Release Notes - Version 3.6

TeamDrive Registration Server version 3.6 is the next major public release following after version 3.5.

Version 3.6 of the Registration Server contains the following features and notable differences compared to version 3.5.

Installation

  • The Reg Server 3.6 supports CentOS 7. RPM’s are available for this version of the OS.

Registration Server Functionality

  • Added the “Web Portal Access” capability bit. This bit represents user-level permission to access Web Portals. The capability bit is only used if the ALLOW_WEB_PORTAL_ACCESS Provider setting is set to peruser (see below).

  • Added ALLOW_WEB_PORTAL_ACCESS Provider setting. This setting determined whether users are permitted to access a Web Portal or not. Possible settings are:

    • permit: All users are permitted to login to Web Portals (this is the default).
    • deny: Web Portal access is denied to all users.
    • peruser: Access is determined by the “Web Portal Access” capability bit.
  • TeamDrive Authentication Services now includes an example of how to connect to Vasco IDENTIKEY Authentication Server. When used in conjunction with the Web Portal, Web Portal version 1.0.6 is required.

  • Emails sent by the server now have a maximum size of 16 MB. Previously the limit was 64 K (REGSERVER-1131).

  • Implemented support for Two-Factor Authentication using the Google Authenticator App.

  • Added the AUTH_SETUP_2FA_URL Provider setting. This value must be set to the URL of the page used to setup two-factor authentication.

    See How to Setup Two-Factor Authentication for details.

  • Added ALLOW_MAGIC_USERNAMES Provider setting. When set to True, users of the Provider may register with usernames that match the standard “magic username” pattern.

  • Added ISOLATED_EMAIL_SCOPE Provider setting. When set to True, the users of the Provider may use email addresses that are in use by other users, as long as the email addresses are unique for the Provider (REGSERVER-1125).

  • Added the HIDE_FROM_SEARCH Provider setting. When set to True, this setting will prevent users from being found by a Client when doing the standard username and email address searches, during login and when inviting users to a Space (REGSERVER-1124).

  • Added the PROVIDER_DEPOT Provider setting. This setting may be used to specify that a certain Depot should be used as default Depot for all users of a Provider (REGSERVER-1117).

  • Added the SUPPORT_EMAIL Provider setting. This setting specifies the email address that will be notified if support content is uploaded to the Registration Server.

  • Users will now receive “store forward” invitations no matter which Registration Server the invitation is located on. Previously a user had to register on the same Registration Server as the store forward message.

    A store forward invitation is created when a user invites another user via email, but the user is not yet registered.

  • HTTPS is now used for all communications with a Host Server if the Provider setting API_USE_SSL_FOR_HOST is set to True.

  • Added the Registration Server setting: EmailGloballyUnique. When set to True the Registration Server will check to ensure that an email address is not in use by any other Registration Server in the TeamDrive Network (REGSERVER-809).

    This value is automatically set to the same value as ``UserEmailUnique` on upgrade to version 3.6 or later.

    See EmailGloballyUnique for details.

Registration Server API

  • Added notifications: the Registration Server can be configured to send a notification when a change is made to a user. To do this, the Provider setting API_SEND_NOTIFICATIONS must be set to True, and the setting API_NOTIFICATION_URL must be set to the URL that will receive the notification (TRUS-136).

  • The tag <webportal> has been added to the API functions: “searchuser”, “loginuser”, “getuserdata” and “registeruser”. This tag indicates whether the user is permitted to access a Web Portal.

    Note that if the Provider setting ALLOW_WEB_PORTAL_ACCESS is set to permit or deny, the the value returned in the <webportal> tag will reflect this setting, not the value of the user’s Web Portal Access capability bit.

    When calling “setcapability” the <capability> tage may be set to the value “webportal”, in order to set Web Portal Access capability bit.

  • The “searchuser” API call now accepts the input tags <distributor>, <reference> and <authid>, which are used to search for users with specific external reference or external authentication ID. This tags can be used in addition to or in place of other search tags. The ‘*’ search wildcard is not recognised which searching for these values.

    When searching by <authid> the <distributor> will automatically be added to the search conditions (normally this is only done when you set <onlyownusers>true</onlyownusers>).

    Note that setting <distributor> to a value other than your own Provider code is only permitted if you are the “Default Provider”. Web Portals working on the behalf of a Provider may also set the <distributor> tag accordingly.

  • The “registeruser” API call now returns a <userdata> block with the complete details of the user.

  • Client API: the client version will now be extracted from the path: “/teamdrive/clientversion”, in addition to the paths used previously. Command names are case-insensitive.

  • Added the Provider setting EXT_LICENCE_REF_UNIQUE, default True. If set to False duplicate license references are allowed (REGSERVER-1130).

  • Removed the Provider setting CLIENT_DEFAULTLICREF. The license reference must now be provided as parameter to the API call (REGSERVER-1130).

  • Updated version number of API to 1.0.007.

  • The <licensereference> tag can now be used to specify the license in place of the <licensenumber> tag (REGSERVER-808). Note that the license reference must be unique for each Provider, if EXT_LICENCE_REF_UNIQUE is set to True (which is the default).

  • Added the “sendtemplatemail” API call. This call can be used to sent standard template based emails to user, Providers or some other recipient (REGSERVER-1103).

  • Added lookup of an Email on TDNS to the “tdnslookup” call. The result is a list of Registration Servers (REGSERVER-1113).

Administration Console

  • Added “Delete Provider” Functionality (REGSERVER-1127). Deleting a Provider will delete all user, licenses and depots that belong to the Provider. If the Reg Server is connected to TDNS, the delete process will be suspended until the Provider has been removed from TDNS.
  • If too many failed logins are detected for an account, further attempts are subjected to a delay that increases with the number of login attempts, up to a maximum delay of 2 minutes. The previous system of a constant 5 second delay will still be used if the account is protected by the LOGIN_IP provider setting (REGSERVER-534)
  • Added an option to move spaces from one depot to another (REGSERVER-1116)
  • Depot change history can be displayed on the edit-user page, when available (REGSERVER-1040)
  • A users Spaces are fetched more efficiently when displaying them on the edit-user page, which solves some browser memory problems when a user has a lot of spaces. Unfortunately this also means that the list of spaces can no longer be sorted (REGSERVER-1122)
  • The list of spaces on the edit-user page can now be exported as a CSV document (eg. for opening in Excel) (REGSERVER-1128)
  • Users can now be added or removed from a license on the edit-license page (REGSERVER-1129)
  • Changing a license owner can now be done only via the edit-license page. The function has been removed from the edit-user and license overwiew pages to avoid confusion with the ‘add user to license’ function (REGSERVER-1129)
  • The Admin Console now displays the Host Server version number. The version number is only correctly updated with Host Server version 3.6.1 or later. Otherwise, the number displayed is the version of the original Host Server installation. Note that, in this case, the version number displayed is of the form: <major>.<minor>.**.<patch>, for example: Host Server version 3.0.011 (for example) is displayed as: 03.00.**.00011.

Change Log - Version 3.6

3.6.3 (2017-03-22)

  • Added Provider setting EMAIL/IGNORE_TEMPLATES_LIST, which contains a list of email templates. Emails will not be sent with the templates specified in this list (REGSERVER-1184).
  • Added the UsePrecedenceBulk setting which determines whether the “Precedence: bulk” header should be added to outgoing emails (REGSERVER-1182).
  • The activatelicense and deactivatelicense API calls no longer return error -30210 (REGSERVER-1177).
  • Specifying a user in the removeuserfromlicense API call is now optional. If specified, then the user must be the owner of the license or a “Unknown license” error will be returned (REGSERVER-1178).
  • The API documentation now includes a section on the changes to the API based on the Registration Server version. All changes since version 3.5.0 are noted in the documentation of the API calls (REGSERVER-1173).
  • Remove the API version number (1.0.006, 1.0.007, etc.) The Registration Server version number is now used to determine when API changes have been made. All API calls now return the <regversion> tag which contains the version number of the server (REGSERVER-1173).
  • getdefaultlicense API call: removed the exception that returned the features of the license in use if it was higher than the features of the default license.
  • Added a <licensereference> tag to the input parameters of the “loginuser” call. This tag is used if a default license is created for the user. This is only done if the user has no default license, and the Provider setting DEFAULT_LICENSEKEY is empty.
  • The new reference should now be specified using the <newlicensereference> tag in the “setlicensereference” API call.
  • Added an optional <password> tag to the “removeuser” API call input data.
  • The <featurevalue> tag value may now also be specified as an integer in the “createlicense”, “createlicensewithoutuser”, “upgradelicense” and “downgradelicense” API calls.
  • Added the <licensereference> tag to the <license> block in reply of the “getusedlicense” API call.
  • Added the <licensereference> tag to the <user> and the <device> block in reply of the “searchuser” API call.
  • Fixed a bug removing users from a depot who had been added to the depot when it was created (REGSERVER-1159)
  • Several minor changes and fixes in the Admin Console (fixed spelling License -> Licence, moved “change user licence” on the edit user page from device block to user block, fixed 2 SQL statements, added username to client logs download page)
  • Added new clients settings allow-webaccess-by-default and enable-space-webaccess in the documentation

3.6.2 (2017-02-01)

  • The Registration Server Portal Pages (see Portal Pages) will no longer allow login of users that have previously logged in using an external authentication service (REGSERVER-1180).

  • If a user is using external authentication then the server will no longer allow the user to change his password. The server now returns an error -24907: Permission denied, when the TeamDrive client attempts to perform on of these functions (REGSERVER-1179).

  • External authentication now first checks wether the authentication token is an internal token used by the portal pages. If not, it checks the URL specified by the AUTH_LOGIN_URL setting (REGSERVER-1181).

  • The <licensekey> tag must be used in place of the <licensenumber> tag in the API. <licensenumber> has been deprecated and will no longer be accepted in Registration Server 3.7.

  • Add a <licensekey> tag to the “registeruser” API call. This tag can be used to specify a license to assign to the newly created user.

  • Added Provider setting USER_IDENTIFICATION_METHOD (REGSERVER-1171). This setting determines how user accounts will be identified (see USER_IDENTIFICATION_METHOD). USER_IDENTIFICATION_METHOD replaces the Provider setting USE_EMAIL_AS_REFERENCE, which has been removed.

  • Removed the Provider setting API_CREATE_DEFAULT_LICENSE (REGSERVER-1163). A default license is now always created when a user is created by the API, or during TeamDrive Client registration.

    Since the Registration Server version 3.6 now allows a license to be assigned to a user, even when the user has no devices, the default license is also assigned to the user on creation via the API. If the license already has the maximum number of users, the new user will not be created.

  • Fixed a bug that caused the switch-distributor function to always create a new depot and license even when the checkboxes where not selected (REGSERVER-1170)

  • Added new server setting PrivacyURL and Provider redirect page REDIRECT_PRIVACY

  • Added fields to select an existing license when creating a new user in the adminconsole (REGSERVER-1166)

  • Can now filter the list of devices by the username or email address of the user who owns the device (REGSERVER-1160)

  • It is now possible to edit licenses with an “extreference” set (REGSERVER-1168)

3.6.1 (2016-12-02)

  • Fixed a crash that occurred when search user was called from a TeamDrive Client that is registered at a different Registration Server (REGSERVER-1161)

3.6.0 (2016-11-25)

  • Initial release.

  • LDAP/AD Connectivity (REGSERVER-506): The LDAP/AD external authentication reference code has been improved so that all important parameters are in one configuration file.

    The file “ldap_config.php.example” must be duplicated and renamed to “ldap_config.php” on installation. The file parameters should then be modified as required. Further instructions and a description of the parameters is provided in the “ldap_config.php” file.