Release Notes - Version 3.0.018¶
TeamDrive Registration Server version 3.0.018 is the next major release following after version 3.0.017.
Version 3.0.018 contains the following features and notable differences compared to version 3.0.017:
- As a security enhancement, TeamDrive user passwords stored on the Registration Server are now hashed using the bcrypt algorithm instead of the previously used salted MD5 method. When logging in with a TeamDrive Client version 3.2.0 (Build: 536) or newer, existing hashed passwords are automatically converted into the new format.
- Changing, invalidating or resetting a user’s password now also triggers
sending an email to the affected user. For this purpose, the following new
mail templates were added: passwd-changed,passwd-invalidatedandpasswd-reset.
- The Registration Server now supports sharing and synchronizing user profile information across all of the user’s devices and with other users, e.g. initials, registration email, profile picture, full name, phone (telephone number), mobile (telephone number). Before, this information was shared with other users on a per-Space basis. Only users that share Spaces are able to exchange profile data with this new method. This feature will be supported by a future TeamDrive Client version.
- The expiry date of licenses is now properly checked via the “Expire
Licenses” auto task. Users receive an advance notification 10 and 3 days
before the license expires. When the date provided in the Valid until
field has been reached, the user receives a final notification and his
license will be reverted to the default free license. The following email
templates were added to facilitate the notification:
license-expirein10days,license-expirein3daysandlicense-expired-en. To avoid disruptions/surprises when upgrading from previous Registration Server versions, the update functionsetLicenseExpiryDefault()will set the default value ofENABLE_LICENSE_EXPIRYtoFalsefor providers that already have licenses with an expiry date. When performin a new installation or adding a new provider account, license expiration will be enabled by default.
- Email templates now support the [[BRAND]]macro, to replace the term “TeamDrive” with another string if required. This can be defined via theEMAIL/BRAND_NAMEprovider setting. The default isTeamDrive.
- Most parts of the TeamDrive Registration Server installation can now be
performed via RPM on Red Hat Enterprise Linux 6 and derivative
distributions, which significantly improves the installation procedure and
the process of applying updates. In particular, the following components are
now provided in the form of RPM packages:- The PBT-based Registration Server
(td-regserver-3.0.018.8-0.el6.noarch.rpm, files installed in
/usr/local/primebase/setup/scripts)
- The PHP-based Administration Console and support files
(td-regserver-adminconsole-3.0.018.8-0.el6.noarch.rpm, files installed in
/var/www/html/adminconsoleand/var/www/html/tdlibs)
- The Registration Server documentation in HTML format
(td-regserver-doc-html-3.0.018.8-0.el6.noarch.rpm, files installed in the
Apache server’s document root /var/www/html/td-regserver-doc/, access to the documentation can be restricted by editing/etc/httpd/conf.d/td-regserver-doc.conf).
- The PrimeBase Application Environment
(PrimeBase_TD-4.5.48.<build>-0.el6.x86_64.rpm installed in
/usr/local/primebase), including the PrimeBase Apache modulemod_pbt(installed in/usr/lib64/httpd/modules/mod_pbt.so) and some support scripts and configuration files in/etc/.
 
- The PBT-based Registration Server
(td-regserver-3.0.018.8-0.el6.noarch.rpm, files installed in
- The installation package now contains a script mysql_install.shthat performs the creation of the requiredteamdriveMySQL user account and populating the databases required for the Registration Server.
- The installation package now contains a log rotation script, to support rotation and compression of the Registration Server’s log files.
- The installation now uses the default MySQL data directory location
(/var/lib/mysql) instead of defining a custom one (/regdb). The default MySQL configuration settings formy.cnfhave been reviewed and adjusted.
- The automatic service startup at bootup time is now configured using the
distribution’s chkconfigutility instead of changing theBootoptions in file/usr/local/primebase/pbstab. The PrimeBase_TD RPM package provides the required SysV init script/etc/init.d/teamdriveto facilitate this.
- The term “Distributor” has been replaced with “Provider” in most occasions.
- The obsolete settings UseExternalAuthentificationandUseExternalAuthentificationCallhave been removed. External authentication is now enabled by settingAUTHSERVICE/USE_AUTH_SERVICEtoTrue.
- In previous versions, the setting AUTH_VERIFY_PWD_FREQdid not have any effect (it was added without the actual implementation by accident). Starting with version 3.0.018, a user’s Clients will be logged out from the TeamDrive Service after the time defined in this setting. To avoid surprises and a change in behaviour after an upgrade, updating from a previous version of the Registration Server suggests calling the update functionsetLoginFreqToZero();to change this setting to0for any existing Provider.
The PHP-based Administration Console received several new features, numerous usability enhancements and security improvements. Some notable highlights include:
- Tabular output (e.g. a filtered list of users, devices or licenses) can now be exported to CSV files. 
- Tabular output now indicates the current sort order and column name with a small arrow icon. 
- The columns visible in the table displayed on the Manage Users and Manage Licences pages are now configurable. 
- The summary display of a user’s licenses (“Licenses owned” and “Licenses used”) on the Manage Users page has been simplified. 
- The list of Spaces in a user’s Depot is now displayed as a sortable table. 
- It’s now possible to wipe or delete multiple devices of a user at once. 
- The Registration Server’s Authorization Sequence (required for exchanging invitations with users on other Registration Servers via TDNS) can now be obtained from the Administration Console via Edit Settings -> RegServer -> AuthorizationSequence. 
- After sucessful registration, a Host Server’s activation key is now displayed on the Manage Servers page, to simplify the registration process for new Host Servers. 
- It is now possible to remove registered Host Servers via the Manage Servers page. 
- The Administration Console now supports viewing a selection of server log files directly in the web browser instead of requiring logging in on the server’s console. The View Server Logs page is only visible for the Registration Server’s default provider and any user having the - HAS_VIEW_SERVER_LOGS_RIGHTSprivilege. The list of log files is defined in the (read-only) Reg Server setting- ServerLogFilesand can only be modified by updating the setting in the database directly. Log files can only be viewed if the user that the Apache http Server is running under (usually- apache) has the required access privileges to view these files.
- Most of the Administration Console Settings are now stored in table - TD2Settingof the MySQL database instead of the configuration file- tdlibs/globals.phpand can be configured via the Administration Console instead:- LoginSecurity/LoginSessionTimeout(default:- 30)
- LoginSecurity/FailedLoginLog(default:- /var/log/td-adminconsole-failedlogins.log)
- LoginSecurity/LoginMaxAttempts(default:- 5)
- LoginSecurity/LoginMaxInterval(default:- 60)
- RegServer/ApiLogFile(default:- /var/log/td-adminconsole-api.log)
- RegServer/RegServerAPIURL(previously known as- $regServerUrl, not set by default)
- RegServer/ServerTimeZone(default:- Europe/Berlin)
 - The only information required in - globals.phpis the MySQL connection string to access the Registration Server’s MySQL database. Alternatively, these credentials can be provided from a separate MySQL configuration file. See chapter Administration Console MySQL Configuration for details.
- Disabling a user does no longer provide the apply to devices option, as it’s sufficient to disable the user account to block access to the TeamDrive service. 
- A user’s Space Depots on a Host Server can be activated/deactivated (added in 3.0.018.4, requires Host Server version 3.0.013.8 or later). 
- The default provider can now set new passwords for other providers (added in 3.0.018.3). 
- Changing the Provider setting - AUTHSERVICE/USE_AUTH_SERVICEto- Truenow automatically adds the other required settings like- AUTH_LOGIN_URLand- VERIFY_AUTH_TOKEN_URL.
- The provider filter selection list now also prints the company name after the 4-letter code. 
- An option was added to assign an existing license to a user when editing the user’s details. 
- Various settings that used to expect values in bytes only now provide an option to select other units like “MB” or “GB”. 
- Input fields that expect a date now provide a date picker, to simplify the entering of dates. 
- Filter options by date now provide a more intuitive way to define “before”, “at” or “after” the entered date. 
Change Log - Version 3.0.018¶
3.0.018.8 (2015-04-07)¶
- Administration Console: prevent editing of the - valid untillicense field for licenses that are not either in the- activeor- expiredphase, as this may cause problems with the- restrictedlicense feature. (REGSERVER-886)
- Administration Console: the - restrictedlicense feature flag will be sent to the API as- restrictedrather than- enterprise(REGSERVER-869)
- Administration Console: Restricted licenses are marked with - (Restricted)on the user overview and user details pages. (REGSERVER-877)
- Administration Console: Allow displaying and entering language codes longer than two characters on the user editing page. (REGSERVER-898) 
- Administration Console: Fixed a bug that caused an incorrect count of a user’s installations and invitations on the user overview page. (REGSERVER-901) 
- Administration Console: Fixed a bug on the edit-user page that prevented editing accounts that had been flagged for deletion. (REGSERVER-902) 
- Administration Console: The Administration Console will now send the affected user’s provider code instead of the provider code of the user logged into the Administration Console when creating Depots and inviting other users to that Depot. (TRUS-61) 
- API: The API now allows setting language codes as defined in RFC 5646 (e.g. - en_USor- de_DE) which will be used by TD4 clients when registering a new user. (REGSERVER-898)
- Registration Server: Improved error logging: the output of several error messages (e.g. error codes -24916, -24919, -24909, -24913 or -24912) is now truncated and reduced to the relevant parts. - Error messages are now dumped in the following form: - 03/16/2015 15:23:19 #1 ERROR: ERROR -24777: "reg_shared.pbt"@client line 183: This is an error! [command=setparcels;device=377] - The Registration Server now reads out the log level defined in variable 342 of the - pbvm.envconfiguration file so that it is used in code run by the PBT Apache module- mod_pbt(previously, the log level was ignored by the PBT module). Valid log values are: 0=Off, 1=Errors, 2=Warnings, 3=Trace. (REGSERVER-859)
- Registration Server: When creating a new device, the device now receives the same license as all other devices, independent of the license’s status. (REGSERVER-888) 
- Documentation: Fixed link structure in the HTML documentation so that clicking Next and Previous works as expected (REGSERVER-908) 
- Documentation: Removed the chapter that describes the MySQL databases and tables that will be installed from the Reference Guide. (REGSERVER-899) 
3.0.018.7 (2015-03-05)¶
- Administration Console: Added support for setting the restrictedfeature flag on licenses (previously labeledenterprise).
- Administration console: Updated list of template types viewed in the mail queue view. (REGSERVER-841)
- Administration console: Updated misleading text when viewing device messages from users located on another server. (REGSERVER-839)
- Registration Server: Fixed that ProfileDataExchangeEnabledwas not checked when changing a user’s email address and the Registration Server database schema has not been converted to the 3.0.018 schema. (REGSERVER-849)
- API: Fixed that UserEmailUniquewas not enforced when registering users via the API. (REGSERVER-730)
- API: Added support for setting the “Restricted” license flag, which can be used to disable/limit certain TD 4 Client functionality. Previously, this feature flag was labeled “Enterprise”, but it was not actively used. (REGSERVER-867)
- Registration Server: Added missing provider setting
REDIRECT/REDIRECT_HOMEthat sets the provider’s home page URL used in the user’s start menu. (REGSERVER-851)
- Registration Server: fixed mail template fallback code to fall back to the English templates as a last resort, if a default template in the provider’s default language is not available. (REGSERVER-858)
- Documentation: Updated API chapter and replaced the incorrect statement
that the temporary password generated by the sendpasswordAPI call expires after a time period of 10 minutes with a notice that a generated temporary password remains active and unchanged until the user’s password will be changed. (REGSERVER-870)
3.0.018.6 (2015-02-19)¶
- Installation: To simplify the configuration for new deployments, the default license issued to Clients is now a Professional license including WebDAV support (the value of - CLIENT/DEFAULT_FREE_FEATUREwas changed from- 3to- 10). This change only affects new Registration Server installations, the setting remains unchanged when updating existing installations. (REGSERVER-821)
- Installation: Updated - mysql_install.shto re-create InnoDB log files after changing- innodb_log_file_sizein- my.cnf. (REGSERVER-847)
- Installation: fixed bug in the - setLicenseExpiryDefault()upgrade routine which inserted incorrect entries into the- td2reg.TD2OwnerMetatable for existing licenses having a non-NULL value in the- ValidUntilcolumn. (REGSERVER-848)- If you have have performed an upgrade from a previous Registration Server version to version 3.0.018 before (which included calling - setLicenseExpiryDefault()) and you have issued licenses with an expiry date, please perform the following steps to remove the incorrect entries. Start the MySQL client- mysqlas user- teamdriveand enter the following command to delete the entries:- mysql> DELETE FROM td2reg.TD2OwnerMeta \ -> WHERE Name="ENABLE_LICENSE_EXPIRY" AND \ -> OwnerID NOT IN (SELECT DISTINCT ID FROM td2reg.TD2Owner);- Afterwards, verify the setting - ENABLE_LICENSE_EXPIRYfor all Providers hosted on your Registration Server and only set it to- Truewhen this provider intends to issue licenses with an expiry date.- Note that while it was possible to create licenses with an expiry date in previous versions, the Registration Server did not actually check this date prior to version 3.0.018. To avoid an unexpected expiry of existing licenses after upgrading to version 3.0.018, the upgrade function - setLicenseExpiryDefault()checks all existing licenses during an upgrade and sets the Provider setting- ENABLE_LICENSE_EXPIRYto- Falsefor the respective Provider.
- Administration Console: Added missing - <distributor>field to the- cancellicenseand- resetpasswordAPI calls that prevented the default provider from deleting licenses or resetting the user passwords for other providers hosted on the same Registration Server. (REGSERVER-827)
- Administration Console: Fixed bug where View mail queue did not show all queued email messages (outgoing invitation emails to unregistered users were not displayed). (REGSERVER-818) 
- Administration Console: when importing email templates from the file system into the database, line endings are now automatically converted to be properly terminated with CRLF ( - \r\n)
- Admin Console: Fixed error message - API error code: -30100, message: User name not providedwhen deleting a user’s default Depot (the Depot was still deleted as requested). (REGSERVER-835)
- Administration Console: updated the regular expression that checks for valid URLs in the the - LogUploadURLfield to accept URLs beginning with- httpsas well. (REGSERVER-837)- Note that this change is not applied automatically to the configuration table during an update. For existing installations, you need to update the field - Formatin table- td2reg.TD2Settingfor this setting as follows, if you want to change the URL via the Administration Console:- mysql> UPDATE td2reg.TD2Setting \ SET Format="^(http|https)://[a-zA-Z0-9\-\./]+/.-$" \ WHERE NAME="LogUploadURL"; 
- Administration Console: Fixed bug that prevented users logged into the Admin Console with their “magic username” to set their password. Also improved session handling to not drop the session when a user logged into the Admin Console changes his own password (which invalidated the existing session before). 
- API: The call - getuserdatafailed with- User does not exist, if- USE_EMAIL_AS_REFERENCEwas set to- Trueand the email address was used as the user name. (REGSERVER-824)
- Registration Server: When using external authentication, TD4 Clients could sometimes receive spurious logout events, requiring the user to log in again. Please note that this bug fix may cause Clients that use external authentication to logout again once after the upgrade. After that, such apparently random log-outs should no longer occur. (REGSERVER-820) 
- Registration Server: Fixed wrong path in the fallback routine that is supposed to use the default mail template for templates missing from a provider’s template folder. (REGSERVER-842) 
- Registration Server: Fixed bug that caused file comment notification emails to include the recipient’s email address in the From:-Header instead of the sender’s email address. (REGSERVER-843) 
- Registration Server: When changing - HAS_DEFAULT_DEPOTfrom- Trueto- False, a user’s devices no longer offered a user’s already existing default depot for creating Spaces. (REGSERVER-834)
- Registration Server: Outgoing email messages (e.g. Space invitations) could violate RFC 5321, if templates did not use the appropriate line termination character sequence (CRLF, - \r\n). Now, all outgoing email messages are reformatted before submission to the MTA. (REGSERVER-833)
- Registration Server: Fixed bug that prevented users from logging in with their user name in different capitalization if - UserNameCaseInsensitivewas set to- True(which is the default) (REGSERVER-823)
- Registration Server: Shortened the temporary password that gets generated and mailed to a user when a user’s password needs to be changed (e.g. via the “Forgotten Password” option in the Client or via the - sendpasswordAPI call. Previously, the temporary password consisted of a random MD5 string (32 characters), that turned out to be difficult to handle (e.g. on mobile devices). It now returns a combination of the characters 0-9, a-z and A-Z (excluding 0, O, l and 1, which can be misread). The length of the temporary password now depends on the Client version: 2.x –> 32 characters (unchanged), 3.x –> 8 characters, 4.x –> 5 characters. The 3.x and 4.x Clients have been changed to accept 4 or more characters, the API uses the version of the most recently used device. (REGSERVER-831)
- upload.php: Improved security of the PHP script that accepts Client debug log uploads (e.g. to prevent potential XSS attacks), removed absolute path name from the generated upload status file. Note: this script is not included in the RPM distribution and is not installed by default. (REGSERVER-836)
3.0.018.5 (2015-01-23)¶
- Registration Server: Fixed Space invitation emails to existing users that contained the recipient as the sender in the mail header. (REGSERVER-817)
- Installation: added a new RPM package td-regserver-doc-htmlthat contains the Registration Server documentation in HTML format, installed in the Registration Server’s Apache document root/var/www/html/td-regserver-doc/. Access to the documentation can be restricted by editing/etc/httpd/conf.d/td-regserver-doc.conf. (REGSERVER-816)
- Registration Server: disabled banner support for legacy TD 2.x clients
3.0.018.4 (2015-01-13)¶
- Administration Console: Improved reporting of HTTP errors during API requests. (REGSERVER-798)
- Administration Console: Fixed API error changing a user’s email address if the user name contained UTF-8 characters. (REGSERVER-775)
- Administration Console: fixed support for activating/deactivating Space Depots. (REGSERVER-810) This requires Host Server version 3.0.013.8 or later.
3.0.018.3 (2014-12-17)¶
- Administration Console: fixed incorrect hex encoding of email templates when initially importing them from the file system into the database. (REGSERVER-806)
- Administration Console: added new Reg Server setting
RegServer/RegServerAPIURLfor setting a custom URL to issue Reg Server API requests (e.g. in case of a dedicated API server or if https should be used for API requests). If not set, the API URL will be derived from theRegServerURLsetting (REGSERVER-799).
- Administration Console: The default provider can now set new passwords for other providers (REGSERVER-768).
- Installation: removed <APIChecksumSalt>fromRegServerSetup.xmland updated the installation instructions accordingly, to simplify the installation process (this value is generated byRegServerSetup.pbtautomatically during the initial installation).
- Installation: updated installation instructions and VM installation script
to install the php-mbstringpackage (required for the email template import into the database). (REGSERVER-802)
- Installation: updated installation instructions and VM installation script
to set date.timezonein/etc/php.ini, to avoid frequent PHP warning messages when using the CSV import cron job. (REGSERVER-801)
- Installation: the RPM now automatically re-creates the file
StartupCache.pbtand callsHTTPRequest.pbtduring an upgrade (e.g. to add new Reg Server settings) (REGSERVER-800)
- Installation: added max_allowed_packet=2Mto the MySQL configuration filemy.cnf, to support uploading User Profile information containing profile pictures. In order to support this feature, thePrimeBase_TDpackage also needs to be updated to version 4548.120 or newer (TDCLIENT-1663).
- Installation: changed MaxRequestsPerChildinhttpd.conffrom0to10000, to ensure Apache child processes are restarted from time to time (REGSERVER-762)
- Registration Server: Fixed that SETTING_TDNS_PROXY_URLgets overwritten by theSETTING_HOST_PROXY_URLsetting (in case accessing TDNS requires using a different proxy server than accessing the Host Server (REGSERVER-769).
3.0.018.2 (2014-11-12)¶
- Fixed bug in propagating email address changes to other devices belonging to a user
- Fixed bug in deleting a user’s privileges when deleting the user’s account (REGSERVER-734)
- Fixed issue with store forward messages that were not forwarded to a user upon registration (REGSERVER-759)
- Administration Console: Fixed encoding issue when adding users with usernames containing UTF-8 characters (REGSERVER-756)
- Administration Console: Fixed minor bug in the “Add new provider settings” menu (REGSERVER-747)
- RegServerSetup.xml: Fixed missing closing bracket in the APIChecksumSalttag.
- API: fixed addXMLDepotcall that returned invalid URLs when the settingSIMULATE_REGSERVER_20was enabled. (REGSERVER-741)
3.0.018.1 (2014-11-05)¶
- Initial public release