THE INFORMATION IN THIS ARTICLE APPLIES TO:

• CuteFTP, v9.x

SYMPTOM

Upon upgrading, the following error is presented:

The program can't start because api-ms-win-crt-stdio-l1-1.0.dll is missing from your computer.

WORKAROUND

This error indicates that the C++ redistributable is not installed. This is not a problem that is unique to CuteFTP.

The problem is that the KB2999226 (Universal CRT), which is part of the Visual C++ Redistributable, failed to install. The Universal CRT fails to install if the necessary prerequisites (other updates) have not been installed yet.

1. Install Windows Updates:
1. Right-click the Start icon, then click Settings.
2. In Windows Settings, click Update & Security.
3. Check for updates and install all available updates.
4. After the updates are installed, restart your computer.
2. After the restart repeat the steps above again until no more updates are available.
3. Download the Visual C++ Redistributable:

• For Windows 64-bit: Visual C++ Redistributable for Visual Studio 2017 (64-bit)
• For Windows 32-bit: Visual C++ Redistributable for Visual Studio 2017 (32-bit)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT v7.4.x and later

DISCUSSION

The European Commission established the GDPR to ensure that companies follow a set of security and privacy standards that help safeguard the fundamental rights and interests of “data subjects.” Failure to comply with the standard may result in significant fines for organizations based in the EU or with an EU presence. 

Globalscape has examined the scope of GDPR as it relates to on-premises software, self-managed in a public or private cloud, and cloud SaaS offerings, in addition to internal personal data processing and collection. Globalscape’s managed file transfer product offerings, EFT and EFT Arcus, provide the security, auditing, and governance features to help achieve and maintain a GDPR-ready posture.

GDPR’s scope as it pertains to Globalscape’s managed file transfer (MFT) software, EFT, whether it is deployed on-premises, self-managed in a public or private cloud, or in a SaaS-based capacity (EFT Arcus) is as follows:

• Receiver: EFT can receive files, which may contain personal data.
• Storage: EFT can optionally store files on a local or network attached disk upon receipt.
• Sender: EFT can further process received or stored files by transferring them to internal or external applications, systems, or servers, including to non-member states or organizations that may not adhere to GDPR standards.
• Configuration: EFT can optionally store certain personal data associated with authorized login accounts
• Posture: EFT can be deployed by customers on premises or in a SaaS configuration on computer systems or networks that may reside in the EU. 

Please refer to the attached whitepaper for more detailed information about how EFT and EFT Arcus address each of the GDPR articles.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT versions prior to 7.4.x

SYMPTOM

Script error appears when opening help file.

WORKAROUND

A Google Analytics script was causing issues in some browsers; the script has since been removed. This error should not occur in updated versions of EFT.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT v7.4.7 and later

DISCUSSION

The procedure below describes using EFT Enterprise Cloud Object Storage Copy/Move or Download actions with Google Cloud Storage.

1. Set up Google Cloud Storage project to support interoperability:
1. Login to your Google Cloud Storage account.
2. Click Storage > Settings.
3. Click the Interoperability tab.
4. Click Make <project name> my default project, then click "Create new key.

2. Configure EFT to use AWS S3-compatible connection:
1. Create a Connection Profile or define a connection within any Copy/Move or Download to Cloud Object Storage Action.
2. In the Cloud provider list, click Amazon S3 (compatible).
3. In Endpoint URL, specify the REST API endpoint: https://storage.googleapis.com.
4. In Bucket name, specify the bucket name that you created in your Google Cloud Storage project, then select Path.
5. Specify the Access Key and Secret Key as shown in the Google Cloud Storage console for interoperable storage access keys.
6. Click Apply.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Arcus

DISCUSSION

This article describes how to enable Azure Active Directory Single Sign-on with EFT Arcus and the Web Transfer Client

Prerequisites

• Azure Active Directory (AAD) Premium
• EFT Arcus Site Administrator privileges
• A WTC user in EFT Arcus
• AAD user matching the WTC user in EFT Arcus

Create a new Azure AD SSO application

1. Log into the Azure Portal with a Global Administrator account.
2. Open Azure Active Directory (Figure1) and create a new Enterprise Application.
3. Click Non-gallery application and give the application a display name.
4. Click SAML-based Sign-on on the drop-down list.

You should see a screen like Figure 2:

• Don’t forget to add users to your enterprise application in Azure AD!

Keep this browser open and log into EFT Arcus.

Enable SAML in EFT Arcus

1. Select the EFT Arcus Site on which you will configure SAML.
2. In the General box, under the Advanced Authentication Options, click SAML (webSSO).
3. Click Configure.

The Web SSO SAML configuration dialog box appears.

Configure SAML settings

At the end of these steps you can view an image of the value mapping.

1. In the EFT Arcus Web SSO SAML Configuration dialog box, copy the EntityID value.
2. Copy the value to Azure AD – Identifier (Entity ID).
3. Copy the Reserved Path value to Azure AD – Reply URL.
4. Prepend the value in the Reply URL text box with your unique domain and protocol. In this example, we were issued the domain arc001.arcusapp.globalscape.com. So, our reply URL would look like: https://arc001.arcusapp.globalscape.com/sp/samlv2/sso
5.  In Azure AD, select the User Attributes you’d like to authenticate. In the example provided, we’re using an email address.
6. Download the SAML Signing Certificate using the Certificate (RAW) link
7. (Optional) – Configure an email address to be notified when the certificate is due to expire
8. In Azure, click Configure.
9. In Azure, copy the URL for SAML Single Sign-On Service URL
10. In EFT Arcus, paste this value in the Identity Provider text area in the POST URL text box.
11. In Azure, copy the URL for SAML Entity ID.
12. In EFT Arcus, paste this value in the Identity Provider text area in the Entity ID text box.
13. Upload the public key to EFT Arcus. (At the time of this writing, this can only be done by creating a support ticket as EFT Arcus customers only have Site Admin privileges.)
14. In EFT Arcus, in the Identity Provider text area, fill in the path to the public certificate uploaded in step 14.
15. In EFT Arcus, under the username text area, click Attribute.
16. In the Attribute text box, enter the attribute you’re expecting from Azure AD. We configured this setting in step 6.
17. Note that Azure AD is using full schema URLs as their attribute names. In our example using an email address would look like this: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
18. Click OK and allow the EFT Arcus site to restart.

At this point, you should be able to navigate to your Web Transfer Client. Do not enter any credentials; click SSO sign on.

Don’t forget to add users to your enterprise application in Azure AD!

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• All products, all versions

QUESTION

Why does the help file or website page not displaying correctly in my browser?

ANSWER

Every browser—and browser version—has different code for how to display pages. While Globalscape tests each of our product and website releases on the latest browser versions, browser manufacturers also continue to update their products to keep ahead of the latest security issues. (For this reason alone, you should always update your browser when prompted to do so.)

Sometimes a browser update will change the way the browser works after we release our software, causing our web-based pages to not display correctly.

Other times, web pages are not displaying correctly because the browser is configured by default to cache (store) web pages from previous times that you've viewed it. They do that so the page will display faster; however, you might not see an updated page, but the older page that is stored on your hard drive.

When you are not seeing web pages correctly, try the following tips to correct the problem. If that doesn't work, let Globalscape Support know about the issue so that we can correct it.

1. Open the web page in a different browser. That is, if you normally use Internet Explorer, open that same page in Google Chrome.
2. Navigate to the browser’s home page (click the house icon), clear the cache, close and reopen the browser, then open the page again. If that doesn't work:

In Mozilla Firefox, click Tools > Options > Privacy & Security. Under History, click Clear History.

In Microsoft Internet Explorer, click Tools > Delete browsing history. In the dialog box that appears, ensure the check box for Temporary Internet files and website files and for History are selected, then click Delete. (Clear the check box for Passwords and Cookies if you want to keep those.) To find the version number, click Help > About Internet Explorer. To prevent saving pages in the future, click Tools > Internet Options, then under Security, select the Empty Temporary Internet Files folder when browser is closed, and then click OK.

In Google Chrome, press CTRL+H, then click Clear browsing data. In the dialog box that appears, select the items that you want to clear, and the click Clear Data. Ensure that the Browsing history and Cached images and files check boxes are selected.

3. Update your browser.

To update Firefox, click General, and scroll down to Firefox Updates. There you can see which version you are using and whether an update is available. If you click to "Automatically install updates" then you will always be on the latest--and most secure--version.

Chrome is updated automatically, but you can verify this and see the version number by clicking the 3 dots icon > Help > About Google Chrome.

In Internet Explorer and Microsoft Edge, click Start > Settings > Update & security > Windows Update, and then click Check for updates.

4. After you've cleared the browser cache and updated the browser, close the browser and reopen it, and then to go to the page that was not displaying properly.

   If it is still a problem, please let us know.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT™ version 7 and later

QUESTION

How can I use SSL/TLS termination at F5 Load Balancer?

ANSWER

For the Load Balancer to be used as a termination point for SSL, the following needs to be implemented. This procedure allows the Load Balancer to be in charge of the encryption for an SSL connection instead of EFT. This allows for the customer to have multiple SSL applications use a central repository for certificates. EFT will just make an HTTP connection to the DMZ and the DMZ will make an HTTP connection to the Load Balancer. The Load Balancer will then make an HTTPS connection to the remote connecting party.

Overview of problem:

1. Client makes request to F5 as "HTTPS://<address>"
2. F5 acts as a reverse proxy and converts the HTTPS request to HTTP.
3. F5 sends this request to the DMZ Gateway as HTTP.
4. This request is shuttled through DMZ to EFT as HTTP.
5. Since a partial address was used, EFT responds with "302 Moved temporarily" and sends the full address of http://<ip address>/EFTClient/Account/Login.htm. It sends http because the connection to the Proxy>EFT was over HTTP, so it assumes http is the correct protocol to send in the response for the redirect.
6. Connection is sent back to F5 over HTTP.
7. F5 receives server response and attempts to reroute back to source/client.
8. Client receives the address http://<ip address>/EFTClient/Account/Login.htm and tries to connect to it. This is invalid. The F5 does not accept HTTP requests.

What needs to happen:

1. F5 receives server response and proxies the connection back to the X-Original-Protocol: HTTPS.
2. Client receives the address https://<ip address>/EFTClient/Account/Login.htm and successfully connects.

Resolution:

1. Create a certificate to use on F5 for SSL offloading, if not already done.
2. Ensure that the HTTPS virtual server SSL Profile (Client) property is configured to use the certificate.
3. Change the default pool for the HTTPS virtual server to point to the HTTP pool.
4. Create an iRule (as shown below) to add the appropriate header and add it to the HTTPS virtual server.

Here is the iRule:

when HTTP_REQUEST {

HTTP::header insert "X-ORIGINAL-PROTOCOL" "https";

}

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT™ v7.1 and later

QUESTION

How does Insight see a Stop action when determining success/failure of an Event Rule?

ANSWER

Insight treats a Stop action as a succeeded Event Rule action, but the action that triggered the Stop will be failed.

Insight looks at all of the actions in an Event Rules to see if any actions have failed. If you have a Stop action, the Stop action will succeed, but the action that triggers the stop will be failed, and thus the Event Rule will be failed. So if there is any failed action in an Event Rule, that Event Rule will be interpreted as failed. (Like an AND condition, instead of an OR.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT v7.4.7 and later

DISCUSSION

The attached document provides an overview of logging available in EFT.

For more information, refer to the EFT online help section about logging.

• EFT Enterprise v 7.4.5.3 and later
• EFT Enterprise v7.3.9.3 and later (in the 7.3 line)

DISCUSSION

When the following registry setting is true, then users will always be enabled for an EFT AD Site. EFT user list will always show the user as enabled, if if disabled in AD. If the user is disabled in Active Directory that user cannot login. If the user is Enabled in Active Directory the user can log in. (EFT respects the user access privilege from Active Directory.)

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.3\

Type: BOOL

Value name: ADUsersAlwaysEnabled

Default Value: false

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

DISCUSSION

Setting this to true will make the Cloud Download Action replace incorrect characters with underscore (instead of URL-encoded string)

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.4\

Type: BOOL

Value name: CloudDownloadActionSanitizePathWithUnderscores

Default Value: false

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

DISCUSSION

Defer checking if a connection is allowed until the IP address is known from the receipt of X-Forwarded headers. (Use behind AWS Load Balancer)

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.4\

Type: BOOL

Value name: DeferAllowedConnectionsCheckForXForwardedHTTPHeaders

Default Value: false

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

SYMPTOM

Performance times accessing EFT are too long (around 30 seconds) when accessing via FileZilla.

WORKAROUND

Performance time can be improved when ignoring folder encryption status.

Set the following registry key to true.

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.3\

Type: BOOL

Value name: IgnoreFolderEncryptionStatus

Default Value: false

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

DISCUSSION

Specify maximum number active CAPTCHAs.

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.4\

Type: DWORD

Value name: MaxCaptchaInstances

Default Value: 100

Minimum Value: 0

Maximum Value: 4294967295

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

DISCUSSION

Specify maximum number of Cloud Monitor executor threads per EFT Site.

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 7.4\

Type: DWORD

Value name: MaxCloudMonitorExecutorsPerSite

Default Value: 16

Minimum Value: 1

Maximum Value: 128

Cached: yes

Backup/Restore: yes

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT Enterprise v 7.4.6 and later

DISCUSSION

Override number of DMZ Gateway connection retry attempts before next address resolving.

HKEY_LOCAL_MACHINE\Software\WOW6432Node\GlobalSCAPE Inc.\EFT Server 4.0\EFTClient

Type: DWORD

Value name: gw_retryattempts

Default Value: 10

Minimum Value: 0

Maximum Value: 4294967295

Cached: no

Backup/Restore: no

(There is no 32-bit version because there is no 32-bit OS supported.)

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• CuteFTP, Windows version 9.x and later

SYMPTOM

The program can't start because a DLL is missing from your computer.

WORKAROUND

The problem is that the Visual C++ Redistributable failed to install.

The fix is to go to https://support.microsoft.com/en-us/help/2999226/update-for-universal-c-runtime-in-windows to download and install the file specific to your operating system, or install/update Windows 10, which installs the necessary DLL.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT, v7.4.7 and later

SYMPTOM

Advanced Workflow Engine (AWE) Task Builder unable to launch

WORKAROUND

Close and reopen the administration interface with the EFT "Server admin" account, or rename/delete the automatedworkflow.xml file. This file is created by default in the C:\Program Files (x86)\Globalscape\EFT Server Enterprise\AWE\bin folder.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• All products

QUESTION

Do your knowledgebase and help articles use tracking cookies?

ANSWER

A "cookie" is a small text file that is stored on computers, tablets, mobile phones and any device used to browse the Internet, capable of storing navigation information for statistical or functional purposes. Some cookies may be used to recognize the user viewing a particular website, make navigation easier, and customize the content. Because we respect your right to privacy, you can choose not to allow some types of cookies. For further details, please see our Privacy Policy. .

The cookies your browser uses differ between Globalscape’s knowledgebase/help articles and other sub-domains and websites. The knowledgebase and help articles use browser cookies only to save your search history so that you can quickly and easily go back to a previous page you've found. No personal information is transmitted to third parties.

Browsers have cookies enabled by default, because some websites can't function properly without them. It is always a best practice to clean up your data not only for privacy, but also to clear up that space on your hard drive where cookies and browsing history are saved. If you want to change your cookie settings, including disabling or clearing cookies, follow the procedure below for the browser you're using. (You can also change your cookies preferences in our Cookies Preference Center.)

Before you clear the cache (browser history), click the Home icon and close all of the other tabs. 

• In Mozilla Firefox, click Tools > Options > Privacy & Security. Under History, click Clear History.
• In Microsoft Internet Explorer, click Tools > Delete browsing history. In the dialog box that appears, ensure the check box for Temporary Internet files and website files and for History are selected, then click Delete. To prevent saving pages in the future, click Tools > Internet Options, then under Security, select the Empty Temporary Internet Files folder when browser is closed, and then click OK.
• In Microsoft Edge, click Settings > Clear browsing data. In the dialog box that appears, ensure the check boxes for data you want to clear are selected, then click Clear. To prevent saving data in the future, turn on Always clear this when closing the browser. Here, you can also clear Bing search history and your data in the cloud.
• In Google Chrome, press CTRL+H, then click Clear browsing data. In the dialog box that appears, select the items that you want to clear, and then click Clear Data. Ensure that the Browsing history and Cached images and files check boxes are selected. 

For further information about cookies, visit www.allaboutcookies.org.

THE INFORMATION IN THIS ARTICLE APPLIES TO:

• EFT v7 and later

QUESTION

Can I turn on logging for specific event rules?

ANSWER

Yes. As explained in the logging.cfg file, you can enable logging for a specific event rule:

Refer to the help topic "EFT.log File" in your version of EFT help for details of editing the logging.cfg file.