Release Notes - Version 3.6¶
TeamDrive Registration Server version 3.6 is the next major public release following after version 3.5.
Version 3.6 of the Registration Server contains the following features and notable differences compared to version 3.5.
- The Reg Server 3.6 supports CentOS 7. RPM’s are available for this version of the OS.
Registration Server Functionality¶
Added the “Web Portal Access” capability bit. This bit represents user-level permission to access Web Portals. The capability bit is only used if the
ALLOW_WEB_PORTAL_ACCESSProvider setting is set to
ALLOW_WEB_PORTAL_ACCESSProvider setting. This setting determined whether users are permitted to access a Web Portal or not. Possible settings are:
permit: All users are permitted to login to Web Portals (this is the default).
deny: Web Portal access is denied to all users.
peruser: Access is determined by the “Web Portal Access” capability bit.
TeamDrive Authentication Services now includes an example of how to connect to Vasco IDENTIKEY Authentication Server. When used in conjunction with the Web Portal, Web Portal version 1.0.6 is required.
Emails sent by the server now have a maximum size of 16 MB. Previously the limit was 64 K (REGSERVER-1131).
Implemented support for Two-Factor Authentication using the Google Authenticator App.
AUTH_SETUP_2FA_URLProvider setting. This value must be set to the URL of the page used to setup two-factor authentication.
See How to Setup Two-Factor Authentication for details.
ALLOW_MAGIC_USERNAMESProvider setting. When set to True, users of the Provider may register with usernames that match the standard “magic username” pattern.
ISOLATED_EMAIL_SCOPEProvider setting. When set to True, the users of the Provider may use email addresses that are in use by other users, as long as the email addresses are unique for the Provider (REGSERVER-1125).
HIDE_FROM_SEARCHProvider setting. When set to True, this setting will prevent users from being found by a Client when doing the standard username and email address searches, during login and when inviting users to a Space (REGSERVER-1124).
PROVIDER_DEPOTProvider setting. This setting may be used to specify that a certain Depot should be used as default Depot for all users of a Provider (REGSERVER-1117).
SUPPORT_EMAILProvider setting. This setting specifies the email address that will be notified if support content is uploaded to the Registration Server.
Users will now receive “store forward” invitations no matter which Registration Server the invitation is located on. Previously a user had to register on the same Registration Server as the store forward message.
A store forward invitation is created when a user invites another user via email, but the user is not yet registered.
HTTPS is now used for all communications with a Host Server if the Provider setting API_USE_SSL_FOR_HOST is set to True.
Added the Registration Server setting:
EmailGloballyUnique. When set to
Truethe Registration Server will check to ensure that an email address is not in use by any other Registration Server in the TeamDrive Network (REGSERVER-809).
This value is automatically set to the same value as ``UserEmailUnique` on upgrade to version 3.6 or later.
See EmailGloballyUnique for details.
Registration Server API¶
Added notifications: the Registration Server can be configured to send a notification when a change is made to a user. To do this, the Provider setting
API_SEND_NOTIFICATIONSmust be set to
True, and the setting
API_NOTIFICATION_URLmust be set to the URL that will receive the notification (TRUS-136).
<webportal>has been added to the API functions: “searchuser”, “loginuser”, “getuserdata” and “registeruser”. This tag indicates whether the user is permitted to access a Web Portal.
Note that if the Provider setting
ALLOW_WEB_PORTAL_ACCESSis set to
deny, the the value returned in the
<webportal>tag will reflect this setting, not the value of the user’s Web Portal Access capability bit.
When calling “setcapability” the
<capability>tage may be set to the value “webportal”, in order to set Web Portal Access capability bit.
The “searchuser” API call now accepts the input tags
<authid>, which are used to search for users with specific external reference or external authentication ID. This tags can be used in addition to or in place of other search tags. The ‘*’ search wildcard is not recognised which searching for these values.
When searching by
<distributor>will automatically be added to the search conditions (normally this is only done when you set
Note that setting
<distributor>to a value other than your own Provider code is only permitted if you are the “main Provider”. Web Portals working on the behalf of a Provider may also set the
The “registeruser” API call now returns a
<userdata>block with the complete details of the user.
Client API: the client version will now be extracted from the path: “/teamdrive/clientversion”, in addition to the paths used previously. Command names are case-insensitive.
Added the Provider setting
True. If set to
Falseduplicate license references are allowed (REGSERVER-1130).
Removed the Provider setting
CLIENT_DEFAULTLICREF. The license reference must now be provided as parameter to the API call (REGSERVER-1130).
Updated version number of API to 1.0.007.
<licensereference>tag can now be used to specify the license in place of the
<licensenumber>tag (REGSERVER-808). Note that the license reference must be unique for each Provider, if
EXT_LICENCE_REF_UNIQUEis set to
True(which is the default).
Added the “sendtemplatemail” API call. This call can be used to sent standard template based emails to user, Providers or some other recipient (REGSERVER-1103).
Added lookup of an Email on TDNS to the “tdnslookup” call. The result is a list of Registration Servers (REGSERVER-1113).
- Added “Delete Provider” Functionality (REGSERVER-1127). Deleting a Provider will delete all user, licenses and depots that belong to the Provider. If the Reg Server is connected to TDNS, the delete process will be suspended until the Provider has been removed from TDNS.
- If too many failed logins are detected for an account, further attempts are subjected to a delay that increases with the number of login attempts, up to a maximum delay of 2 minutes. The previous system of a constant 5 second delay will still be used if the account is protected by the LOGIN_IP provider setting (REGSERVER-534)
- Added an option to move spaces from one depot to another (REGSERVER-1116)
- Depot change history can be displayed on the edit-user page, when available (REGSERVER-1040)
- A users Spaces are fetched more efficiently when displaying them on the edit-user page, which solves some browser memory problems when a user has a lot of spaces. Unfortunately this also means that the list of spaces can no longer be sorted (REGSERVER-1122)
- The list of spaces on the edit-user page can now be exported as a CSV document (eg. for opening in Excel) (REGSERVER-1128)
- Users can now be added or removed from a license on the edit-license page (REGSERVER-1129)
- Changing a license owner can now be done only via the edit-license page. The function has been removed from the edit-user and license overwiew pages to avoid confusion with the ‘add user to license’ function (REGSERVER-1129)
- The Admin Console now displays the Host Server version number. The version number is only correctly updated with Host Server version 3.6.1 or later. Otherwise, the number displayed is the version of the original Host Server installation. Note that, in this case, the version number displayed is of the form: <major>.<minor>.**.<patch>, for example: Host Server version 3.0.011 (for example) is displayed as: 03.00.**.00011.
Change Log - Version 3.6¶
The Registration Server Portal Pages (see Portal Pages) will no longer allow login of users that have previously logged in using an external authentication service (REGSERVER-1180).
If a user is using external authentication then the server will no longer allow the user to change his password. The server now returns an error -24907: Permission denied, when the TeamDrive client attempts to perform on of these functions (REGSERVER-1179).
External authentication now first checks wether the authentication token is an internal token used by the portal pages. If not, it checks the URL specified by the
<licensekey>tag must be used in place of the
<licensenumber>tag in the API.
<licensenumber>has been deprecated and will no longer be accepted in Registration Server 3.7.
<licensekey>tag to the “registeruser” API call. This tag can be used to specify a license to assign to the newly created user.
Added Provider setting
USER_IDENTIFICATION_METHOD(REGSERVER-1171). This setting determines how user accounts will be identified (see USER_IDENTIFICATION_METHOD).
USER_IDENTIFICATION_METHODreplaces the Provider setting
USE_EMAIL_AS_REFERENCE, which has been removed.
Removed the Provider setting
API_CREATE_DEFAULT_LICENSE(REGSERVER-1163). A default license is now always created when a user is created by the API, or during TeamDrive Client registration.
Since the Registration Server version 3.6 now allows a license to be assigned to a user, even when the user has no devices, the default license is also assigned to the user on creation via the API. If the license already has the maximum number of users, the new user will not be created.
Fixed a bug that caused the switch-distributor function to always create a new depot and license even when the checkboxes where not selected (REGSERVER-1170)
Added new server setting PrivacyURL and Provider redirect page REDIRECT_PRIVACY
Added fields to select an existing license when creating a new user in the adminconsole (REGSERVER-1166)
Can now filter the list of devices by the username or email address of the user who owns the device (REGSERVER-1160)
It is now possible to edit licenses with an “extreference” set (REGSERVER-1168)
- Fixed a crash that occurred when search user was called from a TeamDrive Client that is registered at a different Registration Server (REGSERVER-1161)
LDAP/AD Connectivity (REGSERVER-506): The LDAP/AD external authentication reference code has been improved so that all important parameters are in one configuration file.
The file “ldap_config.php.example” must be duplicated and renamed to “ldap_config.php” on installation. The file parameters should then be modified as required. Further instructions and a description of the parameters is provided in the “ldap_config.php” file.