Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > File Transfer

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 08-02-2005, 04:50 PM
pmosin pmosin is offline
Registered User
 
Join Date: Aug 2005
Posts: 8
Scripting SFTP Root and alias creation

Is there a way to script the creation and deletion of SFTP roots in VShell, as well as User/Group assignments? Can you provide examples?

Thanks,
Pete
Reply With Quote
  #2  
Old 08-02-2005, 06:34 PM
jdev's Avatar
jdev jdev is offline
VanDyke Technical Support
 
Join Date: Nov 2003
Location: Albuquerque, NM
Posts: 1,099
> Is there a way to script the creation and deletion of SFTP
> roots in VShell, as well as User/Group assignments? Can
> you provide examples?

VShell stores SFTP root and Access control information in the registry in a binary format that is not easily modified outside of making changes in the VShell control panel.

Several options are currently under consideration for the next major release of VShell, including a command line tool for making changes to the VShell configuration and an import/export mechanism for specifying a VShell configuration.

It looks like in your situation a command line modification tool would fit better, but I couldn't say for sure not knowing more about your intended use.

Can you provide more details about how you would be using VShell and the need to script SFTP root creation/deletion?

If you would feel more comfortable continuing this conversation via e-mail, just send a note to me via support@vandyke.com with a subject of "VanDyke Software Forums: ATTN Jake: Thread 942" or something similar.

--Jake
__________________
Jake Devenport
VanDyke Software
Technical Support
YouTube Channel: https://www.youtube.com/vandykesoftware
Email: support@vandyke.com
Web: https://www.vandyke.com/support
Reply With Quote
  #3  
Old 08-02-2005, 06:40 PM
kelli.burki's Avatar
kelli.burki kelli.burki is offline
Registered User
 
Join Date: Jan 2004
Location: VanDyke Software
Posts: 33
Please, tell me more...

Quote:
Originally Posted by pmosin
Is there a way to script the creation and deletion of SFTP roots in VShell, as well as User/Group assignments? Can you provide examples?
Thanks for the inquiry. Currently there is not a way to script the creation/deletion of SFTP roots or User/Group assignments, but it is something I'm interested in exploring with you (and anyone else who has this need). It fits well with the kind of things I'm hoping to add to an upcoming release.

Often when I'm preparing specifications for new features it helps get a bigger picture to know more about the business processes or scenarios that would drive the creation/deletion of the SFTP roots or user/group assignments. So some of the things that help are: what drives the process, how often and how many times is this script used.

Might you be running this manually or is your desire to automate this process -- perhaps automating from another automated business process or not?

Would it be safe to assume that the script or program would be run from the same machine that you're running VShell is running on, or not?

I'd love to hear your thoughts on any syntax suggestions if you have them too.

Thanks,
kelli
Reply With Quote
  #4  
Old 08-08-2005, 07:26 PM
pmosin pmosin is offline
Registered User
 
Join Date: Aug 2005
Posts: 8
Jake and Kelli,
Thanks for your replies.

My reason for command-line control of the scripting is to enable us to use a different naming convention than %USER% to control creation of SFTP site roots. Our user names do not necessarily tie into our SFTP roots, and thus we need more granular control.

For example, Microsoft FTP provides the capability to create web sites and virtual FTP directories from the command line using VBScripts that they provide (or that you can write yourself). Further, you can edit the IIS metabase directly (in IIS 6, at least) if you want, as its stored in an XML file. I would like to see a similar level of control available from VShell.

In our case, we run a process every 3-4 months or so to create and/or delete web site spaces (including user account provisioning). Ultimately we'd like to automate our system to the point when a new employee is hired, that once their record becomes available in Human Resources, we can use programming/scripting to create an SFTP account automatically. Likewise when an employee leaves we would be automatically able to remove their SFTP folder. In this case such a script might be run on a daily or weekly basis.

Hope this clarifies,
Pete
Reply With Quote
  #5  
Old 06-16-2006, 11:04 AM
jjh jjh is offline
VanDyke Customer Support
 
Join Date: Feb 2004
Posts: 815
A feature has been added to VShell that will allow you to
configure SFTP roots from a command prompt or by using a
file called vshellconfig. The following is from the VShell
Help and it describes how you can use vshellconfig to
configure vshell remotely from the command line:

Quote:
VShellConfig is a command-line application that allows
interactive and scripted operations such as listing files
and adding and deleting access controls and SFTP roots for
Microsoft Windows.

Options

The general format for VShellConfig command-line options is
as follows:

vshellconfig [options]

When run with no argument, the above command will take you
into a vshellconfig> prompt from which you can run one
command at a time. It will return 0 on success and greater
than 0 upon any failures.


Command
Description

/config <config>
Edits the given server configuration found in the following
registry:

\HKEY_LOCAL_MACHINE\SOFTWARE\VanDyke\VShell\<config>

Without this parameter the default configuration is edited.

If the <config> doesn't exist on startup and no save command
is executed, no new registry hive will be created.

/c <command file>
Runs the commands in <command file> and then exits (without
needing an exit command). The changes will not be saved
unless the "save" command is at the end of the file -
without the save command the file is essentially just
tested for errors. The results can be redirected to a file
for later use (such as scripts to recreate configurations).


Interactive Commands

The commands in this section can be used interactively on
the command line or in scripts.

General Commands

The following defines the general commands for
VShellConfig.



Command
Description

help
Displays the command summary.

save
Saves any changes. When running from a command file, saving
is NOT done automatically. Not typing save allows the user
to test a set of commands before committing them. Error if
they can't save for some reason. If multiple users editing
with VShellConfig and the Control Panel, last save wins.

exit
Exits interactive mode. When running from a command file,
exit is not necessary because an exit will occur when the
file ends. If there are unsaved changes a warning will be
displayed, type "exit" again to exit without saving.


ACL Commands

This set of commands allows a user to list, add, or remove
entries in the Access Control List (ACL) from the command
line of a machine on which a VShell server is running (thus
allowing a user to remotely configure access controls on a
server that they have shell access to as well).

The general format for ACL commands is as follows:

acl <command> [arguments]

The access modes are as follows: all, login, exec,
portforward [pf], remoteforward [rf], sftp, shell.



Command
Argument
Description

acl list

Lists the existing ACLs.

Example:

> acl list

MyComputer\jdoe deny portforward remoteforward

Everyone allow login shell sftp portforward exec

MyComputer\jdoe allow login shell

>

acl add
<user> [allow <access>] [deny <access>]
Adds an entire ACL entry for a given user or can modify
access for an existing userís access control entry. An
"allow" or "deny" argument is required on the command line,
but not both. Multiple allows or denys are allowed on the
command line. The allow and deny lists can be separated by
a comma (,) or a space ( ).

Examples:

> acl add jdoe allow login shell

> acl jdoe@nm deny sftp allow login allow shell deny pf

> acl MyComputer\jdoe deny sftp

acl remove


[<user> [allow <access>] [deny <access>]]
Removes an entire ACL entry for a given user, or can be
used to modify access for an existing userís access control
entry.

acl remove - Removes all ACLs.

acl remove <user> - Removes the entire access control
entry for the specified user.

acl remove <user> allow <access> - Removes the given
access for the specified user.

acl remove <user> deny <access> - Removes the given deny
for the specified user.

Examples:

> acl remove jdoe allow shell

> acl remove jdoe@nm


SFTP Root Commands

This set of commands allows a user to list, add, or remove
specific SFTP roots and access to the roots defined on a
VShell server. The commands may be run from a machine on
which a VShell server is running (thus allowing a user to
remotely configure SFTP roots on a server that they have
shell access to as well).

The general format for SFTP commands is as follows:

sftp <command> [<alias>] [arguments]

"<Unrestricted>" is a special alias for the unrestricted
access and will have special behavior for the remove
command.



Command
Argument
Description

sftp list
[<alias>]
Lists either the SFTP roots or the user access to a
specific SFTP root. If the SFTP root path has a space in
it, the path will be quoted
(for example, "c:\Program Files").

sftp list - Lists all the SFTP roots

sftp list <alias> - Lists the user access to the given
SFTP root in the following format "allow|deny <alias>
<user>".

Examples:

> sftp list

<Unrestricted> *

MyTemp c:\temp

MyJunk c:\temp

> sftp list <Unrestricted>

deny <Unrestricted> MyComputer\jdoe

allow <Unrestricted> Everyone

> sftp list MyTemp

allow MyTemp MyComputer\jdoe

>

sftp add


<alias> <path>
Adds a new SFTP root. The <path> can include environment
variables like the control panel. A path with a space in it
needs to be quoted.

Examples:

> sftp add MyTemp c:\temp

> sftp add MyTemp2 "c:\Program Files"

sftp remove


[<alias> [<user>]]
Removes SFTP roots or users from the root.

sftp remove - Removes all SFTP roots except for
<Unrestricted>. <Unrestricted> will have all <user>
entries removed.

sftp remove <alias> - Removes given SFTP <alias>.

sftp remove <alias> <user> - Removes <user> from given
SFTP <alias>.

sftp remove <Unrestricted> - <Unrestricted> will have
all <user> entries removed.

Examples:

> sftp remove MyTemp jdoe

> sftp remove MyTemp MyComputer\jdoe

> sftp remove MyTemp jdoe@MyComputer

> sftp remove MyTemp

> sftp remove

sftp allow


<alias> <user>
Adds a <user> to access a given root.

Examples:

> sftp allow <Unrestricted> jdoe

> sftp allow MyTemp jdoe

> sftp allow MyTemp MyComputer\jdoe

> sftp allow MyTemp jdoe@MyComputer

sftp deny


<alias> <user>
Denies a <user> to access a given root.

Examples:

> sftp deny <Unrestricted> jdoe

> sftp deny MyTemp jdoe

> sftp deny MyTemp MyComputer\jdoe

> sftp deny MyTemp jdoe@MyComputer
If you have questions about using vshellconfig, please
contact the VanDyke Software technical support staff at
support@vandyke.com.

Thank you

JJH
Reply With Quote
  #6  
Old 03-07-2007, 05:43 PM
miked's Avatar
miked miked is offline
Registered User
 
Join Date: Feb 2004
Posts: 2,039
We are now offering a pre-release version of VShell for Windows which provides the command-line ability to export and import VShell configuration information to or from an XML file.

If you are interested in trying a pre-release of VShell which provides the new vshellconfig functionality, or finding out more information, please send me a message and reference forum thread 942.
__________________
Mike
VanDyke Software
Technical Support
[http://www.vandyke.com/support]
Reply With Quote
  #7  
Old 03-08-2007, 12:35 PM
toloughlin's Avatar
toloughlin toloughlin is offline
Senior Member
 
Join Date: Feb 2004
Location: Nashua, NH
Posts: 378
Is there going to be a command-line config modification tool added to the Linux version?

If so, could it include the ability to add/modify sftpvirtualdirs?

Strange, how it was added to the Windows one ... where Linux is more command line oriented
__________________
----------------------------------------------
Tom O'Loughlin
Reply With Quote
  #8  
Old 03-08-2007, 05:53 PM
miked's Avatar
miked miked is offline
Registered User
 
Join Date: Feb 2004
Posts: 2,039
The reason it was added to Windows first is because the VShell configuration is saved in the registry, and some of the values are saved in a binary format which is very difficult to modify. By contrast, vshelld_config keeps the configuration in a plain text file and is comparatively easy to modify.

I've added your forum post to a feature request for vshellconfig on Linux and Unix platforms, and we'll post here if this is added in the future. For e-mail notification, please send a message to us through the feature request form and refer to forum thread 942.
__________________
Mike
VanDyke Software
Technical Support
[http://www.vandyke.com/support]

Last edited by miked; 03-08-2007 at 06:11 PM.
Reply With Quote
  #9  
Old 03-08-2007, 09:09 PM
toloughlin's Avatar
toloughlin toloughlin is offline
Senior Member
 
Join Date: Feb 2004
Location: Nashua, NH
Posts: 378
Quote:
Originally Posted by miked
The reason it was added to Windows first is because the VShell configuration is saved in the registry, and some of the values are saved in a binary format which is very difficult to modify ...
Makes sense to me!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 06:01 AM.