FEATURE: “reload” command-line parameter

This HOWTO video shows the process of executing the “reload” command at the command line to reload changes made to the USERS file.

1) BPS currently running as a SERVICE
2) Logging into BPS using “ftp.exe”
3) While the ftp-client is still connected
4) Change the “bpftpserver-users.ini” and edit the password
5) Issue the “bpftpserver -reload” command
6) BPS launches another instance to instruct the current instance to reload the configuration
7) The original ftp-client is still connected
8) Disconnect original ftp-client and try to login as old password (doesn’t work, since it was changed)
9) Try to login as the new password, it works.

FEATURE: Bulk Import CSV

In the latest release of BulletProof FTP Server, we’ve added the ability to import users via the “Bulk Import (CSV)” button, located in the User Manager. A CSV-File is a flat-text-file that contains a list of records (one per row) with a defined set of field-values for that record. This is analogous to a spreadsheet, such as Microsoft Excel and is often used as a method of getting data in/out of a spreadsheet.

To this end, we’ve developed a function that allows you to IMPORT user-accounts from another source, using a CSV file. Below is a list of fields that are supported for import. In this list, the first record you see is “ACCOUNTNAME”, this is a MANDATORY record as it is the unique-primary-key for the data. If ACCOUNTNAME exists, the data will be updated. If not, a new user-account will be created and all of the data will be set to the provided information. All other fields are optional, but each row in the CSV-file must contain the same fields as defined in the first header-record.

NOTE: Executing this functionality can be automated from the command-line utility “bpftpserver-adduser.exe”. Please see this HOWTO for more information.

EXAMPLE:
In the following example, we are defining a CSV file to import 11 new user-accounts (mmc000 to mmc010). Below you will find the first row contains the list of columns each row/record will contain; subsequent rows contain the data for the accounts. Please note, this is generic data and in this case, I choose to make a simple list of account-names that are prefixed with “mmc” and then use a 3-digit number. The intention is to show the power and flexibility; as each user-account can be assigned their own home-directory (c:\ftp\mmc999), groups, login-name, passwords, etc.

"AccountName","ACCESSRIGHTS_PACKED","Enabled","EnableLogin","Login","EnablePass","Pass","GroupName"
"mmc000","C:\ftp\mmc000;RWDAMLSK","1","1","mmc000","1","mmc000","mmc-group-0"
"mmc001","C:\ftp\mmc001;RWDAMLSK","1","1","mmc001","1","mmc001","mmc-group-0"
"mmc002","C:\ftp\mmc002;RWDAMLSK","1","1","mmc002","1","mmc002","mmc-group-0"
"mmc003","C:\ftp\mmc003;RWDAMLSK","1","1","mmc003","1","mmc003","mmc-group-0"
"mmc004","C:\ftp\mmc004;RWDAMLSK","1","1","mmc004","1","mmc004","mmc-group-0"
"mmc005","C:\ftp\mmc005;RWDAMLSK","1","1","mmc005","1","mmc005","mmc-group-0"
"mmc006","C:\ftp\mmc006;RWDAMLSK","1","1","mmc006","1","mmc006","mmc-group-0"
"mmc007","C:\ftp\mmc007;RWDAMLSK","1","1","mmc007","1","mmc007","mmc-group-0"
"mmc008","C:\ftp\mmc008;RWDAMLSK","1","1","mmc008","1","mmc008","mmc-group-0"
"mmc009","C:\ftp\mmc009;RWDAMLSK","1","1","mmc009","1","mmc009","mmc-group-0"
"mmc010","C:\ftp\mmc010;RWDAMLSK","1","1","mmc010","1","mmc010","mmc-group-0"

SUPPORTED FIELDS AVAILABLE TO BULK-IMPORT

Commonly Used Fields

FIELD_NAME FIELD_TYPE DEFAULT MANDATORY
ACCOUNTNAME STRING “” TRUE
AccessRights_Packed STRING “”
Enabled BOOLEAN True
EnableLogin BOOLEAN True
Login STRING “”
EnablePass BOOLEAN True
Pass STRING “”
EnableGroup BOOLEAN False
GroupName STRING “”
UseGroupHomeDir BOOLEAN False

Lesser Lesser Used Fields

FIELD_NAME FIELD_TYPE DEFAULT MANDATORY
AddHomeLink BOOLEAN False
AddLinkFromFile BOOLEAN False
AddLinks BOOLEAN False
AllowChangePassword BOOLEAN False
AllowNoop BOOLEAN True
BannedFiles_PACKED STRING “”
By-Pass_MaxUser BOOLEAN False
ChgDirMsgFile STRING “”
DefaultGroupQuotaCredit INTEGER -1
DefaultGroupRatioCredit INTEGER -1
EnableMaxConPerIP BOOLEAN False
EnableMaxUsers BOOLEAN False
EnableSITECHAT BOOLEAN False
EnableSITEWHO BOOLEAN False
Hide hidden Files BOOLEAN False
Home-IP STRING “”
IPACLList_PACKED STRING “”
Info_Address STRING “”
Info_City STRING “”
Info_Email STRING “”
Info_Fax STRING “”
Info_Name STRING “”
Info_Notes STRING “”
Info_PhoneHome STRING “”
Info_PhoneWork STRING “”
LinksFile STRING “”
LoginMsgFile STRING “”
MaxConPerIP INTEGER 1
MaxSpeedEnabled BOOLEAN False
MaxSpeedRcv INTEGER 512
MaxSpeedSnd INTEGER 512
MaxUsers INTEGER 0
QuotaCurrent INTEGER 0
QuotaEnabled BOOLEAN False
QuotaMax INTEGER 0
RatioCredit INTEGER 0
RatioDown INTEGER 1
RatioEnabled BOOLEAN False
RatioMethod INTEGER 0
RatioUp INTEGER 1
RelativePath BOOLEAN False
ResolveLNK BOOLEAN True
ShowChangeDirMsg BOOLEAN False
ShowLoginMsg BOOLEAN False
TimeOutEnabled BOOLEAN True
Timeout INTEGER 600
TreatLinksAs BOOLEAN True

HOWTO: API/CLI into BPFTP Server

BulletProof FTP Server is an excellent FTP Server for Windows. With the recent development efforts in v2011, we thought it would be a good time to introduce some of the command-line-switches (CLI) for managing BPFTP Server from external programs, web-sites, scripts, etc.

NOTE: At times you’ll see BulletProof FTP Server for Windows referred to as “BPS”.

Let’s first start with a brief explanation of the binaries distributed with BulletProof FTP Server for Windows (BPS):

The default installation location for the program is located in the following location:
%PROGRAMFILES%\BulletProof FTP Server\

Depending on your version of Windows, %PROGRAMFILES% is expanded to the following for 32-Bit and 64-Bit versions of Windows:
C:\Program Files\BulletProof FTP Server\
C:\Program Files (x86)\BulletProof FTP Server\

Investigating this location will yield the following executables:
bpftpserver.exe – Main executable for the program
bpftpserver-adduser.exe – CLI to manipulating the User & Group Database
bpftpserver-service.exe – responsible for controlling BPS when it’s running as a Windows System Service
CSDispatcher.exe – used with “remote debug” for sending log-messages to our remote-server

MAIN EXECUTABLE

bpftpserver.exe [OPTION]

-reload
Will cause the running instance of BPS to reload the settings, users and group information.

-online
Take BPS online and ready for incoming connections.

-offline
Take BPS offline and disable the listener from answering incoming connections.

-exit
Terminate BPS and stop it’s execution on the system. All users will be forcibly disconnected.

-close
Keep BPS online and all active-connections maintain, but disable the listener; resuling in no *new* connections accepted.

-open
Renable the listener, allowing new connections to be accepted.

-startlogging
Start logging to the log-file defined in the software.

-stoplogging
Stop logging to the log-file.

-kickall
Kick all currently connected users off of the server.

-stat
Regenerate the statistics files for users in the system.

CLI ADDUSER

BulletProof FTP Server command-line utility 'bpftpserver-adduser.exe'
Copyright (c) 1998-2015 BulletProof Software LLC, All Rights Reserved.

Command-line utility to manipulate the USER and GROUP database for BulletProof FTP Server.

Usage: bpftpserver-adduser.exe [OPTION]…

Bulk Import (moreNew in Version 2013.1.0.7 – 2013-JUNE-26
–bulkimport=FILENAME.CSV
–bulkimport-help (reports a list of fields supported for CSV import)
–bulkimport-help-as-html (output HTML version of –bulkimport-help

-list=USERNAME[*,?]
-name=ACCOUNTNAME
-enabled
-disabled
-login=USERNAME
-group=GROUPNAME
-pswd=PASSWORD
-crypt
-access=PATH,ACCESSRIGHTS
-loginmsg=FILENAME
-speedlimit=[0,1]
-speedrcv=BYTES-PER-SECOND
-speedsnd=BYTES-PER-SECOND
-banfile=FILEMASK[,FILEMASK2,FILEMASK3,…]

Access = R(ead) W(rite) D(elete) A(ppend) M(ake) L(ist) S(ubdir) K(delete dir)

First -access will be Home Directory

Example :
C:\Program Files (x86)\BulletProof FTP Server\bpftpserver-adduser.exe -name=newuser -enabled -login=newlogin -pswd=newpass -group=demogroup -loginmsg=c:\login.txt -access=c:\ftproot\,RLS -banfile=+*.jpg,+*.gif

Some explanation of the behavior is important, specifically the “-access” parameter. In the above example the login of “newlogin” for the account “newuser” is given the directory of “c:\ftproot\”

We’ll break down the command-line, piece by piece

-name=newuser
While initially confusing, there’s a difference between an “account-name” and the “login-name”. The account-name refers to a “user-friendly” name for the account, such as “upstairs accountant” and “log-name” is the actual login that used to access the ftp-server; such as “accountant”.

-enabled
Will enable the account for login

-login=newlogin
The login-name for the user to use to access the ftp-server (see above not for -name)

-pswd=newpass
The password for the login

-group=demogroup
If the account belongs to a group, you can specify the name of the group (OPTIONAL)

-loginmsg=c:\login.txt
Will send a user-specific login-message via the protocol to the user after logging in (OPTIONAL)

-access=c:\ftproot\,RLS
Will add an access-right for the account to the directory c:\ftproot\ with the privledges of (R)ead,(L)ist,(S)ubdir . The first access-right specified will be the HOME-DIRECTORY for the user. Additional access-rights can be defined by use the “-access” parameter again. If you are specifying a user-account that already exists, then all access-rights for the account will be deleted and given the access-rights that you define here.

-banfile=+*.jpg,+*.gif
Will add a file-mask of files that the user-account is prohibited from uploading or downloading. (OPTIONAL)

IE7 will not download from FTP Server

Starting with Internet Explorer 7 from Microsoft, certain “security” settings were put into place to protect Microsoft Windows users from being able to view certain types of documents stored on a FTP Server. These document types include .DOC, .XLS, .DOCX, .PDF, .DWG, etc…

The interesting thing is that when using IE7 as an FTP Client to download these types of files from BulletProof FTP Server (or any FTP Server), the file will download correctly and will be stored in the user’s temporary directory on the local-os, then; prior, to executing the application which is associated with the document type, some other Microsoft process makes a security-determination on the file and decides to delete the file or not (without prompting the OS-User). This results in an error message to the User, indicating that the file could not be downloaded.

More Information from Microsoft is available at the following KB:
http://support.microsoft.com/kb/910274

PLEASE NOTE
While Microsoft’s Documentation and instructions on implementing the fix is correct, the Windows Registry Key for the fix is INCORRECT. In addition, Windows XP SP3 DOES NOT include a working HOTFIX (as they state).

Incorrect Registry Key
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274

Correct Registry Key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274