FTP Server migration using Sterling Secure Proxy – UserID based Dynamic Routing (page 3)

Export users from VSFTPD to SB2BI

This is much of the same as the previous task, but without the passwords. The thing is that when using LDAP together with SB2BI, the users need to be in both places. This is because it is only the authentication that is moved to the LDAP. The autorization is stil in SB2BI. So the password is stored in the LDAP, but what the user have access to do in SB2BI is stored on the user in SB2BI.

So what I will do is to use the same export file from VSFTPD with the username and passwords and map that to a XAPI file to use the XAPI createUserHierarchy.

Prerequisites

There are some prerequisites needed to be done ahead of creating the map and running the XAPI.

The users to be imported need to have some authorizations. In my opinion the best thing to do when importing users is to create a separate group where the imported users get assigned. By doing that, it is easy to give this group more or less authorizations along the way without having to edit the users themselves.

I create a group in Sterling B2B Integrator I call “externalUsers”.

To this group I assign the subgroups “Dashboard Users” and “MAILBOX”. The users will then have access to the Dashboard as well as to the Mailbox.

Skjermbilde 2016-01-07 kl. 14.21.39

Then I also assign the “MyAccount” and “UI User Accounts” as Permissions. Then the users have access to administer their own account.

Skjermbilde 2016-01-07 kl. 14.23.04

I have now created a group where the imported users will be assigned and can change that group later on if the need for authorizations is changing.

XAPI Map

To create the XAPI XML I am using the Sterling Map Editor. I use the VSFTPD export file as input and creates a CSV File as input structure, and using the createUserHierarchy XSD to create the Output XML structure.

The map looks like below:

Skjermbilde 2016-01-07 kl. 19.22.40

Loginid and Username is mapped directly. In UsergroupId the value “externalUsers” is hardcoded. This is the group I created in SB2BI earlier.

The other values is hardcoded to the following:

ActivateFlag = “Y”
Localecode = “en”
Password = “not applicable” (this is stored in the LDAP)
SuperUser = “0” (zero, not a Super User)
Usertype = “EXTERNAL_1” (External LDAP Server number 1. Depending on the LDAP setup in SB2BI)

The result of the map is like below:

<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
<SubUser xmlns='http://www.sterlingcommerce.com/documentation/YCP/createUserHierarchy/input' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'>
  <User Activateflag="Y" Localecode="en" Loginid="user1" Password="not applicable" SuperUser="0" Username="user1" Usertype="EXTERNAL_1" >
    <UserGroupLists>
      <UserGroupList UsergroupId="externalUsers" ></UserGroupList>
    </UserGroupLists>
  </User>
  <User Activateflag="Y" Localecode="en" Loginid="user2" Password="not applicable" SuperUser="0" Username="user2" Usertype="EXTERNAL_1" >
    <UserGroupLists>
      <UserGroupList UsergroupId="externalUsers" ></UserGroupList>
    </UserGroupLists>
  </User>
  <User Activateflag="Y" Localecode="en" Loginid="user3" Password="not applicable" SuperUser="0" Username="user3" Usertype="EXTERNAL_1" >
    <UserGroupLists>
      <UserGroupList UsergroupId="externalUsers" ></UserGroupList>
    </UserGroupLists>
  </User>
  <User Activateflag="Y" Localecode="en" Loginid="user4" Password="not applicable" SuperUser="0" Username="user4" Usertype="EXTERNAL_1" >
    <UserGroupLists>
      <UserGroupList UsergroupId="externalUsers" ></UserGroupList>
    </UserGroupLists>
  </User>
</SubUser>

XAPI Business Process

To run the XAPI to create the users, I build a Business Process in SB2BI. This process is running the map created above, and then fetching one and one user from the created XML file and running the createUserHierarchy XAPI command.

The Business Process looks like below:

<process name="ES_Create_Users">
  <rule name="MoreUsers">
    <condition>User.DONE = 0</condition>
  </rule>

  <sequence name="Sequence Start">
    <operation name="Translation ES_VSFTPD_USERS_TO_XAPI">
      <participant name="Translation"/>
      <output message="TranslationTypeInputMessage">
        <assign to="map_name">ES_VSFTPD_USERS_TO_XAPI</assign>
        <assign to="output_report_to_process_data">YES</assign>
        <assign to="." from="*"></assign>
      </output>
      <input message="inmsg">
        <assign to="." from="*"></assign>
      </input>
    </operation>

    <operation name="Document Extraction - Extract XAPI XML">
      <participant name="DocumentExtractionService"/>
      <output message="DocumentExtractionTypeInputMessage">
        <assign to="." from="*"></assign>
        <assign to="BatchLikeDocuments">NO</assign>
        <assign to="DocExtractMapList">ES_VSFTPD_USERS_TO_XAPI</assign>
        <assign to="PDToProcessData">NO</assign>
        <assign to="XMLInput">YES</assign>
        <assign to="XMLRootTag">User</assign>
      </output>
      <input message="inmsg">
        <assign to="." from="*"></assign>
      </input>
    </operation>

    <sequence name="UserLoop">
      <operation name="For Each Document">
        <participant name="ForEachDocument"/>
        <output message="ForEachDocumentTypeInputMessage">
          <assign to="." from="*"></assign>
          <assign to="DOCUMENT_NAME_PREFIX">DOC-SPLIT-</assign>
          <assign to="ITERATOR_NAME">User</assign>
        </output>
        <input message="inmsg">
          <assign to="." from="*"></assign>
        </input>
      </operation>

      <choice name="MoreUsersLeft">
        <select>
          <case ref="MoreUsers" activity="User Create Start"/>
        </select>

        <sequence name="User Create Start">
          <assign name="Assign" to="PrimaryDocument" from="/ProcessData/PrimaryDocument/@SCIObjectID"></assign>
          <operation name="XAPI Service">
            <participant name="XAPIService"/>
            <output message="XAPIServiceTypeInputMessage">
              <assign to="." from="*"></assign>
              <assign to="api">createUserHierarchy</assign>
              <assign to="UserId">admin</assign>
            </output>
            <input message="inmsg">
              <assign to="." from="*"></assign>
            </input>
          </operation>

          <repeat name="Repeat" ref="UserLoop"/>

        </sequence>
      </choice>
    </sequence>
  </sequence>
</process>

I run the Business Process manually with the VSFTPD Export file as input, and the users get imported to the SB2BI.

A look in the Database shows that the users is added to the User Table (YFS_USER)

Skjermbilde 2016-01-07 kl. 19.53.23

I have then migrated the users from my FTP Server to both the LDAP for Authentication as well as to SB2BI for Authorization.

If SB2BI and the LDAP is not yet connected to each other, there is a “how-to” on that here.

Now the next step would be to migrate the folder structure from the VSFTPD server to the Mailbox structure in SB2BI.

 

"FTP Server migration using Sterling Secure Proxy – UserID based Dynamic Routing" table of contents

  1. FTP Server migration using Sterling Secure Proxy – UserID based Dynamic Routing
  2. Export user/password from VSFTPD to LDAP
  3. Export users from VSFTPD to SB2BI
  4. Export folder structure from VSFTPD to SB2BI Mailbox
  5. Create setup in SEAS to fetch Routing Information from LDAP
  6. Create Policy, Netmap and Adapter in SSP for Dynamic Routing
  7. Test setup as is and routing to SB2BI
  8. Summary

0 comments on “FTP Server migration using Sterling Secure Proxy – UserID based Dynamic RoutingAdd yours →

Leave a Reply

Your email address will not be published. Required fields are marked *