EFT lost its user/group associations when AD server is unavailable


  • EFT, all versions
  • EFT v4.x to v7.4.x stores advanced properties in the registry.
  • EFT v8.x stores Advanced Properties in a JSON file.
    • When you upgrade from EFT v7.4.x to EFT v8, the non-default settings that you have defined in the registry will be added to the Advanced Properties file during upgrade. (Default settings are part of the EFT configuration files.)
      Please refer to the EFT help for a spreadsheet of advanced properties for your version of EFT.


When EFT connects to an authentication server (LDAP/AD), the server usually replies with its list of users. Just like any other server, EFT will lose its group associations if it connects to the AD server and those users aren’t returned or AD server is unavailable. If the server returns a list with 0 users, EFT will to lose all of its user/group associations that you have configured in EFT.

The registry settings below cause EFT to ignore that list of 0 users and keep the user/group associations that you have configured.

To activate this feature, create both of the DWORD keys below:

On 32-bit systems:


On 64-bit systems:

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\GlobalSCAPE Inc.\EFT Server 4.0]


0 = normal

1 = log auth provider synchronization to event log, but otherwise normal

2 = log auth provider synchronization and do not delete users; if this "Do Not Delete" mode (2) is chosen, users will not be deleted from EFT during synchronization or after a TE Service restart.


0 = normal

1 = If zero users received, abort and do not honor sync attempt. Event is logged to the Windows Application log.