FTP - Log On

Declaration

<AMFTPLOGIN SERVER="text" USERNAME="text" PASSWORD="text" 
PORT="number" LOGFILE="text" PASSIVEMODE="yes/no" 
PROXYTYPE="text [options]" PROXYSERVER="text" 
PROXYPORT="text" PROXYUSERNAME="text" 
PROXYPASSWORD="text" SESSION="text">

Description: Starts a transaction with a File Transfer Protocol (FTP) server and creates a session for the current connection. Other FTP related actions can follow this step. This activity allows simultaneous FTP connections using the same username/password.

NOTE: Be sure to end FTP sessions with an FTP - Log Off step.

Practical Usage

Used to connect to an FTP server. Other FTP activities can be used to following this step.

Credentials Parameters

Property	Type	Required	Default	Markup	Description
Provide Credentials					Indicates where this activity's credentials should originate from. Different properties apply depending on the option selected. The available options are: Custom (Default) - Specifies that a custom set of credentials will be entered for this FTP activity. Select this option if performing a single FTP activity. Session Based - Specifies that credentials should derive from a session created in a previous step with the use of the FTP Log On activity. This allows several FTP activities to be linked to a specific session.
Host	Text	Yes	(Empty)	a)SERVER="ftp.netauto.com b)SERVER="123.456.789.012"	The FTP server to connect to. This can be an IP address (e.g., xxx.xxx.xxx.xxx) or a server and domain name (e.g., server.domain.com). This property is active only if Custom is selected under the Provide Credentials property.
Username	Text	Yes	(Empty)	USERNAME="ClarkKent"	The username that should be used when logging on to the FTP Server. The Username should be pre-configured at the server level. This property is active only if Custom is selected under the Provide Credentials property.
Password	Text	Yes	(Empty)	PASSWORD="password"	The password that should be used when logging on to the FTP Server. When the step is created using the Task Builder it is written to the task encrypted. This property is active only if Custom is selected under the Provide Credentials property.
Use Anonymous Logon	Yes/No	No	No	ANONYMOUSLOGIN="YES"	If set to YES, the FTP server should be logged onto as an "Anonymous" user. The server must be configured to accept Anonymous connections. If set to YES, the Username/Password parameters are ignored. The default value is NO. This property is active only if Custom is selected under the Provide Credentials property.
Session	Text	Yes	FTPSession	SESSION="FTPSession2"	The session name that this activity should originate from. This allows several FTP activities to be linked to a specific session. Numerous sessions can be used within a single task. This property is active only if Session Based is selected under the Provide Credentials property.

Advanced Parameters

Property	Type	Required	Default	Markup	Description
Connection type	Options	Yes	FTP (Standard FTP)	TYPE="standard" TYPE="ftps_implicit" TYPE="ftps_explicit" TYPE="sftp" TYPE="sftp_public_key""	The type of FTP connection that should be used. The available options are: FTP (Standard FTP): Connect using standard FTP . FTP with SSL (Implicit): Connect using FTPS (also known as FTP Secure or FTP-SSL). This connection type adds support for the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) cryptographic protocols. In Implicit mode, a client immediately sends the FTPS server a TLS/SSL "ClientHello" message. If such a message is not received by the FTPS server, the connection is dropped. FTP with SSL (Explicit): Connect using FTPS (also known as FTP Secure or FTP-SSL). This connection type adds support for the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) cryptographic protocols. In Explicit mode, a client must "explicitly request" security from a FTPS server and then use a mutually agreed encryption method. SFTP (Password): Connect using SFTP (also known as Secure FTP). SFTP uses SSH (Secure Shell) protocol to transfer files. Unlike standard FTP, it encrypts both commands and data, preventing sensitive information from being transmitted in the clear over the network. In Password mode, a password is used to authenticate the SFTP connection. SFTP (Public Key File): Connect using SFTP (also known as Secure FTP). SFTP uses SSH (Secure Shell) protocol to transfer files. Unlike standard FTP, it encrypts both commands and data, preventing sensitive information from being transmitted in the clear over the network. For more details, see Public/Private Key Encryption below.
Port	Text	Yes	210	PORT="1000"	The port that should be used to connect to the FTP server. Most standard FTP servers operate on port 21 (the default port specified) however, this parameter can be customized in case the FTP server operates on other ports. NOTE: Other default ports may be assigned depending on the server connection type selected.
FTP log file	Text	No	(Empty)	LOGFILE="c:\temp\error.log"	The location of a detailed FTP log file. This log file contains the exact text of the FTP session which can be useful in diagnosing particular errors or elusive problems.
Overwrite existing log file	Yes/No	No	Yes	OVERWRITELOG="NO"	If set to YES, specifies that the log file should be overwritten if the same file already exists. The default value is YES.
Timeout	Number	Yes	30 Seconds	TIMEOUT="60"	Indicates a connection time out to customize how long will wait before aborting a connection attempt. If connection is not established within the time out value specified, it is automatically aborted. The default value is 30 seconds.
Upload buffer size	Number	Yes	65536 Bytes	UPLOADBUFFERSIZE="54443"	The upload buffer size value for files being uploaded. In some cases changing the upload buffer size can make a difference; particularly in transfers over high loss, high speed connections where latency plays an important role. The default value is 65536 bytes, which is the maximum buffer size. Note: Setting the Upload Buffer Size value too high for slow connections might cause time-outs and the transfer speed calculation becomes inaccurate.
Passive mode (For Firewalls)	Yes/No	No	No	PASSIVEMODE="YES"	Determines how an FTP data connection is made. If set to YES, issues the PASV command and the server tells where to establish the data connection. initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. If set to NO, the PORT method is used. listens for a data connection which is established by the server and the PORT command tells the server where to connect to. then connects to the server where the server indicated. This method is sometimes used with some proxy configurations. However, some proxy configurations require PORT transfers and some FTP servers do not support PASV transfers. This option is available only if the FTP (Standard FTP), FTP with SSL (Implicit) or FTP with SSL (Explicit) option is selected from the Server Connection Type parameter.
Encrypt data channel	Yes/No	No	No	ENCRYPTDATACHANNEL="YES"	If set to YES, specifies that all data channel communication between the client and server are to be encrypted. The default value is NO. This parameter is available only if the FTP with SSL (Implicit) or FTP with SSL (Explicit) option is selected from the Server Connection Type parameter. It may NOT be advantageous to use data channel encryption when performing transfers under the following scenarios: Files being transferred are of a non-sensitive nature, making encryption unnecessary. Files being transferred are already encrypted at the file level, making encryption redundant.
Ignore invalid server certificates	Yes/No	No	No	IGNOREINVALIDCERTIFICATE="YES"	If set to YES, specifies that this action will ignore invalid certificates when connecting to an FTP server using SSL. The default value is NO. This option is available only if the FTP with SSL (Implicit) or FTP with SSL (Explicit) option is selected from the Server Connection Type parameter.
Clear Command Channel	Yes/No	No	No	CLEARCOMMANDCHANNEL="YES"	If YES, this option enables support for the Clear Command Channel (CCC) functionality. The CCC command can be issued by a remote FTPS client and will cause FTP client to fall out of secure mode and back in to unsecure mode. This option is useful for clients who only need to secure the authentication portion of the session. Once the USER/PASS has completed, some clients will use CCC to return to unsecure mode, which is faster. The default value is NO. This option is available only if the FTP with SSL (Implicit) or FTP with SSL (Explicit) option is selected from the Server Connection Type parameter.
Enable Tumbleweed compatibility mode	Yes/No	No	No	TUMBLEWEEDSERVER="YES"	If set to YES, allows compatibility with Tumbleweed Secure Content Delivery.
Client Certificate Source	Options	No	No Certificate	CERTIFICATESOURCE="none" CERTIFICATESOURCE="store" CERTIFICATESOURCE="file" CERTIFICATESOURCE="auto"	FTP over SSL allows sessions to be encrypted between an FTP client and server. This property is used to select the source of the certificate. A certificate is a digitally-signed statement that binds the value of a public key to the identity of the person, device, or service that holds the corresponding private key. One of the main benefits of certificates is that hosts no longer have to maintain a set of passwords for individual subjects who need to be authenticated as a prerequisite to access. Instead, the host merely establishes trust in a certificate issuer. This parameter is available only if the FTP with SSL (Implicit) or FTP with SSL (Explicit) option is selected from the Server Connection Type parameter. The available options are: No Certificate (Default) Certificate Store - Allows selection of a certificate using the Window's trusted certificate store for certificate approval. File(s) - Allows selection of a certificate file. Automatically select certificate - will select the best suitable certificate from the user store that matches the FTP server request.
Certificate Issuer	Text	No	(Empty)	CERTIFICATEISSUERID="Name"	Specifies information regarding the certification authority that issued the certificate. This parameter is available only when Certificate Store option is selected from the Client Certificate Source parameter.
Certificate Serial Number	Number	No	(Empty)	CERTIFICATESERIAL= "c7 f5 fa f8 6d ab 77 87 43 4a 11 43 f1 cd 3c 0f"	Specifies the unique serial number that the issuing certification authority assigns to the certificate. The serial number is unique for all certificates issued by a given certification authority. This parameter is available only when Certificate Store option is selected from the Client Certificate Source parameter.
Certificate File	Text	No	(Empty)	CERTIFICATE= "C:\Temp\Certificate_Location"	Specifies the path and filename of the certificate file. This parameter is available only when the File(s) option is selected from the Client Certificate Source parameter.
Passphrase	Text	No	(Empty)	PASSPHRASE="passphrase"	Specifies the pass phrase used to authenticate connection. A pass phrase is a password that comprises a whole phrase. This parameter is available only when the File(s) option is selected from the Client Certificate Source parameter.
Certificate private key	Text	No	(Empty)	CERTIFICATEPRIVATEKEY= "C:\Temp\Private_Key"	Specifies the path and filename of the Private key file. This parameter is available only when the File(s) option is selected from the Client Certificate Source parameter.

Proxy Parameters

Property	Type	Required	Default	Markup	Description
Proxy Type	Text (options)	No	None	PROXYTYPE="defaut" PROXYTYPE="none" PROXYTYPE="socks4" PROXYTYPE="socks4a" PROXYTYPE="socks5" PROXYTYPE="http" PROXYTYPE="ftpsite" PROXYTYPE="ftpuser" PROXYTYPE="ftpopen"	Specifies proxy protocol that should be used. If you are unsure of the value to use in this parameter, contact your network administrator. The available options are: System Default - The settings specified in the Task Administrator preferences are used. None (Default) - Instructs the activity not to use a proxy server regardless of the system default. Socks 4: Instructs the activity to go through a Socks 4 compliant server. Socks 4a: Instructs the activity to go through a Socks 4a compliant server. Socks 5: Instructs the activity to go through a Socks 5 compliant server. HTTP - Instructs the activity to go through a HTTP compliant server. FTPSite - Instructs the activity to go through an FTP Site compliant server. FTPUser - Instructs the activity to go through an FTP User compliant server. FTPOpen - Instructs the activity to go through an FTP Open compliant server.
Proxy Host	Text	No	(Empty)	PROXYSERVER="proxy.host.com"	The host name (e.g., server.domain.com) or IP address e.g., (xxx.xxx.xxx.xxx) of the proxy server.
Proxy Port	Text	Yes	21	PORT="1000"	The port that should be used to connect to the FTP server. Most standard FTP servers operate on port 21 (the default port specified) however, this parameter can be customized in case the FTP server operates on other ports. Note that other default ports may be assigned depending on the server connection type selected.
Proxy Username	Text	No	(Empty)	PROXYUSERNAME="username"	The username that should be used to authenticate when connecting through the proxy server. This option is only valid when Socks 5 is specified in the Proxy type as it is the only version that supports authentication.
Proxy Password	text	No	(Empty)	PROXYPASSWORD="encrypted"	The password that should be used to authenticate when connecting through the proxy server. When the step is created using the Task Builder it is written to the task encrypted. This option is only valid when Socks 5 is specified in the Proxy type as it is the only version that supports authentication.

Description tab - A custom description can be provided on the Description tab to convey additional information or share special notes about a task step.

Error Causes tab - Specify how this step should behave upon the occurrence of an error. (Refer to Task Builder > Error Causes Tab for details.)

On Error tab - Specify what AWE should do if this step encounters an error as defined on the Error Causes tab. (Refer to Task Builder > On Error Tab for details.)

Public/Private Key Encryption

In public/private key encryption, different keys are used to encrypt and decrypt information. The first key is a private key (a key that is known only to its owner), while the second key (called the public key) can be made known and available to other entities on the network. The two keys are different but complementary in function. For example, a user’s public key can be published in a certificate in a directory so that it is accessible to other people in the organization. The sender of a message can retrieve the user’s certificate from Active Directory, obtain the public key from the certificate, and then encrypt the message by using the recipient's public key. Information that is encrypted with the public key can be decrypted only by using the corresponding private key of the set, which remains with its owner, the recipient of the message.

When you authenticate with a public/private key pair using the SFTP (Public) connection type, you have a private key on your computer, a key that only you have access to (this is crucial). The server to which you are connecting has a copy of your public key. This key is safe for anyone to have. When you logon using your key pair, the server sends a challenge, encrypted with your public key (to which it has access to, since you uploaded it to the appropriate place in your home directory). The only key that will unencrypt the challenge is your private key. Your SSH/SCP/SFTP program does this, and the server then knows you are who you claim to be.

Examples

The sample AML code below can be copied and pasted directly into the Steps panel of the Task Builder.

Sample 1: This task will log onto an FTP site, download a single file and log off.

<AMFTP ACTIVITY="logon" SERVER="YourFTPHost" USERNAME="YourUsername" 
PASSWORD="AM1MoyAfpKHilpraHBIX6ei1E/2ZhM5egRHalje6g6YThM=aME" />
<AMFTP SOURCE="/home/ftp/filename.txt" DEST="C:\Temp\*.*" />
<AMFTP ACTIVITY="logoff" />

Sample 2: This sample task demonstrates the activities used to download files from one FTP server to another. The first two steps logs onto two separate FTP hosts and creates a unique session name for each connection. The third step performs the file transfer from one server to another. The last two steps are used to log off each FTP server. In order for this task to work in your environment, please make the appropriate modifications in the properties of each activity.

<AMFTP ACTIVITY="logon" SESSION="Server1Session" 
SERVER="ftp.server1.com" USERNAME="theuser" 
PASSWORD="AM2WknKdIcXr7JaSdh0lRfctA==aME" />
<AMFTP ACTIVITY="logon" SESSION="Server2Session" 
SERVER="ftp.server2.com" USERNAME="theuser" 
PASSWORD="AM2WknKdIcXr7JaSdh0lRfctA==aME" />
<AMFTP ACTIVITY="fxp" SOURCE="/Server1/myFolder/*.*" 
DEST="/Server2/myFolder/*.*" SUBFOLDERS="YES" 
KEEPFOLDERSTRUCT="YES" OVERWRITE="YES" RESULTDATASET="theDataset" 
SESSION="Server1Session" DESTINATIONSESSION="Server2Session" />
<AMFTP ACTIVITY="logoff" SESSION="Server1Session" />
<AMFTP ACTIVITY="logoff" SESSION="Server2Session" />

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
v10 | 202212080228 | December 2022