both of the advanced properties in the registry:

On 32-bit systems:

[HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0]

On 64-bit systems:

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\GlobalSCAPE Inc.\EFT Server 4.0]

"UserDatabaseSynchronizationMode"=dword:00000002

0 = normal

1 = log auth provider synchronization to event log, but otherwise normal

2 = log auth provider synchronization and do not delete users; if this "Do Not Delete" mode (2) is chosen, users will not be deleted from EFT during synchronization or after a TE Service restart.

"IgnoreZeroUsersResult"=dword:00000001

0 = normal

1 = If zero users received, abort and do not honor sync attempt. Event is logged to the Windows Application log.


Details
Last Modified: 7 Months Ago
Last Modified By: kmarsh
Type: FIX
Rated 2 stars based on 13 votes.
Article has been viewed 120K times.
Options
Also In This Category
Tags