Cached Passwords
If you are a remote user, you can use cached Windows passwords to specify a password for a particular remote Windows User ID.
Since the passwords are stored in the Windows registry, you can perform MFT Platform Server transfers on Windows without specifying the password. You can easily manage the cached password from the remote end as needed.
The tokens are case-sensitive. For example, x:password (note the lowercase x) is interpreted as the user’s password and not as the token (with the uppercase x) to set the cached password.
X:password
Use the X:password token to set a password on the remote Windows system. As part of a file transfer, put X: in front of your password in the remote password field. The password is your Windows password.
When MFT Platform Server for Windows receives this token, it strips off password and uses it with your user ID to log in to the Windows system. If successful, the password is encrypted and saved to a secure area of the Windows registry. After the password is saved in the registry, a transfer performs.
Given X: without a password
Use the X: token to instruct MFT Platform Server for Windows to look up the password in the registry based on your user ID. If the password is found, it is decrypted and used to log in to the Windows system. The transfer then performs. This token works from any of the remote MFT Platform Server systems.
X:DELETE
Use the X:DELETE token to instruct MFT Platform Server to retrieve the cached password and decrypt it. The password is saved from a prior transaction for your user ID. You can use the password to log in to Windows to conduct a transaction and then delete the cached password from the registry. For any future transactions, you can either specify a password at logon time or use the X:password token to set a cached password on the Windows system.
X:DELETEALL
Use the X:DELETEALL token to instruct MFT Platform Server to retrieve the cached password and decrypt it. The password is saved from a prior transaction for your user ID. You can use the password to log in to Windows to conduct a transaction and then delete all the cached passwords from the registry.
Use the X:password token to set or change a cached password on the Windows system. If your Windows password changes, you must delete the old password and create a new one. Simply use the X:newpassword token again to overwrite the old cached password.
Restrictions
- The service must be running with System Authority.
- Since the X: token is contained within the password field, MFT Platform Server, which normally supports 20-character remote passwords, is limited to 18 characters.
- Passwords that could otherwise contain X:, X:text…, X:DELETE, or X:DELETEALL are accepted as triggers to the feature and not as legitimate Windows passwords.
- Since the passwords are saved in a restricted area of the registry, the uninstall program cannot delete them. You must use the X:DELETEALL token to remove the passwords before using the uninstall program. Otherwise, the \\HKEY_LOCAL_MACHINE\SOFTWARE\TIBCO registry key is not removed.
Cached Password Example
A user with user ID being MARY wants to create a batch transfer to a remote Windows system. However, the user does not want everyone to know the password.
SET HOST=Fusion SET PORT=46464 SET REMOTE_USER_ID=MARY SET REMOTE_PASSWORD=X:pswdmary SET PROCESS_NAME=MFTCMD
ftmscmd /send /file c:\abc.doc d:\abc.doc
SET HOST=Fusion SET PORT=46464 SET REMOTE_USER_ID=MARY SET REMOTE_PASSWORD=X: SET PROCESS_NAME=FTMS
If the password is not yet cached, the following information is displayed.
