Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Step 1

From the UDMG Admin UI navigation pane, select Rules. The Rules list displays.

Step 2

Click New. The Rule Details displays.

  • In the Rule Name field, enter stonebranch-sftp-01_receive.
  • In the Direction field, select Receive.
  • In the Description field, enter any value, for example "Receive rule for sftp-01".
  • In the Virtual Path Directory field, enter sftp-01-in, this is the virtual path that is shown to the SFTP clients.
  • In the Local Directory field, enter ./data/sftp-01/in.
  • In the Remote Directory field, leave it empty.
  • In the Temp Directory field, enter ./data/sftp-01/tmp.
  • In the Member of Business Service, select one of the available Business Services. More business Services can be added after the rule is created. 

Step 3

Click the Save icon button.

Step 4

The rule is created and appears on the Rules list:


Step 5

The virtual path is now presented to the SFTP client.

Connect to the SFTP server with the user that was created on the previous tutorial: 

Code Block
languagebash
themeConfluence
$ sftp -P 4100 stonebranch-01@0.0.0.0
stonebranch-01@0.0.0.0's password:
Connected to 0.0.0.0.
sftp> ls -hl
drwxrwxrwx    0 65534    65534          0B Jun 20 15:09 sftp-01-in


Step 6

From the UDMG Admin UI navigation pane, select Local Servers. The Server list displays.

Select the stonebranch-sftp-01 server and click on the Rules tab. The green dot on the tab shows that a rule is now assigned to this server.

Image RemovedImage Added

In the Receiving Rules list, there is 1 entry with the rule created above

By default, a rule is implicitly assigned to all servers unless there is an explicit whitelist assignment.

This is indicated with the globe icon and means that the same rule is also assigned to any other servers.
For example, the rule  is also listed as a global receiving rule for the server "server1"

Image RemovedImage Added

This behavior can be disabled with the UDMG Server configuration parameter: ExplicitRuleAssignment.

Step 7

To restrict the use of this rule and this virtual path to only the server stonebranch-sftp-01, you have to assign the rule to that server.

Select the stonebranch-sftp-01 server and click on the Rules tab.

Step 8

Click Pencil icon on the Rules tab - Receiving Rules to display an Edit Rules pop-up that allows you to assign the Receiving Rules to the Local Server.

To assign (or "authorize") a Rule to a Local Server, move the Rule from the Available items window to the Selected items window:

  1. To move a single entry, click it once and then click the > arrow.
  2. To move multiple entries, Ctrl-click them and then click the > arrow.
  3. To move all entries, click the >| arrow.

To unassign (or "revoke") the Rule to a Local Server, move the Rule from the Selected items window to the Available items window:

  1. To move a single entry, click it once and then click the < arrow.
  2. To move multiple entries, Ctrl-click them and then click the < arrow.
  3. To move all entries, click the |< arrow.
  • Proceed to assign the rule stonebranch-sftp-01_receive.
Step 9

The rule is now whitelisted for this server and marked with a card icon:  


The rule does not appear anymore for the other servers.

For instance, it is not listed anymore for the server "server1": 

The rule and this virtual path is only accessible for this local server and for all of its accounts.

It is possible to further restrict a rule to only a specific account of a server by assigning it on the account Rules screen. 

The available virtual paths for a given account are a combination of:

  1. the rules that are authorized for this account,
  2. the rules that are authorized for the local server,
  3. the global rules, that are not assigned to any account, server, or partner.
Step 10

Upload a file on the SFTP server on the virtual path location: 

Code Block
languagebash
$ date > date.txt
$ sftp -P 4100 stonebranch-01@0.0.0.0
stonebranch-01@0.0.0.0's password:
Connected to 0.0.0.0.
sftp> put date.txt  sftp-01-in/date.txt
Uploading date.txt to /sftp-01-in/date.txt             date.txt              100%   29    54.3KB/s   00:00


Step 11

From the UDMG Admin UI navigation pane, select History. The History dashboard displays:

Step 12

Check the file is received on the directory that is set by the rule: /atests/work/data/data/sftp-01/in/date.txt.

Where each part of the path is determined by:

ParameterPath
MFT server Home directory (configuration file)/atests/work
server Root directorydata
rule Receive Directorydata/sftp-01/in

See also Folder Management

...