What is the Synchronization Manager?
Cerberus FTP Server Professional and Enterprise editions support automatically replicating users and settings from a primary or master server to other running Cerberus FTP Server machines. This capability allows administrators to maintain active backups of the main server in case of failure, or to ensure a cluster of servers contains identical configurations while only having to manage one machine.
How does it work?
The Synchronization Manager is set up on the machine you want to use as the primary server (the one whose settings you wish to replicate to other servers). The Synchronization Manager allows an administrator to designate one or more running Cerberus instances for syncing. With the exception of machine-specific configuration information (discussed below), the other servers become exact copies of the primary server. Each server that is being synced to will have its users and settings replaced by the users and settings on the primary server.
The replication process can be configured to occur at regular intervals to ensure that all of your synced servers are kept current with the primary server.
The server instances must all be running the same version, and have unique license keys.
Only users and settings are replicated to the backup servers. The server’s file system is not synced to the other machines. You will need to use shared storage or ensure that the file systems are replicated in some other way.
The sync options are based on the XML files in ‘C:\ProgramData\Cerberus LLC\Cerberus FTP Server’ and which XML files you want to sync over to the other server(s):
|Include Settings (settings.xml)||
Account request settings (User Manager > Requests)
User Manager > Policy Settings
User Manager > Shares Settings
Server Manager > Advanced Settings
Server Manager > General Settings
Server Manager > Protocol Settings
Server Manager > Logging Settings
Server Manager > Security Settings
Server Manager > Remote Settings (except admin accounts)
Settings in IP Manager / Firewall Controls (new name in v13)
|Include Users (users_x.0.xml & groups_x.0.xml)||User and Group accounts in User Manager|
|Include Authentication (authentication_x_0.xml)||
Authentication Order from ‘User Manager’ > ‘Policy’
Active Directory and LDAP Settings
|Include IP Settings (ip_access_x.0.xml)||Blocked or Allow Listed IP’s|
|Include Account Request (requests.xml)||Web Client account requests (only if you allow new Web Client users to request accounts)|
|Include Events (events_x.0.xml)||Event Rules, Scheduled Tasks, Event Targets|
|Include Admins (admin_accounts_x.0.xml)||Secondary Admin accounts in ‘Server Manager’ > ‘Remote Settings’|
|Include Shared Files (user_shared_files_x.0.xml)||File and folder shares created in the Web Client|
|Include User Custom Settings (user_custom_settings_x.0.xml)||Web Client Users’ security questions (for 2FA), and user set Web client account settings|
|Include Folder Monitors (folder_monitor_x.0.xml)||Folder Monitor instances set up in ‘Event Manager’|
|Include Passive Port Range (listeners_x.0.xml)||
Passive Port Range from ‘Server Manager’ > ‘General’
|Include Saved Reports (report_queries.xml)||If you have ‘Reporting’ on and have saved any favorite reports|
Backup Server Requirements
Server synchronization is performed using the Cerberus FTP Server SOAP web services API. The SOAP API runs over HTTP/S and listens on the same protocol and port as web administration.
Server synchronization requires the options Use Secure HTTPS and Allow Remote SOAP Access to be enabled on the Remote page of the Server Manager. A Cerberus FTP Server Windows Service reboot will be necessary after enabling HTTPS for the first time.
To add a backup server to the synchronization list, that backup server must be running the same version of Cerberus FTP Server as the primary server and have a valid, unique license key.
All users, groups, and other settings will be synchronized to the backup servers, except:
- License keys
- SOAP and remote/web administration settings
- Server certificate, private key, CA, and CRL security settings
|Server||The hostname or IP address of a backup server|
|Port||The remote administration port of the backup server to connect to.|
|TLS Encryption||Instructs this server to connect using TLS/SSL security to the backup server. This setting must always be enabled.|
|Username||The remote administration account username on the remote server.|
|Password||The remote administration account password on the remote server. This value will be encrypted before being saved to disk.|
These are basic server synchronization settings. You can enable and set server synchronization intervals using these settings.
|Enable Server Synchronization||Checking this setting will enable automatically replicating this server’s users and settings to the added backup servers. This replication will occur at the sync interval, in minutes.|
|Sync Interval||How often, in minutes, to synchronize this server’s setting to the backup servers.|