Cyberarkd

Cyber-Ark Software
One-Click Transfer
User Guide
The Cyber-Ark Vault

Version 4.5
All rights reserved. This document contains information and ideas, which are
proprietary to Cyber-Ark Software. No part of this publication may be reproduced,
stored in a retrieval system, or transmitted, in any form or by any means, electronic,
mechanical, photocopying, recording, scanning, or otherwise, without the prior written
permission of Cyber-Ark Software.
OCT004-5-0-1
Copyright 2008 by Cyber-Ark Software.
The Cyber-Ark Vault
Table of Contents
Introduction............................................................................................5
Requirements........................................................................................................ 6
Authentication........................................................................................................ 6
Before Using the One-Click Transfer...................................................7

Getting Started.......................................................................................7
Services................................................................................................14
Viewing a Service ................................................................................................ 14
Running Services ................................................................................................ 15
Shortcuts ..........................................................................................................................15
Transferring Files without a User Interface ......................................................................15
Downloading Files with a User Interface..........................................................................15
Uploading Selected Files to the Vault ..............................................................................16
Scheduling a Service........................................................................................... 16
Restoring Files .................................................................................................... 16
Authenticating to the Vault................................................................................... 17
Logging on to the Vault Manually .....................................................................................17
Logging on to the Vault Automatically..............................................................................18
Configuration .......................................................................................20
Services .............................................................................................................. 20
Creating a New Service ...................................................................................................21
Copying a Service ............................................................................................................22
Modifying a Service ..........................................................................................................23
Removing a Service .........................................................................................................24
Refreshing the Services List ............................................................................................24
Vaults .................................................................................................................. 25
Adding a Vault..................................................................................................................26
Modifying Vault Properties ...............................................................................................27
Removing a Vault.............................................................................................................27
Users................................................................................................................... 28
User Authorizations..........................................................................................................28
User Credentials ..............................................................................................................29
Configuring Manual Authentication ..................................................................................30
Configuring Automatic Authentication ..............................................................................30
Creating User Credential Files .........................................................................................31
Modifying a User ..............................................................................................................32
Deleting a User ................................................................................................................32
Activity Logs ........................................................................................33

General Logs....................................................................................................... 33
Service Logs ....................................................................................................... 34
History Logs ........................................................................................................ 34
Sending Logs ...................................................................................................... 34
Customizing the One-Click Transfer GUI ..........................................35

Appendix A: Parameter Files..............................................................36
<service>.ini ........................................................................................................ 36
Vault.ini ............................................................................................................... 40
The Cyber-Ark Vault
4
One-Click Transfer User Guide
The Cyber-Ark Vault
5
Introduction
Introduction
Cyber-Arks One-Click Transfer is an end-user utility that transfers files between the
Cyber-Ark Vault and a standard file system, according to predefined settings. Files
can be transferred in different directions to and from the Vault, and can either be
uploaded to the Vault from the local file server, or downloaded from the Vault to the
local file server.
As a utility, One-Click Transfer does not require installation. This eliminates the need
for administrator permissions or assistance, and enables users to begin working
immediately. An intuitive GUI interface leads end-users through service
configuration, which is very simple and requires no training.
Transfers can either be carried out manually or according to a third party schedule
without human intervention. The files to be transferred can either be predefined or can
be selected by the user during the service.
Before file transfers can be carried out, the user is required to authenticate to the
Vault. Authentication can be supplied manually by the user, or stored in a user
credential file that is automatically used by the service. User credential files may
contain encrypted passwords, with or without an external token, or PKI certificates.
After each service, an E-mail message can be sent to specified E-mail addresses with
information about the activities that have been carried out. This feature can be used to
inform the receiver when a service has transferred files, and can also be used by
administrators when the utility requires immediate attention.
The Cyber-Ark Vault
6
Requirements
The One-Click Transfer utility must be installed on a machine that is accessible to the
Vault.
The One-Click Transfer utility is currently supported on the following platforms:
Windows XP
Windows 2000
Windows 2003
Windows Vista
The One-Click Transfer utility works with the following version of the Cyber-Ark
Vault:
Version 3.5 or higher
The One-Click Transfer utility requires the following memory for installation:
10MB
This utility also requires and additional space for temporary files and files being
transferred.
Authentication
The One-Click Transfer utility supports the following authentication methods:
Password
Password with a certificate on a hardware token

Radius
PKI on Windows
For more information about logging on during a One-Click Transfer service, refer to
Authenticating to the Vault, page 17.
The Cyber-Ark Vault
7
Before Using the One-Click Transfer
Before Using the One-Click Transfer

Before you can use the One-Click Transfer, in each Vault that will be accessed during
file transfers, create and configure the following:
Safes and folders referred to in the services.
The utility will not create new Safes in the Vault, so any services that contain
references to non-existent Safes will not be carried out.
Users that require access to the Vault during transfers.
User authentication Users can log onto the Vault with either a password or
a PKI certificate.
Safe Ownership The user that will carry out the service must have the
relevant Safe ownership authorizations to enable the transfer to be carried out.
For more information about Safe Ownership, refer to the IBV/SDV
Implementation Guide for Users.
Getting Started
The first time that you use the One-Click Transfer utility, the Service Configuration
wizard leads you through setting up the first service.
1. From the installation folder, double-click DCClient.exe to start the Service
Configuration wizard.
2. In the General window, specify the name, description, and type of service.
The Cyber-Ark Vault
8
Field
Defines
Services
The name of the service
Description
A description of the service
Run mode
Without a user
interface
The service will automatically transfer all the files that are specified in
the Files window during service setup.
With a user interface
The user will be able to select a file to transfer.
3. Click Next to display the Vault window.
As this is the first time you are running the utility, no Vaults have been defined yet
in the utility.
Field
Defines
Existing Vault
Select from an existing Vault in the Vaults List.
Define a new Vault
Display the Vault details window and define a new Vault.
4. Select Define a new Vault, then click Next; the Vault details window
appears.
The Cyber-Ark Vault
9
Getting Started
Field
Defines
Name
The name of the Vault.
Address
The IP address of the Vault.
Port
The port to the Vault.
Request timeout
The timeout in seconds.
Use RADIUS
authentication
Whether or not the user will be authenticated to the Vault with Radius
authentication. Select the type of certificates to use for authentication.
Proxy or Firewall
Server
Whether you are using a proxy or firewall server, or neither. If you are
using either a Proxy or Firewall, click Advanced to specify the settings to
use.
PKI Authentication
To log onto the Vault with a certificate, type the name that appears on the
Vault certificate, or click Select to choose the certificate from a list.
5. Specify the Vault details, then click Next; the User window appears.
The Cyber-Ark Vault
10
6. Select the type of connection that the user will use to run the service, then click
Next to display the Files window.
Field
Defines
Manual
The user will supply a password in a logon window.
Authentication File
The password will be encrypted and stored in a file.
Change password
The password will be changed after each logon.
Existing user
Choose a predefined user from the Users list.
Create a new authentication file
Create a new credential file for the user.
If you selected Authentication File, the User details window

appears and enables you to select the type of password file that you will supply.
For more information, refer to User Credentials, page 29.
7. Select whether the service will upload files into a Safe or download files from a
Safe.
8. Specify the files to transfer during the service.

Field
Defines
Service type
Store in a Safe
Files will be uploaded into the Safe.
Retrieve from
a Safe
Files will be downloaded to the local file system.
Files to transfer
Local folder
name
The name of the folder on the local file system.
Safe name
The name of the Safe specified in the transfer.
Safe folder
name
The name of the folder in the Safe specified in the transfer.
File Pattern
The file pattern of the files to transfer. For example, files that begin with
mon, whose extensions are .xls would be represented by mon*.xls.
The Cyber-Ark Vault
11
Getting Started
9. Click Next to display the Post action window where you can specify the activities
that will take place after the transfer.
Field
Defines
Actions on the source files

No action
No action will be carried out.
Archive
the files
Move the transferred files into an archive folder that you specify. You can also add
a timestamp to these files. The timestamp uses the following format:
yyyymmdd_hhmmss.
For example, Product.doc that was created on 23 May 2004 at 18.50 would be
renamed Product##20040523_185000##.doc
Note: An upload service moves files into an archive folder on the local file system, and a
download service moves files into an archive folder in the Vault.
Delete the
files
Delete the source files.
Actions on the destination files

Open the
file
Open the file in the default application.
Rename
the file
The filename will be changed to a new name that you specify.
10. Click Next to display the Success E-mail window where you can specify an Email message to send a confirmation of a successful transfer.
The Cyber-Ark Vault
12
11. Select Send success E-mail message to make the fields in this window active
so that you can specify a recipients E-mail information.
Field
Defines
E-mail settings
From
The E-mail address of the sender.
To
The E-mail address of the recipient.
E-mail server
IP
The IP address of the mail server. You can copy the properties from your
Outgoing Mail SMTP application.
Message
Content
Subject
The subject title of the message.
Template
The template file for the message.
12. Click Next to display the Error E-mail window where you can specify an E-mail
message to send after a failed transfer.
The Cyber-Ark Vault
13
Getting Started
13. Select Send error E-mail message to make the fields in this window active.
Field
Defines
E-mail settings
From
The E-mail address of the sender.
To
The E-mail address of the recipient.
E-mail server IP
The IP address of the mail server. You can copy the properties from your
Outgoing Mail SMTP application.
Message Content
Subject
The subject title of the message.
Template
The template file for the message.
14. Click Next to display the Finish window where you finish configuring the service.
15. Select Create a shortcut on the desktop to create a shortcut to the service on
the desktop.
16. Click Finish to save all the service configurations and complete the first service
setup.
The Cyber-Ark Vault
14
Services
The One-Click Transfer window displays a list of the services that have already been
created. In this window, you can also run a selected service and carry out a limited
number of access changes to the service.
Viewing a Service
1. In the installation folder, double-click DCClient.exe to display the One-Click
Transfer window and display the services.
2. Select a service to view a description of the file transfer.
Name of the service
Description of the service
Location of the source files
Location of the target files
Each service is marked with an icon that indicates whether the file transfer is an
upload to the Safe or a download from the Safe.
Icon
Indicates
A download service.
An upload service.
The Cyber-Ark Vault
15
Services
Running Services
After services have been set up and a connection to the Vault has been defined
through authorized users, the services can be run. A service can either be started
manually, or scheduled to run automatically.
The files that will be transferred during the service can either be specified during
service configuration, or while the service is running.
With a user interface for selecting files This type of service enables the user to
select the file to transfer while the service is running.
Without a user interface for selecting files This type of service transfers a group
of files, according to a file pattern. It can be run manually, but can also be
scheduled to run by a third party scheduling software.
To Run a Service
Double-click the shortcut icon; the service begins automatically,

or,
In the One-Click Transfer window, select the service to run, then click Run.
The user is now required to provide logon authentication. If external
authentication is required, you are prompted for it now.
After authentication, the file transfer is carried out according to the service
configurations without any more intervention from the user.
Shortcuts
You can create a shortcut to the service that will be placed on the Desktop. This
shortcut enables you to run the service without having to open the One-Click Transfer
window.
Select the service, then from the Service menu, select Create Shortcut; the
shortcut icon will appear on the Desktop.
Transferring Files without a User Interface
Run the service as described above; the transfer is carried out with no user
intervention.
Downloading Files with a User Interface

1. Run the service as described above.
2. After authentication, the Service Files window appears. Select the file to transfer,
then click Retrieve; the transfer is now carried out.
The Cyber-Ark Vault
16
Uploading Selected Files to the Vault

1. Run the service as described above.
2. After authentication, the Service Files window appears. Select the file to transfer,
then click Open; the transfer is now carried out.
Scheduling a Service
Services that transfer files without a user interface can be scheduled in a third party
scheduled software.
Insert the following code into the scheduled script:
DCClient.exe <full path of the name of service>
For example, the following code would run a service called Customers:
DCClient.exe C:\Documents and Settings\Desktop\One-Click
Transfer\Services\Customers.ini
Restoring Files
Files that have been transferred by a One-Click Transfer service, and moved to an
archive folder, can be restored and returned to their pre-transfer location.
1. Select the service that carried out the transfer.
2. From the Service menu, select Restore.
If only one file is in the archive folder for this service, the file will be restored
immediately.
If more than one file is in the archive folder, the Service Archive Files window
appears.
3. Select the file to restore, then click Restore; the file is removed from the archive
folder and is restored to its pre-transfer location.
The Cyber-Ark Vault
17
Services
Authenticating to the Vault

The user that will run the service must authenticate to the Vault so that the transfers to
and from the Vault can be carried out. The type of authentication required is
determined when the service is created.
Logging on to the Vault Manually

If the service requires manual logon, the user is required to supply a password.
Depending on the user authentication specified in the Vault, the user might also be
required to supply a certificate on an external hardware token or additional Radius
authentication.
To Authenticate to the Vault
1. Start the service; the Vault Logon window appears.
2. The name of the user as it appears in the service configuration appears in the
username edit box.
If the name of the user does not appear or if it isnt correct, type the name of the
user who will run the service.
Password authentication:
3. Type the users password.

4. Click Logon; the Vault authenticates the user and carries out the service.
Radius authentication:
3. Type the users password, then click Logon; a secure channel is created between
the client and the Vault through which this logon information is sent.
4. If the RADIUS server requires more information to authenticate you to the Vault,
a RADIUS Challenge window appears, prompting you for it.
5. Specify the additional logon details, then click OK; the RADIUS server
authenticates you to the Vault.
The Cyber-Ark Vault
18
To Change a Password
The user can change their password to the Vault through the One-Click Transfer.
1. In the One-Click Transfer window, select the service that logs onto the Vault
where the password will be changed.
2. From the Services menu, select Set Password; the Logon window appears.
3. Type the username and password, then click Logon; the Set Password on Vault
window appears.
4. Type the current password, then type the new password and confirm it.
5. Click OK; the password is changed in the Vault.
Logging on to the Vault Automatically

Users can log onto the Vault automatically with a credential file that contains the
users logon credentials, and is stored on the One-Click Transfer station for automatic
logon. This utility enables automatic logon with three options. For more information,
refer to User Credentials, page 29.
Encrypted Password
This option refers to a credential file that stores the users password in an encrypted
form. It can be changed automatically after every successful logon operation.
Start the service; the service accesses the credential file and logs onto the Vault
automatically.
Password Encrypted by an External Token
This option refers to a credential file that contains the users username and a password
that has been encrypted using an external token. In order for the Vault to authenticate
the user with this password, the token is required to decrypt it.
1. Attach the token.
If you are using a USB token, place the token in the USB port.
If you are using a Smartcard, place the card in the Smartcard reader.
2. Start the service; the service accesses the credential file and logs onto the Vault
automatically.
The Cyber-Ark Vault
19
Services
Radius Authentication
This option refers to a credential file that stores the users password in an encrypted
form.
Start the service; the service accesses the credential file and logs onto the Vault
automatically.
If a challenge response is required, it cannot be supplied automatically. You will

be prompted for the challenge response and will need to specify it manually in
order to authenticate to the Vault.
PKI Authentication
Users can run a service with a credential file that has been created using a PKI
certificate.
Note: The authentication certificate must be in the Microsoft Windows Certificate Store or on an
external CryptoAPI device.
1. If you are using an external authentication token, attach it now.

2. Start the service; the service accesses the credential file and logs onto the Vault
automatically.
The Cyber-Ark Vault
20
Configuration
The One-Click Transfer Configuration client enables users to configure Vaults, user
authentication, and file transfer services that can be carried out by the One-Click
Transfer Client.
Services
Each Service is defined in a service configuration file, called <service>.ini, and stored
in the Service subfolder of the One-Click Transfer installation folder. Service
definitions include the name and description of the service, and the source and
destination of the files to be transferred, etc.
For more information about the parameters in <service>.ini, refer to <service>.ini,

page 36.
The Cyber-Ark Vault
21
Configuration
The One-Click Transfer Configuration window displays services that have already
been setup, and enables you to add new services, and update or delete existing ones.
This window is displayed in either of the following ways:
In the One-Click Transfer window, from the Tools menu, select

Service Manager,
or,
In the One-Click Transfer installation folder, double-click DCConfig.exe.
Creating a New Service
In the One-Click Transfer Configuration window, click New,

or,
From the Service menu, select New.
The Service Configuration wizard appears and enables you to create a new service.
For more details about creating services, refer to Getting Started, page 7.
The Cyber-Ark Vault
22
Copying a Service
You can also create a new service by copying an existing one and then changing its
settings.
1. Select the service to copy, then from the Service menu, select Duplicate; the
Service Configuration wizard appears.
2. In the Service edit box, type the name of the new service.
3. Follow the Service Configuration wizard and make other modifications to the
service as necessary, then click Finish.
For more information about the Service Configuration wizard, refer to Getting
Started, page 7.
The Cyber-Ark Vault
23
Configuration
Modifying a Service
You can modify the service configurations to make changes in the type of service or
the files to be transferred. You can change every setting, other than the name of the
service.
1. In the One-Click Transfer Configuration window, select a service.
2. Click Update,
or,
From the Service menu, select Update.
The Update Service window appears. Display the various tabs to update the
service configurations.
The Cyber-Ark Vault
24
Removing a Service
When a service is not required any more, you can delete it.
1. In the One-Click Transfer Configuration window, select the service to delete.
2. Click Remove,
or,
From the Service menu, select Remove.
The following confirmation window appears prompting you to confirm that you
want to delete the selected service.
3. Click Yes to delete the service,

or,
Click No to leave the service and return to the One-Click Transfer Configuration
window.
Refreshing the Services List

After updating or removing a service, refresh the services list to include the changes
that have been made.
From the View menu, select Refresh Service List; the Services List is updated
and displays the current service configurations.
The Cyber-Ark Vault
25
Configuration
Vaults
Each Vault that will be referred to in a service is defined in a Vault configuration file
and stored in the Vault subfolder of the One-Click Transfer installation folder. The
user credentials of the User who will access the Vault during the service are stored in
a credential file in the same folder.
For example, to enable a user called Simon to run a service that accesses the
Bank Vault, the following files must be created and stored in the Vaults/Bank
subfolder:
Vault.ini This file contains all the details about the Bank Vault. For more
information about the parameters in Vault.ini, refer to Vault.ini, page 40.
Simon.cred This file contains an encrypted password that will enable the service
to run through the user account in the Vault called Simon.
The Cyber-Ark Vault
26
Adding a Vault
1. From the Tools menu, select Vaults; the Vaults Manager window
appears and displays a list of Vaults that have already been defined.
2. Click Add; the Create a new Vault window appears.
3. Specify the name and IP address of the Vault that a user will access in order to
carry out a service.
4. Specify the request timeout period in seconds.
5. To enable the user to log onto the Vault with Radius authentication, select
RADIUS authentication, then select one of the following:
Trust self-signed certificates
Allow third party authentication with self-signed certificates
6. Specify whether or not access to the Vault is via a Proxy or Firewall server, and
which type.
7. If appropriate, specify the Vaults DN.
8. Click OK; the Vault appears in the Vaults list as one that is recognized by the
utility.
The Cyber-Ark Vault
27
Configuration
Modifying Vault Properties

If the Vault properties change or are incorrect, you can modify them in the One-Click
Transfer so that the service can access the Vault.
1. In the Vaults list, select a Vault, then click Update; the Update Vault window
appears.
2. Update the properties of the Vault, then click OK.
Removing a Vault
When a connection to a specific Vault is no longer required, you can delete the Vault
from the One-Click Transfer.
1. In the Vaults list, select the Vault to delete, then click Remove; the following
confirmation window appears prompting you to confirm that you want to delete
the selected Vault.
2. Click Yes to delete the Vault from the Vaults list,

or,
Click No to leave the Vault definition and return to the Vaults list.
The Cyber-Ark Vault
28
Users
The One-Click Transfer utility maintains a list of known Users on each Vault. These
users are used to access the Vaults and perform file transfers when processing the
services. These users must be created in the Vault before they can carry out a OneClick Transfer service. In addition, the user must be a Safe Owner of the Safe
specified in the service and must have the appropriate authorizations.
User Authorizations
The following table lists the activities that the service might specify and the relevant
authorizations that the user must have.
Activity
Authorization
Download transfer
Retrieve files from Safe
Upload transfer
Store files in Safe
Move files to archive
Store files in Safe
Change filename
Store files in Safe
Delete source files
Delete files from Safe
Open files
Retrieve files from Safe
For more information about Safe Owners and authorizations, refer to the IBV/SDV
Implementation Guide for Users.
The Cyber-Ark Vault
29
Configuration
User Credentials
The logon credentials of a User are required to log onto the Vault successfully. OneClick Transfer enables users to log onto the Vault either manually or automatically
with a credential file.
Manual This type of logon requires the user to supply a user name and password
manually. Users can log on in either of the following ways:
Password The user supplies their Vault username and password in a logon
window.
Radius authentication The user supplies their username and password in a

logon window. If an additional Radius challenge is required, the user is required to
supply that as well.
Automatic This type of logon enables users to log onto the Vault with a credential
file and initiate services automatically. The credential file can specify any of the
authentication types listed below. The credentials of users who will log on with a
credential file or with PKI must be defined in the User Properties window. All user
credential files are stored in the Vault subfolder.
Encrypted Password The users logon credentials are stored in an encrypted

form on the One-Click Transfer station. It can be changed automatically after
every successful logon operation.
Password with External Token The users password is encrypted with a key
stored on an external token, such as a USB or a Smartcard.
Any PKCS#11 token can be used for this type of authentication, as long as it
meets all of the following criteria:
The token must be a hardware token.
The token is accessible through the PKCS#11 interface.
Access to the token is only possible after supplying a PIN.
The token supports RSA with 1024 or 2048 bit key length.
The token must be able to perform encryption and key generation in hardware.
Radius authentication The users logon credentials are stored in an encrypted
form on the One-Click Transfer station. If an additional Radius challenge response
is required, the user must supply the response manually.
Certificate Any certificate that is accessible through Windows Internet Explorer
certificates stores can be used to authenticate to the Vault.
The Cyber-Ark Vault
30
Configuring Manual Authentication

Services that will be run by a user who will supply a password manually do not need
to be defined in the Users List. When the service is started, the user is immediately
prompted for his password to the Vault. If the user is required to supply an additional
Radius challenge, he will be prompted for it before he is authenticated to the Vault.
Configuring Automatic Authentication

User credential files can be created in the One-Click Transfer utility. The users
credential file is stored in the subfolder of the Vault that it will be used to access in the
One-Click Transfer installation folder. For example, the credential file of a user called
Simon that will be used to access the Bank Vault will be stored in the following
folder:
One-Click Transfer\Vaults\Bank\Simon.cred
To Display the User Properties Window

1. In the One-Click Transfer Configuration window, from the Tools menu, select
Vaults; the Vaults Manager window appears and displays the Vaults that have
already been defined.
2. Select a Vault, then click Users.
If you have already created users for the Vault, the Users in Vault window
appears.
If you have not yet created users for this Vault, the Create a new user in Vault
window for the selected Vault appears.
The Cyber-Ark Vault
31
Configuration
Creating User Credential Files

If the password will be encrypted with an external token, attach it now.
To Create a Password Credential File
1. Display the User Properties window.
2. In the User name edit box, type in the name of the User.
3. In the User type section, select Authenticated by an encrypted password in a
file.
4. Specify the password to encrypt, then specify it again to confirm it.
To use an external token to encrypt the password, select Use Token to
encrypt the password, then specify the DLL path of the USB or smartcard
and the PIN code.
To use Radius authentication, select Use RADIUS.
5. Click OK to create the user credentials; the user appears in the Users in Vault
window.
To Configure PKI Authentication
Before creating the credential file for logon with PKI, the authentication certificate
must be imported into the Microsoft Windows certificate store.
1.
2.
3.
4.
5.
6.
Display the User Properties window.

In the User name edit box, type in the name that identifies the User.
In the User type section, select Authenticate with PKI.
In the DN edit box, specify the Vaults DN.
In the PIN edit box, specify the PIN of the external token, if required.
Click OK to create the user credentials; the user appears in the Users in Vault
window.
The Cyber-Ark Vault
32
Managing Users
To Modify a User
The authentication method of a User can be modified so that the user can access the
Vault with a different authentication method.
1. In the Users list, select the user, then click User; the Update User Properties
window appears.
2. Modify the Users authentication method, then click OK.
To Delete a User
When a user is no longer needed to carry out a service, he can be deleted from the
Users list.
1. In the Users list, select the user to delete, then click Remove; the following
confirmation window appears prompting you to confirm that you want to delete
the selected user.
2. Click Yes to delete the user,

or,
Click No to leave the user and return to the Users list.
The Cyber-Ark Vault
33
Activity Logs
Activity Logs
All activities that are carried out by the utility are written to log files and stored in the
in the Logs subfolder of the One-Click Transfer installation folder. All log messages
are written to the log files, including general and informative messages, errors, and
warnings.
The following list details the log files that are created, and their contents:
DCClient.log This file contains all the log messages related to the One-Click
Transfer Client.
DCConfig.log This file contains all the log messages related to the One-Click
Transfer Configuration client.
<service>.log This file contains all the log messages related to the service of the
same name.
All these log files are stored in the Logs subfolder of the One-Click Transfer
Installation folder.
General Logs
The General log displays the contents of the DCClient log file. This lists all the
activities that have been carried out by the One-Click Transfer utility.
To View the Log File
1. Do not select a service.
2. From the View menu, select View Main Log; the Show Log File window
appears and displays the contents of the general One-Click Transfer log.
The Cyber-Ark Vault
34
Service Logs
The Service log displays the contents of the service log file. This lists all the activities
that have been carried out by the One-Click Transfer utility for this service.
To View the Log File
1. Select a service.
2. From the View menu, select View Service Log; the Show Log File window
appears and displays the information in the specified service log.
History Logs
When the size of a log file reaches 5 MB, it is moved into the History subfolder of the
Logs folder. Only the most recent history file of each log is retained.
To View the General History Log File
1. Do not select a service.
2. From the View menu, select View Main Log; the Show Log File window
appears.
3. Click History; the Show Log File window displays the History log file of the OneClick Transfer client.
To View the Service History Log File
1. Select a service.
2. From the View menu, select View Service Log; the Show Log File window
appears
3. Click History; the Show Log File window displays the History log file of the
service.
Sending Logs
Log files can be sent to an e-mail account directly from the Show Log File window.
1. Display the log to send, then click Send; the default E-mail Message window
opens. The log file appears in the message as an attachment.
2. Enter the E-mail addresses to send the log file to, and click Send.
The Cyber-Ark Vault
35
Customizing the One-Click Transfer GUI
Customizing the One-Click Transfer GUI

The One-Click Transfer interface can be customized, so that it includes your
companys logo, icon, and information. These customizations appear in both the OneClick Transfer window and the One-Click Transfer Configuration window.
All the files that contain this information must be stored in the One-Click Transfer
installation folder.
To Customize a Logo
1. Create a logo that is 200 pixels wide and 36 pixels in height.
2. Save the logo as logo.jpg, and copy it to the One-Click Transfer installation
folder.
When you next start the One-Click Transfer utility, your logo will appear on the right
of the screen.
To Customize an Icon
Save the icon as logo.ico, and copy it to the One-Click Transfer installation
folder.
When you next start the One-Click Transfer utility, your logo will appear in the corner
of the title bar.
To Customize Help Information
Write the information to display and save it as about.txt in the One-Click Transfer
installation folder.
When you next start the One-Click Transfer utility, your information will appear in
the About One-Click Transfer window.
The Cyber-Ark Vault
36
Appendix A: Parameter Files

<service>.ini
The service configuration files contain all the definitions of the file transfers to carry
out. Each service has its own configuration file.
These definitions describe the Vaults that are used in the file transfers, and which
Vault user accounts are used. They also describe the actual file transfer details the
source of the files to be transferred, the destination for the transfer, etc.
Note: These configurations are specified in the GUI, and must not be made manually.
Following is a description of each of the parameters in the service parameter file:

Token
Meaning
Mandatory
Default
Value
Acceptable
Values
Name
The name of the

service
Yes
None
String
Description
A description of the
service
No
None
String
UserName
The username that

will be used to log
onto the Vault.
Yes
No
String
VaultName
The name of the

Vault that files will be
transferred to or from.
Yes
None
String
SafeName
The name of the Safe

that files will be
Yes
None
String
FolderName
The name of the local

folder that files will
be transferred to or
from.
Yes
None
Path
SafeFolderName
The name of the

folder in the Safe
where files will be
Yes
None
String
FilePattern
The complete or part

of the name of the file
to transfer. You can
use wildcards to
specify more than one
file.
No
*.*
String
The Cyber-Ark Vault
37
Token
Meaning
Mandatory
Default
Value
Acceptable
Values
ArchiveFolderName
The name of the

folder where files will
be moved to after a
service.
No
None
Path
PostMsg
The message to
display after a service
has been carried out
successfully.
No
None
String
FileNewName
The new name of the

file on the local file
server after it has
been copied into the
Vault.
This parameter is
mandatory if
RenameProperty
=Yes
None
String
LogFileName
The full path of the

log file.
No
None
String
DesktopShortcutPath
The path of the

shortcut on the
desktop to the
service.
No
None
Path
SuccessMailTemplate
Path
The path of the text

file that contains the
message to send by
email.
This parameter is
mandatory if
SendSuccessMail
=Yes
None
Path
SuccessMailSubject
The text to include in

the Subject field.
This parameter is
mandatory if
SendSuccessMail
=Yes
None
String
SuccessMailServerIP
The IP address of the

Mail Server.
This parameter is
mandatory if
SendSuccessMail
=Yes
None
IP address
SuccessMailSender
Address
The e-mail address of

the sender.
This parameter is
mandatory if
SendSuccessMail
=Yes
None
IP address
SuccessMailRecipient
Address

the recipient.
This parameter is
mandatory if
SendSuccessMail
=Yes
None
IP address
ErrorMailTemplatePath
The path of the text

file that contains the
message to send by
email.
This parameter is
mandatory if
SendErrorMail =Yes
None
Path
ErrorMailSubject
The text to include in

the Subject field.
This parameter is
mandatory if
SendErrorMail =Yes
None
String
The Cyber-Ark Vault
38
Token
Meaning
Mandatory
Default
Value
Acceptable
Values
ErrorMailServerIP
The IP address of the

Mail Server.
This parameter is
mandatory if
SendErrorMail =Yes
None
IP address
ErrorMailSender
Address

the sender.
This parameter is
mandatory if
SendErrorMail =Yes
None
IP address
ErrorMailRecipient
Address

the recipient.
This parameter is
mandatory if
SendErrorMail =Yes
None
IP address
InteractiveRule
Whether or not the

service will display a
user interface or not.
Yes
No
Yes/No
Yes=with
interface
No=without
interface
InteractiveLogon
Whether logon to the

Vault will be manual
or with a credential
file.
Yes
Yes
Yes/No
Yes=manual
logon
No=credential
file logon
DisplayInteractiveMsg
Whether or not to
display success or
error messages.
Yes
OpenAfterDownload
Whether or not to
open the file(s) after
downloading them.
Yes
No
Yes/No
Yes=open the
files
No=do not
open the files
AddTimeStamp
Whether or not to add

a timestamp to the
filename after the
transfer.
No
No
Yes/No
AddTimestampOn
Archive
Whether or not to add

a timestamp to the
filename in the
archive folder.
This parameter is
mandatory if
PostOperation=1
No
Yes/No
Yes=add a
timestamp
No=do not add
a timestamp
RenameFile
Whether or not to
rename a file after
transferring it.
No
No
Yes/No
Yes=rename
the file
No=do not
rename the file
Yes/No
Yes=display
messages
No=do not
display
messages
Yes=add a
timestamp
No=do not add
a timestamp
The Cyber-Ark Vault
39
Token
Meaning
Mandatory
Default
Value
Acceptable
Values
SendSuccessMail
Whether or not to
send a message after
a successful transfer.
No
No
Yes/No
Yes=send
message
No=do not
send message
SendErrorMail
Whether or not to
send a message after
an unsuccessful
transfer.
Yes
No
Yes/No
Yes=send
message
No=do not
send message
ChangePasswordOn
EveryLogon
Whether or not to
change the users
password after every
logon.
Yes
No
Yes/No
Yes=change
password
No=do not
change
password
PostOperation
The action that will

be carried out after a
transfer.
Yes
0/1
Whether the service

will upload files into
the Vault or
download them to a
local file server.
Yes
ActionType
0=no action
1=archive
2=delete files
The Cyber-Ark Vault
0/1
0=upload
1=download
40
Vault.ini
The Vault.ini file contains all the information about the Vault.
Parameter
Description
Default Value
Acceptable
Values
Vault
The name of the Vault.
None
String
Address
The IP address of the Vault.
None
IP address
Port
The Vault IP Port.
1858
Number
Timeout
The number of seconds to wait

for a Vault to respond to a
command before a timeout
message is displayed.
30
Number
AuthType
The type of authentication to be

used to log onto the Vault.
PA_AUTH
PA_AUTH
(Password),
NT_AUTH,
RADIUS_AUTH,
PKI_AUTH
NTAuthAgentName
The name of the NT

Authentication Agent.
None
String
NTAuthAgentKeyFile
The name of the NT

Authentication Key File.
None
String
VaultDN
The Distinguished Name of the

Vault (PKI Authentication).
None
String
ProxyType
The type of proxy through which

the Vault is accessed.
None
HTTP,
HTTPS,
SOCKS4,
SOCKS5
ProxyAddress
The proxy server IP address.

This is mandatory when using a
proxy server.
None
IP address
ProxyPort
The Proxy server IP Port.
8081
Number
ProxyUser
User for Proxy server if NTLM

authentication is required.
None
User name
ProxyPassword
The password for Proxy server if

NTLM authentication is
required.
None
Password
ProxyAuthDomain
The domain for the Proxy server

if NTLM authentication is
required.
NT_DOMAIN_
NAME
Domain name
BehindFirewall
Whether or not the Vault is

being accessed via a Firewall.
No
Yes/No
Optional Parameters:
The Cyber-Ark Vault
41
Parameter
Description
Default Value
UseOnlyHTTP1
Use only HTTP 1.0 protocol.

Valid either with proxy settings
or with BEHINDFIREWALL.
No
Yes/No
NumofRecordsPerSend
The number of file records to

transfer together in a single
TCP/IP send/receive commands.
15
Number
NumOfRecordsPer
Chunk
The number of file records to

transfer together in a single
TCP/IP send/receive operation.
15
Number
ReconnectPeriod
The number of seconds to wait

before the sessions with the
Vault is re-established.
Number
CIFSGateway
The name of the CIFS Gateway.
None
String
HTTPGatewayAddress
The URL of the HTTP Gateway.
URL
URL
The Cyber-Ark Vault
Acceptable
Values
42
The Cyber-Ark Vault

Cyberarkd

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cyberarkd

Uploaded by

Copyright:

Available Formats

Cyber-Ark Software

The Cyber-Ark Vault

Copyright 2008 by Cyber-Ark Software.

The Cyber-Ark Vault

Before Using the One-Click Transfer...................................................7

Activity Logs ........................................................................................33

Customizing the One-Click Transfer GUI ..........................................35

The Cyber-Ark Vault

The Cyber-Ark Vault

Password with a certificate on a hardware token

The Cyber-Ark Vault

Before Using the One-Click Transfer

The Cyber-Ark Vault

The name of the service

A description of the service

With a user interface

The user will be able to select a file to transfer.

3. Click Next to display the Vault window.

Select from an existing Vault in the Vaults List.

Define a new Vault

Display the Vault details window and define a new Vault.

The Cyber-Ark Vault

The name of the Vault.

The IP address of the Vault.

The port to the Vault.

The timeout in seconds.

The Cyber-Ark Vault

The user will supply a password in a logon window.

The password will be encrypted and stored in a file.

The password will be changed after each logon.

Choose a predefined user from the Users list.

Create a new authentication file

Create a new credential file for the user.

If you selected Authentication File, the User details window

8. Specify the files to transfer during the service.

Files will be uploaded into the Safe.

Files will be downloaded to the local file system.

The name of the folder on the local file system.

The name of the Safe specified in the transfer.

The name of the folder in the Safe specified in the transfer.

The Cyber-Ark Vault

Actions on the source files

No action will be carried out.

Delete the source files.

Actions on the destination files

Open the file in the default application.

The filename will be changed to a new name that you specify.

The Cyber-Ark Vault

The E-mail address of the sender.

The E-mail address of the recipient.

The subject title of the message.

The template file for the message.

The Cyber-Ark Vault

The E-mail address of the sender.

The E-mail address of the recipient.

The subject title of the message.

The template file for the message.

The Cyber-Ark Vault

Description of the service

Location of the source files

Location of the target files

The Cyber-Ark Vault

Double-click the shortcut icon; the service begins automatically,