SolarWinds

Serv-U File Server

Evaluation Guide

Version: 15.1.5

Last updated: 2/13/2017

Copyright © 2017 SolarWinds Worldwide, LLC. All rights reserved worldwide.

No part of this document may be reproduced by any means nor modified,

decompiled, disassembled, published or distributed, in whole or in part, or translated
to any electronic medium or other means without the written consent of SolarWinds.
All right, title, and interest in and to the software and documentation are and shall
remain the exclusive property of SolarWinds and its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS OR OTHER TERMS, EXPRESS

OR IMPLIED, STATUTORY OR OTHERWISE, ON SOFTWARE AND DOCUMENTATION
FURNISHED HEREUNDER INCLUDING WITHOUT LIMITATION THE WARRANTIES OF
DESIGN, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, AND
NONINFRINGEMENT. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS
LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR
ANY OTHER LEGAL THEORY EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.

The SOLARWINDS and SOLARWINDS & Design marks are the exclusive property of
SolarWinds Worldwide, LLC and its affiliates, are registered with the U.S. Patent and
Trademark Office, and may be registered or pending registration in other countries.
All other SolarWinds trademarks, service marks, and logos may be common law
marks, registered or pending registration in the United States or in other countries.
All other trademarks mentioned herein are used for identification purposes only and
may be or are trademarks or registered trademarks of their respective companies.

2
Table of Contents

Introduction to the Serv-U File Server 5

Get started 8

System requirements 8

Hardware requirements 8

Operating system and software requirements 9

Client requirements 10

Server concepts 10

Quick start guide 12

Install Serv-U File Server 12

Upgrade Serv-U 16

Create domains 16

Create user accounts 23

Notes 27

Serv-U Management Console navigation 28

Management Console layout 28

Launch the Web Client 28

Serv-U quick tour 29

File Sharing 29

Configuring File Sharing 29

File Sharing console 29

View All 30

Using File Sharing 31

Receiving files from a guest 31

3
Serv-U Web Client 32

Logging in to the Web Client 32

Using the Web Client 33

Uploading files 33

Downloading files 34

Renaming files 34

Deleting files 34

Common Administrator Tasks 34

How do I point Serv-U to my existing email server to send notifications? 34

How do I configure Serv-U so that all my existing end users on Active

Directory can start sharing files immediately? 36

How do I apply an SSL certificate so that all transfers use HTTPS? 37

I want to make sure nothing is kept on the server longer than X days 38

I want to make File Sharing the only interface my end users see 40

I want to point Serv-U to an existing Windows share so I don't have to keep

file shares on the local hard drive 41

Serv-U Gateway 42

Firewall Guide 42

4
Introduction to the Serv-U File Server
Serv-U File Server is a multi-protocol file server capable of sending and receiving files
from other networked computers through various means. Administrators create
accounts for users that allow access to specific files and folders on the server's hard
drive or any other available network resource. These access permissions define
where and how the users can access the available resources. Serv-U's multi-protocol
support means that users can employ whatever access method is available to them
when connecting to your server. In addition, Serv-U supports both IPv4 and IPv6 for
next-generation networks. Serv-U File Server supports the following protocols:

l FTP (File Transfer Protocol)

l HTTP (Hyper Text Transfer Protocol)
l FTPS (FTP over SSL)
l HTTPS (HTTP over SSL)*
l SFTP using SSH2 (File Transfer over Secure Shell)*

In addition to Serv-U's support for a large collection of the most popular FTP clients,
you can use your favorite web browser or SSH client to connect and transfer files to
and from Serv-U. Server administrators looking to provide a full-featured FTP client to
users who may not have an FTP client license of their own can even license FTP
Voyager JV. FTP Voyager JV is a Java-enabled FTP client delivered to the user after
logging in to their Serv-U account.

The following graphic shows a high level overview of a Serv-U deployment.

5
Introduction to the Serv-U File Server

Using the Serv-U File Server, you can perform the following actions:

l Access files from anywhere.

l Share files with friends, family, and clients.
l Provide employees in the field with a central location to send and receive data
files.
l Use full group support that streamlines user creation and maintenance.
l View images in thumbnails and slide shows, generated on-the-fly to minimize
bandwidth usage.
l Administer the server through a custom-built web interface.
l Chat with FTP clients and view session logs in real time.
l Customize FTP command responses.

6
 Introduction to the Serv-U File Server

l Create custom limits and rules at a granular level to control resource usage on
the server.
l Connect securely using SSL/TLS or SSH2.
l Use third party digital certificates to guarantee the identity of the server to
clients.
l Host multiple domains on the same IP address and port.
l Use multiple sources of authentication on the same domain (local user
database, NT/SAM, ODBC).
l Automatically build the tables necessary for ODBC authentication.

You can test Serv-U MFT Server in a non-production environment for a limited period
of time. After the evaluation period expires, a commercial license or maintenance
renewal provides you with free software updates and technical support through
email, phone, or both, depending on your edition, for the duration of the associated
maintenance plan.

* - Requires Serv-U MFT Server

7
Get started
System requirements
Hardware requirements
The hardware requirements are modest, but Serv-U can take advantage of multi-core
processors and multiple processor architectures.

HARDWARE MINIMUM REQUIREMENT

CPU 1 GHz+

RAM 256 MB+

Network 10/100 Mbps NIC

Hard drive space 30 MB

Video 128 MB Video RAM

The following table lists the requirements in the case of modest traffic: up to 500
configured users and 25 simultaneous transfers.

HARDWARE MINIMUM REQUIREMENT FOR MODEST TRAFFIC

CPU 2 GHz+ multi-core

RAM 2 GB+

Network 10/100/1000 Mbps NIC

Hard drive space 120 GB

Video 128 MB Video RAM

The following table lists the requirements in the case of high traffic: up to 10,000
configured users and 250 simultaneous transfers.

8
Get started

HARDWARE MINIMUM REQUIREMENT FOR HIGH TRAFFIC

CPU Multiple 3.2 GHz+ multi-core

RAM 4 GB+

Network 10/100/1000 Mbps NIC

Hard drive space 120 GB

Video 128 MB Video RAM

Operating system and software requirements

OPERATING SYSTEM OR
REQUIREMENT
SOFTWARE

l Windows Server 2012

l Windows Server 2012 RC2
Microsoft Windows
l Windows Server 2008, 2008 SP2, 2008 R2, and 2008
R2 SP1 - 64 bit versions only

l Red Hat Enterprise Linux (RHEL) v.7.2

(Recommended)
l Fedora 24
Linux
l Ubuntu 16.04
l CentOS 7.2
l OpenSUSE 42.1

l MS SQL 2014
Database server l MS SQL 2012, 2012 SP1
(optional) l MySQL 5.7
l PostgreSQL: 9.5

l Active Directory - same as Windows Server support

LDAP server (optional) l Open Directory 4
l OpenLDAP 2.4

9
 Client requirements

Client requirements
The default web browser on many mobile devices can be used to transfer files, work
with files and folders, or run the web-based Management Console of Serv-U.

DEVICE SUPPORTED FUNCTIONALITY

Apple iPhone 5+ Download, manage, and preview files.

Download, manage, preview files, and run the

Apple iPad 2
Management Console.

Google Android 4.0 (Ice Cream

Upload, download, manage, and preview files.
Sandwich)

The following major browsers are supported with the basic web client, for file
management and for web administration purposes:

l Microsoft Internet Explorer 11

l Mozilla Firefox: latest version
l Safari 6+
l Google Chrome: latest version

Java Runtime Environment (JRE) 7 and 8 are supported for Web Client Pro and FTP
Voyager JV.

Notes:

l To be able to use Web Client Pro and FTP Voyager JV, Java must be installed and
enabled in the browser.
l Web Client Pro does not work on Linux in Google Chrome version later than 35
due to an incompatibility between Chrome and the Java browser plug-in.
l Apple users must have at least Mac OS X 10.6 installed.

Server concepts
Serv-U File Server makes use of several concepts that help you understand how to
configure and administer your file server as a single, hierarchical unit. Serv-U File
Server contains four related levels of configuration: the server, the domain, the
group, and the user. Only the group level is optional. The other levels are mandatory
parts of the file server.

10
Get started

Server

The server is the basic unit of Serv-U File Server and the highest level of
configuration available. The server represents the file server as a whole and
governs the behavior of all domains, groups, and users. Serv-U File Server
contains a set of default options that can be overridden on a per-setting basis.
The server is at the top level of the hierarchy of configuring Serv-U. Domains,
groups, and users inherit their default settings from the server. Inherited
settings can be overridden at each of these lower levels. However, some
settings are exclusive to the server, such as the PASV port range.

Domain

A server can contain one or more domains. A domain is the interface through
which users connect to the file server and access a specific user account. The
settings of a domain are inherited from the server. A domain also defines the
collection of settings that all of its groups and user accounts inherit. If a server
setting is overridden at the domain level, all the groups and user accounts that
belong to the domain inherit the domain value as their default value.

Group

The group is an optional level of configuration that can make it easier to

manage related user accounts that share many of the same settings. By using a
group, you can make changes that propagate to more than one user account
instead of having to manually configure each user account separately. A group
inherits all of its default settings from the domain it belongs to. A group
defines the collection of settings inherited by all users who are members of the
group. Virtually every user level setting can be configured at the group level, or
can be overridden at the user level.

User

The user is at the bottom of the hierarchy. It can inherit its default settings
from multiple groups (if it is a member of more than one group) or from its
parent domain (if it is not a member of a group, or the group does not define a
default setting). A user account identifies a physical connection to the file
server and defines the access rights and limitations of that connection. Settings
overridden at the user level cannot be overridden elsewhere and are always
applied to connections authenticated with that user account.

11
 Quick start guide

User collection

Contrary to groups, a user collection does not offer any level of configuration to
the user accounts they contain. Instead, a user collection offers a way to
organize users into containers for easy viewing and administration. For
example, collections can be created to organize user accounts based on group
membership. User collections must be maintained manually when user
accounts change group membership.

Quick start guide

Install Serv-U File Server
Serv-U licenses are now available in the Customer Portal. Any license purchased or
renewed after July 27, 2016 will be available in the Customer Portal on the License
Management tab. Refer to Serv-U licenses now available in Customer Portal for steps
to access this information.

12
Get started

If you are installing Serv-U for the first time, follow the instructions on the installation
screens to choose the installation directory and to configure desktop shortcuts for
quickly accessing the server.

1. Run the installation file from the download folder, and follow the prompts.
2. Select the language of the installation.

3. Review the introductory screen and the license agreement.

13
 Install Serv-U File Server

4. Select the installation destination.

5. Select the location of the Start Menu folder.

14
Get started

6. Select additional tasks.

7. Click Install.

15
 Upgrade Serv-U

Upgrade Serv-U
Before upgrading, create a backup of the original installation folder, your database,
and your configuration data.

OPERATING SYSTEM LOCATION OF CONFIGURATION FILES

Windows Vista

Windows 7
C:\ProgramData\RhinoSoft\Serv-U
Windows 8
The location is hidden by default.
Windows Server 2008

Windows Server 2012

Windows XP
C:\Program Files\RhinoSoft\Serv-U
Windows Server 2003

Linux /usr/local/Serv-U

If you experience issues with the Serv-U Management Console after upgrading,
clear your browser cache.

Create domains
When the Serv-U Management Console finishes loading, you are prompted to create
a new domain if no domains exist.

Serv-U domains are collections of users and groups that share common settings,
such as transfer rate limitations, service listeners, and directory access rules. In most
cases, all of your users and settings will exist in the same domain, and there is no
need to create separate domains.

Having users sharing the same domain does not mean that all users have
access to the same files. Each user in Serv-U has unique permissions to the
directories you define, and does not have access to any files or folders unless
you explicitly grant them access.

Click Yes to start the domain creation wizard. You can run this wizard any time by
clicking + (New Domain) at the top of the Serv-U Management Console.

16
Get started

1. Click + (New Domain).

2. Type a unique name and an optional description for the new domain.

The domain name is not visible to any of its users, and it does not affect
the way the domain is accessed. The name makes the identification and
management of the domain easier for administrators. The name must
be unique.

3. To make the domain temporarily unavailable to users while you are configuring
it, clear the Enable domain check box, and click Next.

17
 Create domains

4. Select File Transfer Domain, File Sharing Domain, or both, and click Next.

l If you are setting up a File Transfer Domain only, perform the following
steps:
a. On the Protocols page, select the protocols and port numbers the
domain should use to provide access to its users, and click Next.

18
Get started

The standard file sharing protocol is FTP, which operates on

the default port 21. However, you can change any of the
available ports to a custom value. To run the server on a
non-default port, SolarWinds recommends you use a port
above 1024.

b. On the IP Listeners page, specify the IP address that is used to

connect to this domain, and click Next.

If you do not specify an address, Serv-U uses any available IP

address on the computer.

19
 Create domains

c. On the Encryption page, select the encryption mode to use when

storing passwords on the domain.

d. To enable users to recover their passwords, select the appropriate

option.
e. Click Finish to create the domain.

20
Get started

l If you are setting up a File Sharing Domain only, perform the following
steps:
a. On the File Sharing page, specify the domain URL, the file sharing
repository, and whether to use a secure URL.

b. Click Configure SMTP to set up an SMTP server, which is necessary

for sending email notifications and for events that use email
actions.
c. Click Next.

21
 Create domains

d. On the IP Listeners page, specify the IP address that is used to

connect to this domain.

If you do not specify an address, Serv-U uses any available IP

address on the computer.

e. Click Finish to create the domain.

22
Get started

l If you are setting up a File Transer and File Sharing Domain, perform the
following steps:
a. On the File Sharing page, specify the domain URL, the file sharing
repository, and whether you want to use a secure URL.
b. Click Configure SMTP to set up an SMTP server, which is necessary
for sending email notifications and for events that use email
actions.
c. Click Next.
d. On the Protocols page, select the protocols and port numbers the
domain should use to provide access to its users, and click Next.

The standard file sharing protocol is FTP, which operates on

the default port 21. However, you can change any of the
available ports to a custom value. To run the server on a
non-default port, SolarWinds recommends you use a port
above 1024.

e. On the IP Listeners screen, specify the IP address that is used to

connect to this domain, and click Next.

If you do not specify an address, Serv-U uses any available IP

address on the computer.

f. On the Encryption screen, select the encryption mode to use when

storing passwords on the domain.
g. To enable users to recover their passwords, select the appropriate
option.
h. Click Finish to create the domain.

Create user accounts

After your first domain is created, you are taken to the user's page of the Serv-U
Management Console. Click Yes to start the User Wizard and create a new user
account.

You can run this wizard at any time by navigating to the Users menu under Global or
Domain, and then clicking Wizard on the Users page.

23
 Create user accounts

First, provide a login ID for the account. The login ID must be unique for the domain.
Other domains on your server can have an account with the same login ID.

To create an anonymous account, specify anonymous or ftp as the login ID.

24
Get started

You can also specify a name and email address for the user account. The email
address is used by Serv-U to send email notifications and recovered passwords to the
user account. Click Next to continue.

After specifying a unique login ID, you must also specify a password for the account.
You can leave this field blank, but that allows anyone who knows the login ID to
access your domain. Click Next to continue.

25
 Create user accounts

The third step is to specify a home directory for the account. The home directory is
the location on the hard drive of the server, or on an accessible network resource
that the user account is placed in after a successful login. It is the location you want
the user account to use when sending and receiving files on the server. Type the
location or click Browse to select a location on the hard drive. If users are locked in
their home directory, they cannot access files or folders above the directory structure
of their home directory. Additionally, the actual location of their home directory is
masked and displayed as "/". Click Next to proceed to the last step.

The last step is to grant access rights to the user account. Access rights are granted
on a per-directory basis. However, access rights can be inherited by all subdirectories
contained in an accessible directory. The default access is Read Only, which means
that the user can list files and folders in their home directory and can download
them. However, they cannot upload files, create new directories, delete files or
folders, or rename files or folders. If Full Access is selected, the user can do all of
these things. After the user is created, you can configure the access rights in more
detail by editing the user, and selecting the Directory Access page.

After selecting the directory access rights, click Finish to create the user account.

26
Get started

Serv-U File Server is now accessible and ready for sharing. You can create more
accounts just like this one to share with friends, family, or colleagues. Each user can
have a different home directory. This way you can share different files with different
people.

Notes

l End users who do not have home folders cannot log in to Serv-U. Full
permissions make it easy to test all functions from your FTP client or browser.
You may want to enforce stricter permissions after testing.
l When you connect from your browser to the HTTPS interface of Serv-U on port
443, you may be warned about an invalid certificate. This is normal when you
connect to a server using a temporary certificate. You can ignore the certificate
error and continue. Production deployments typically use a commercial web
certificate from a trusted certificate authority.
l Secure file sharing must be enabled on Serv-U before you can try it. Select the
option under Domain Limits & Sittings > File Sharing to enable it.
l When you connect from your browser to the HTTPS interface of Serv-U on port
443, or to the FTPS interface of Serv-U on ports 21 or 990 for the first time, you
may be asked to trust the SSH fingerprint of the remote server. This is expected
behavior when connecting to any SFTP or SSH server.
l You must configure an SMTP server to test email notifications.

27
 Serv-U Management Console navigation

l You can set a default client or disable unused clients before allowing users to
access the system. There are four options when users first log in: Web Client,
Web Client Pro, File Sharing, and FTP Voyager JV.

Serv-U Management Console navigation

The Serv-U Management Console is designed to provide quick and easy access to the
configuration options of the file server in a familiar way. When viewing a
configuration page, you can return to the main Management Console page at any
time by clicking the Serv-U File Server logo in the top-left corner.

Management Console layout

The Management Console is presented with an accordion list on the left and the
global dashboard on the right. The accordion menu contains the name of the server
on top, and then the list of configured domains. The global dashboard contains the
session statistics, the server log, information about the active sessions, and it also
provides direct access to the thwack community.

Click the name of the server or a domain to expand the list of configuration options
available for the server or for the particular domain, and then select one of the
options.

Domain administrators only have access to configuring settings and options for their
particular domain, and do not have access to the server-level categories that are
displayed to system administrators.

To return to the global dashboard, click the Serv-U Management Console icon in the
top-left corner.

When opening a category from the Management Console, all related sub-category
pages are displayed in tabs on the same page. This allows for quick navigation
between related configuration options.

Launch the Web Client

While configuring Serv-U File Server, an HTTP session can be launched by clicking
Serv-U Products > Web Client on the top toolbar. If licensed for use, the Web Client is
available and runs in the browser. If licensed for use, FTP Voyager JV can also be
launched by clicking Serv-U Products > FTP Voyager JV.

To use FTP Voyager JV, you must install the Java Runtime Environment.

28
Serv-U quick tour
File Sharing
Serv-U Server allows IT departments to provide secure file transfer and file sharing
services with an easy-to-use interface. File sharing allows users to send or receive
files from guests.

Configuring File Sharing

File sharing is disabled by default. To enable your domain users to send or receive
files from guests, complete the following steps.

1. Navigate to Server Limits and Settings > File Sharing.

2. Type the address for the Domain URL.
3. Type the location of the File Sharing Repository.
4. Select the number of days until the shares expire.
5. Select whether you want to use the inherited default email invitation subject, or
customize your own. If the option is deselected, you can type in a custom email
invitation subject.
6. Select whether you want to use the inherited default email notification
message, or customize your own. If the option is deselected, you can type in a
custom message.
7. Select Enable File Sharing.
8. If it is not configured yet, configure your SMTP to be able to send and receive
notification emails. For instructions, click here.
9. Click Save.

File Sharing console

The File Sharing user interface allows you to view, manage, and edit all incoming and
outgoing file sharing requests. This dashboard is where all File Sharing requests are
initiated. Clicking Home in the left corner will always bring you back to this
dashboard.

29
Serv-U quick tour

View All
The dashboard also allows you to see a summary of all the files sent or requested.

Click View All Requested or View All Sent to display an overview of files sent/received,
dates, recipients and when they expire.

To remove a file from the list, click Delete.

30
 Using File Sharing

Using File Sharing

The File Sharing feature allows your domain users to send or receive files from
guests. The following steps detail how to use the feature.

To send files:

1. Enter a subject title.

2. Enter any additional comments.
3. Enter your contact information.
4. Enter the guest user's email address.
5. Set an expiration date for when the link to download files will expire.
6. To be notified when files have been downloaded, select the appropriate option.
7. Select the appropriate options to automatically send a download link in the
email, and to require a password to access Serv-U.
8. Click Next.
9. Click Browse.
a. Click Local Files to browse for files stored on your computer.
b. Click Remote Files to browse for files that already exist within your Serv-U
user space.
Note: The files you share this way are virtually linked. If you modify the file, the
latest version will be available for guests to download. If you rename or delete
the file, it will not be available for guests to download. Guest users are notified
when attempting to download or delete a virtually linked file whose name or
location changed since the creation of the file share.
10. Click Upload.

Note: You can upload up to 20 files in one file share. The file size you can upload
depends on the browser you use.

Receiving files from a guest

The Request Files Wizard allows you to receive a file from someone by sending a link
to a page, where she or he can easily upload to it.

The user will receive a link, via email, that grants them access to upload files. For
added security, there are options to set the page link expiration and add file
constraints and restrictions.

31
Serv-U quick tour

To send a file sharing request:

1. Enter a subject title.

2. Enter any additional comments.
3. Enter your contact information.
4. Enter the guest user's email address.
5. Set an expiration date for when the link to upload files will expire. 90 days is
the maximum time for link availability.
6. You can be notified when files have been uploaded, as well as send a download
link in the email, set file size limits, and require a password to access Serv-U.
7. Optional steps include: Copying the URL into an email, or having an email
automatically sent from your mail client.

Serv-U Web Client

The Web Client interface allows users to log into the file server and access all of their
files online without needing to use an external FTP client.

The Web Client interface is presented as a standard web page containing a list of the
files and directories available from the current remote path, and links that perform
various file transfer related actions. All functionality of the Web Client is available
from this single page to keep interactions quick and easy to perform. The Web Client
can be accessed from mobile devices and is optimized for use in a variety of display
resolutions.

Logging in to the Web Client

To log into the Web Client, Serv-U must first be configured to listen for HTTP/HTTPS
requests. Once configured, enter the IP address or the domain name assigned to
Serv-U into a browser window and you will be presented with a login screen. Your
normal FTP user name and password will be accepted here.

Once logged in, users will be able to view all the files and folders they can normally
see, and will be able to perform any action that they could through FTP, including
uploading, downloading, and to drag/drop files, play media, or render slideshows and
thumbnails of images.

The Web Client has an interface as seen below:

32
 Using the Web Client

Using the Web Client

The majority of the Web Client's view is dedicated towards displaying the contents of
the current directory being browsed on the server. This directory listing shows all the
files and folders contained in the current directory. Depending on the access rights
granted to your user account by the administrator, various actions can be performed
on the files and folders in this listing.

Uploading files
If your user account has permission to upload new files, you can upload a single file
at a time to the server using this button. Click Upload to open a new window from
which you can browse your system for the file you want to upload. Once you have
selected the appropriate file, click Upload to begin the transfer.

When the upload has started, a progress dialog is displayed that is regularly updated
with live information, including the current transfer rate, how much data has been
sent, how much data remains to be sent, and the estimated time until completion of
the transfer. While a file is being uploaded, no other action can be taken including
changing the current directory or transferring another file. The upload can be
terminated at any time by clicking Cancel. Canceled file transfers cannot be resumed
and must be started over.

After the upload has completed, the progress dialog disappears and the directory
listing is refreshed to show the new file.

33
Serv-U quick tour

Downloading files
To begin a file download, select the file you want to download, and then click
Download. This option is also available by right-clicking on the file you want to
download. The browser prompts you for a location on your system to save the file.
Some browsers may also offer the option to open the file instead of saving it to a
permanent location. While a file is being downloaded, the Web Client is free to
perform other actions.

Renaming files
To rename a file, select the file you want to rename in the directory listing, and then
click this option available under More Actions. This option is also available by right-
clicking on the file you want to rename. The current name is displayed in a new
dialog. Change this name to the new name, and then click OK. If your user account
does not have the ability to rename files or there is a conflict with the new file name,
an error message is displayed.

Deleting files

A file can be deleted by selecting the file from the listing, and then clicking Delete.
This option is also available by right-clicking on the file you want to delete. If your
user account does not have the ability to delete files, an error message is displayed.

Files are permanently deleted on the server. This action cannot be undone.

Common Administrator Tasks

The following section covers some common issues that administrators may
encounter. Select from the FAQs below.

How do I point Serv-U to my existing email server to send notifications?

SMTP can be configured on the server and/or the domain level. SMTP configuration
at the domain level may be inherited from the server level. The SMTP configuration
dialog is located on the Domain Details and Server Details pages. Under the Events
tab, click Configure SMTP.

Provide the following information:

34
 How do I point Serv-U to my existing email server to send notifications?

l SMTP Server: The name or IP address of the SMTP server

l SMTP Server Port: The port the SMTP server is using
l From Email Address: The email address to use for the outgoing email
l From Name (optional): The name to use for the outgoing email
l My server requires authentication: To enable authentication select this option
l This server requires a secure connection (SSL): Some SMTP servers require that
all incoming connections be encrypted to protect against possible attacks. If
your server requires incoming SMTP connections to be encrypted, enable this
option. The default port for encrypted SMTP connections is 465. Serv-U
supports Implicit SSL only, and does not support Explicit SSL (port 587)

If your SMTP server requires authentication, provide the following information:

l Account Name: The account name associated with authentication for the SMTP
server.
l Password: The password for the account.

35
Serv-U quick tour

How do I configure Serv-U so that all my existing end users on Active

Directory can start sharing files immediately?
Serv-U MFT Server Edition includes support for authentication against Windows
Active Directory as well as Windows users in the local Security Accounts Manager
(SAM).

Windows Authentication prerequisites

Before proceeding with Active Directory configuration in Serv-U, ensure the following
requirements have been fulfilled:

l Serv-U must be installed on a member server of the target Active Directory

Domain.
l Serv-U must not be firewalled from the Domain Controller, or located in a DMZ.
l If user Home Directories are located on a network location like a Distributed File
Service (DFS) share, a NAS, or other network device, the Serv-U File Server
service in the Windows Services menu should run under a network
administrative account.

To enable Windows Authentication:

1. Open the Serv-U Management Console.

2. Click Users > Windows Authentication.
3. Enable Windows Authentication by selecting Enable Windows authentication.
4. Enter the name of your Windows domain (the Fully Qualified Domain Name),
and then click Save.
5. Click Configure Windows User Group to configure your Windows users.

36
 How do I apply an SSL certificate so that all transfers use HTTPS?

Note: By default, when users log in to Serv-U, they are logged into their Home Folder
as defined in Active Directory and have all applicable NTFS permissions applied to
their FTP account. This way, no permissions or settings are required in Serv-U.

Further permissions can be manually configured and overridden in the Windows

User Group configuration page. For further information see this article.

How do I apply an SSL certificate so that all transfers use HTTPS?

Setting up Serv-U to allow for SSL-encrypted connections is very easy. Serv-U
supports self-signed certificates created directly, or third party certificates from
Certificate Authorities such as Verisign, Thawte, Geotrust and RapidSSL. Using SSL,
Serv-U supports FTPS (FTP secured over SSL) in Serv-U FTP Server and Serv-U MFT
Server, and HTTPS (HTTP secured over SSL) in Serv-U MFT Server only.

Configuring Serv-U for FTPS and HTTPS

Navigate to Domain Details > Listeners, and ensure that an FTPS or HTTPS listener is
entered. If it is not, click Add and add the appropriate listener.

1. Navigate to Limits & Settings > Encryption.

2. Specify the details requested in the SSL Certificate menu.
3. The Certificate Path is the path to your .crt certificate file.
4. The Private Key Path is the path to your .key private key file.
5. The Password is the password you selected to protect your private key.

37
Serv-U quick tour

6. If you have Serv-U MFT Server the CA (Certificate Authority) Certificate Path
allows you to specify a .pem file for the Intermediate Certificate if required by
your CA.

7. Click Save, and make sure your FTPS and/or HTTPS listener(s) are configured.
Note: If you have received a signed certificate from a verified certificate
authority, instead of creating a certificate you can specify the .crt certificate file
path and the .key private key file path by using the Browse buttons on this
page.

If your FTP Client can connect with a regular session, but not with SSL
enabled then we recommend checking if there is any NAT enabled
device between the FTP Client and Serv-U. The NAT translation is not
able to understand the encrypted data being sent between the client
and server and thus corrupts the data connection. Currently the only
workaround is to disable the NAT functionality or move Serv-U or the FTP
Client in front of the NAT enabled device.

I want to make sure nothing is kept on the server longer than X days
In the Management Console under Server Limits and Settings > File Sharing you can
define how many days to keep files on the server.

38
 I want to make sure nothing is kept on the server longer than X days

You can also leverage the Automated File Management feature. This feature enables
you to automatically remove or archive files from the file server which you received
through traditional file transfer protocols. These rules can be configured at the
server and domain level, and they apply recursively to all files within the folder for
which they are configured, and not only to those that have been uploaded through
Serv-U. Serv-U regularly and individually checks all the files in the directory for their
age, and executes the specified action on the files that meet the age criteria you
specify.

To define a new file management rule:

1. Navigate to Directories > File Management, and then click Add.

39
Serv-U quick tour

2. Type the path to the file or folder in the Directory Path field, or click Browse to
navigate to the file or folder.
3. Select the action you want to perform on the file:
a. If you want to delete the file after it expires, select Delete file(s) after
specified time.
b. If you want to move the file after it expires, select Move file(s) after
specified time, and then specify the folder where you want to move the
file in the Destination Directory Path field.
4. Specify the number of days after the file creation date when the action should
be executed.
5. Click Save.

I want to make File Sharing the only interface my end users see
To disable the interfaces you do not want your users to access, perform the following
steps:

1. Select Limits & Settings in the Serv-U Management Console.

2. Select HTTP from the Limit Type list.
3. Click Add.
4. Select Allow users to use Web Client from the Limit list, and then deselect the
option.

5. Click Save.

Repeat these steps for each interface you want to disable.

40
 I want to point Serv-U to an existing Windows share so I don't have to keep file shares

I want to point Serv-U to an existing Windows share so I don't have to keep

file shares on the local hard drive
By default, both the Serv-U services run as the built-in "LocalSystem" Windows
account. Running as LocalSystem is normal for an installed service, but running as
LocalSystem usually prevents the related service from accessing network shares.

The following instructions describe how to switch these services from LocalSystem to
another Windows user so Serv-U can access remote shares when required.

l Clustered "web farm" deployments of Serv-U, in which multiple Serv-U nodes

access the same remote share, typically require these instructions.
l Any Serv-U deployment that accesses remote Windows shares, NAS, SAMBA
shares, or mapped drives requires these instructions.
l FTP Voyager installations that use the FTP Voyager Scheduler service to access
remote shares require these instructions. However, if FTP Voyager will only be
used to access remote shares through its "side by side" interactive mode, these
instructions are not required.

How to modify the "Run As" service account (recommended)

The best option is to configure Serv-U/FTP Voyager Scheduler to run under a user
account that has network privileges to the UNC path. In an Active Directory
environment, this user may be a member of the Domain Admins group. In a Windows
Workgroup, this will be a user who exists on both the local machine and the remote
network resource, with the same user name and password on both machines.

To change the user account under which a service runs, follow the steps below:

1. Navigate to the Control Panel > Administrative Tools > Services menu.
2. Right click either the Serv-U File Server or FTP Voyager Scheduler, and then
select Properties.
3. Open the Log on tab.
4. Select This account.
5. Browse to the correct user account in your domain. In Windows Active
Directory, the user account will be in the form of
[email protected], and in a workgroup this will be in the form of
SERVERNAME\username.
6. When the correct user is displayed, click OK to save the settings.

41
Serv-U quick tour

7. If running in a workgroup, again ensure that the same account exists remotely
on the network server.
8. Restart the service by right clicking on it in the Services window, and then
selecting Restart.

If you encounter an error when starting the service, most likely you are encountering
a user account issue, which will need to be diagnosed within the properties of the
Serv-U File Server / FTP Voyager Scheduler service. The best way to avoid this is to use
the Check Name option to make sure that your entry is correct.

Note: Windows System Services cannot recognize mapped network drives by letter.
Any network location specified must be placed in UNC format (\\server\share).

Serv-U Gateway
Serv-U Gateway is an optional reverse-proxy component that safely terminates file
transfer connections in the DMZ to avoid inbound connections or storing data in the
DMZ. For more information see the Serv-U Gateway page and the Distributed
Architecture Guide.

Firewall Guide
Serv-U configuration supports FTP, FTPS, (SSL/TLS), SFTP (SSH), HTTP and HTTPS
connection from the internet directly into Serv-U. For more information see the Serv-
U Firewall Guide.

42