Common Configuration Parameters
The following table lists parameters (in alphabetical order) that are used to configure all transfer requests.
Parameter | Description |
---|---|
AccessControlConfig | Defines the path to the
AccessControl.cfg in the
$CFROOT/config directory.
You can change the default directory for a file based on the USERID, NODE, or IPADDR parameters on responder transfer requests only. For more information, see Access Control. |
AdminGroup | Defines the group name that holds users who can configure nodes, profiles, and responder profiles, as well as view audit records from all users. |
AliasConfig | Defines the path to the
CfAlias.cfg file in the
$CFROOT/config directory.
You can use an alias file name based on the USERID, NODE or IPADDR parameters for responder transfer requests only. For more information, see CfAlias. |
AuditTempErrors | Defines whether all transfer attempts or only the final attempt is logged. |
BrowseGroup | Defines the group name that holds users who can view audit records from all users.
Note: If this group exists, then users who are not in the specified browse group can only view transactions that they conducted.
|
CfgPostProc | Defines the name of the file that holds the postprocessing configuration.
For more information, see Configured Post Processing. |
ConfigDirectory
|
Defines the path to a directory with all configuration files (with exception of config.txt file). By default, this is the Note:
Config.txt is always located in $CFROOT/config , regardless of ConfigDirectory value. |
CRC | Defines whether to perform a CRC check.
The valid values are
|
CyberMgrPortLocal
|
Defines the local port of CyberMgr . The default port number is 46678 . |
CyberMgrTraceLevel
|
Defines the trace level of
|
CyberMgrTracePath
|
Defines the path of the trace file of |
Encode | Defines how file names are translated when sent to or received from the remote Platform Server or Internet Server. Valid values are:
When this parameter is set to a value other than N, the data is converted from this character set to UTF-8. TIBCO MFT Platform Server then sends the UTF-8 file name to the target system where it is converted back to the characters set defined on that Platform Server or Internet Server. For example, if you have file names with Korean characters, then you should set this parameter to the character set of the local UNIX machine. Encode : EUCKR Note: Encode works same way as iconv Unix command. Encode works only for the FileName s. It is not applicable to the file data. |
FailureSubject
|
Defines the email subject for a failed transfer. The valid values are |
FromAddress | Defines the value of the From field in the email notification. |
HADirectory
|
This parameter defines the directory where the HA files are located. All systems that want to be in the same HA Cluster must have access to this directory. |
HACyberMgrPrimary
|
This parameter will appear in config.txt only if you have converted to HA mode. It defines the Primary CyberMgr Rpc Server host:port. Note:
It is very important that the values are identical on all machines participating in an HA cluster.
|
HACyberMgrSecondary
|
This parameter will appear in config.txt only if you have converted to HA mode. It defines the Secondary CyberMgr Rpc Server host:port. Note:
It is very important that the values are identical on all machines participating in HA cluster.
|
LogAdminFileName
|
Defines the name of the log admin message file. Valid values are One file is created per day, in the format of |
LogDirectoryTransfers | Defines whether to log
cfdir requests when doing directory transfers.
The valid values are
|
LogEventFileName | Defines the name of the file that holds the transaction history log. When running in a container, this parameter should point to a file in persistent storage. By default, the log file is
$CFROOT/log/ One file is created per day in the format of |
LogMessageFileName
|
Defines the name of the log message file. Valid values are One file is created per day, in the format of |
PQFDirectory |
Defines the directory where the PQF files are stored. PQF files store transfer restart information when a transfer fails and can be restarted. When running in HAMode, this parameter must define persistent storage that is accessible to all Platform Server instances in the HA cluster. Otherwise, transfer restart may fail. |
SecurityPolicy | Defines whether
TIBCO MFT Platform Server complies with any security policy on send and receive transfers.
Note: If you initiate a transfer using DES encryption, which is not allowed for either HIPAA or FIPS-140, the encryption is overridden with a certified encryption method. If you are using HIPAA, a prompted message is displayed informing you the encryption is changed to Blowfish Long. If you are using FIPS-140, you receive a prompted message informing you the encryption is changed to Rijndael (AES). Note: If the SecurityPolicy is set to FIPS140, all CyberResp daemons must be restarted. |
SemaphoreKey | Defines the key used to create a semaphore.
If there are several transfers going on simultaneously, the output statements from different transactions can overwrite each other. This situation can be prevented by using a semaphore that synchronizes access to the Log.txt file. The valid values are decimal numbers between 1 and 2147483647 or hexadecimal numbers between 0x00000001 and 0x7fffffff. Hexadecimal numbers must be prefixed with 0x. |
SemaphoreMaxWaitTime
|
Defines how long to wait if the lock is taken by another thread. Checking the semaphore (also known as "lock") by each thread is done at 0.25 sec intervals upto the configured SemaphoreMaxWaitTime. If you have a high-volume transfer environment and consider that some logging requests might be ‘lost/not logged’ because the maximum wait time has passed and the To reset SemaphoreMaxWaitTime value without recycling CyberMgr:
|
SMTPServer | Defines the name of the email server and the port that is used to send out email notifications.
The format to define the port is:
Example:
|
StrictGroupChecking
|
Defines if strict group checking is required. If you want to deny certain requests when ‘cftransfer’ and ‘cfbrowse’ group were not created, then turn on this parameter. The default value is |
Subject | Defines the subject line of the email notification.
The maximum length of the defined value is 256 characters. |
SuccessSubject
|
Defines the email subject for a successful transfer. The valid values are |
TraceGroupMember
|
Defines whether to trace all system calls that check whether or not user is a member of a certain group. Set this parameter only when directed to by TIBCO Support. The valid values are:
|
TransferGroup | Defines the group name that holds users who can conduct platform to platform file transfers initiated from Command Center.
Note: If this group does not exist and a transfer request comes in from Command Center, the transfer can succeed. If the group does exist and the end user account being used for a file transfer initiated from Command Center is not a member, the transfer fails.
|
TransnumFileName |
Defines the file name where the current transaction number is stored. Platform Server uses this file to generate the transaction ID when a transfer is started. This parameter must be set when running in a container because this file must be saved in persistent storage. Otherwise, you should use the default value. When running in a container, this parameter should point to persistent storage. |
VRefreshInterval
|
Defines the visbility refresh interval for CyberMgr. The default value is By default, this is turned off. To turn it on, set it to 10 seconds or higher. |
RpcSynchIntervalHA
|
Defines the time range that is out of sync between The supported range is
|
RpcMaxWaitConnectTimeHA
|
This parameter controls for how long any RPC client waits to connect to Note: Each RPC call consists of two parts: connect to server; if successful, then issue the actual call.
RpcMaxMaitMonnectTimeHA controls only the first part, connect to CyberMgr. The actual calls have their own Timeout value, which we have set based on the importance of the call. RPC calls to get TransactionNumber and log transfer record have a timeout of 60 seconds. All other RPC calls have a timeout of 10 seconds. |
Password Rules for Responder Profile
# Password Rules for Responder Profile PasswordRuleChecking: N { Y, N } PasswordRequireUpperAndLower: N { Y, N } PasswordMinLength: 8 { 3 - 64 } PasswordMinUnique: 3 { 0 - PasswordMinLength } PasswordMinLetters: 3 { 0 - PasswordMinLength } PasswordMinNumber: 0 { 0 - PasswordMinLength } PasswordMinSpecial: 0 { 0 - PasswordMinLength }
Parameter | Description |
---|---|
PasswordRuleChecking
|
Defines whether to enable password rule checking for the remote password of the responder profile. The valid values are:
|
PasswordRequireUpperAndLower |
Defines whether the remote password of the responder profile must include uppercase and lowercase characters. The valid values are:
|
PasswordMinLength
|
Defines the length of the remote password of the responder profile. The password length can be between 3 - 64 characters. The default value is 8 characters. |
PasswordMinUnique
|
Defines the minimium number of unique characters in the remote password of the responder profile. Valid values are from 0 - PasswordMinLength. The default value is 3 characters. |
PasswordMinNumber
|
Defines the minimum number of numeric characters in the remote password of the responder profile. Valid values are from 0 - PasswordMinLength. The default value is 0. |
PasswordMinLetters
|
Defines the minimum number of letters (A-Z and a-z) in the remote password of the responder profile. Valid values are from 0 - PasswordMinLength. The default value is 3. |
PasswordMinSpecial
|
Defines the minimum number of special characters in the remote password of the responder profile. Valid values are from 0 - PasswordMinLength. The default value is 0. Note: If you are upgrading from a version prior to version 8.0.0 into the same
$CFROOT directory, the password validation parameters are added automatically. |
Parse Commands
# Parse Commands
protect_cctransfer: exec { none|reject|exec }
protect_cfdir: reject { none|reject|exec }
protect_fusutil: reject { none|reject|exec }
protect_receivedir: exec { none|reject|exec }
protect_rcmd: reject { none|reject|exec }
protect_ppa: token { none|token|exec }
protect_cfgpostproc: token { none|token|exec }
rejectcmdcharacters: ;&| { up to 10 characters }
Parameter | Description | ||||||||
---|---|---|---|---|---|---|---|---|---|
protect_cctransfer
|
Defines the processing performed when MFT Command Center initiates a Platform Server Transfer to Platform Server for UNIX. The valid values are:
The default value is |
||||||||
protect_cfdir
|
Defines the processing performed when a The valid values are:
The default value is |
||||||||
protect_cfgpostproc
|
Defines the processing performed when a configured Postprocessing command is executed. The valid values are:
The default value is |
||||||||
protect_fusutil
|
Defines the processing performed when a
The valid values are:
The default value is |
||||||||
protect_ppa
|
Defines the processing performed when a PPA command is executed. The valid values are:
The default value is |
||||||||
protect_rcmd
|
Defines the processing performed when receiving a command other than The valid values are:
The default value is |
||||||||
protect_receivedir
|
Defines the processing performed when executing a The valid values are:
The default value is |
||||||||
rejectcmdcharacters
|
Defines the characters that are validated when The valid values are up to 10 characters. The default value is |