Release Notes - Version 3.6¶
TeamDrive Registration Server version 3.6 is the next major public release following after version 3.5.
Version 3.6 of the Registration Server contains the following features and notable differences compared to version 3.5.
Installation¶
- The Reg Server 3.6 supports CentOS 7. RPM’s are available for this version of the OS.
Registration Server Functionality¶
- Added the “Web Portal Access” capability bit. This bit represents user-level permission to access Web Portals. The capability bit is only used if the - ALLOW_WEB_PORTAL_ACCESSProvider setting is set to- peruser(see below).
- Added - ALLOW_WEB_PORTAL_ACCESSProvider setting. This setting determined whether users are permitted to access a Web Portal or not. Possible settings are:- permit: All users are permitted to login to Web Portals (this is the default).
- deny: Web Portal access is denied to all users.
- peruser: Access is determined by the “Web Portal Access” capability bit.
 
- TeamDrive Authentication Services now includes an example of how to connect to Vasco IDENTIKEY Authentication Server. When used in conjunction with the Web Portal, Web Portal version 1.0.6 is required. 
- Emails sent by the server now have a maximum size of 16 MB. Previously the limit was 64 K (REGSERVER-1131). 
- Implemented support for Two-Factor Authentication using the Google Authenticator App. 
- Added the - AUTH_SETUP_2FA_URLProvider setting. This value must be set to the URL of the page used to setup two-factor authentication.- See How to Setup Two-Factor Authentication for details. 
- Added - ALLOW_MAGIC_USERNAMESProvider setting. When set to True, users of the Provider may register with usernames that match the standard “magic username” pattern.
- Added - ISOLATED_EMAIL_SCOPEProvider setting. When set to True, the users of the Provider may use email addresses that are in use by other users, as long as the email addresses are unique for the Provider (REGSERVER-1125).
- Added the - HIDE_FROM_SEARCHProvider setting. When set to True, this setting will prevent users from being found by a Client when doing the standard username and email address searches, during login and when inviting users to a Space (REGSERVER-1124).
- Added the - PROVIDER_DEPOTProvider setting. This setting may be used to specify that a certain Depot should be used as default Depot for all users of a Provider (REGSERVER-1117).
- Added the - SUPPORT_EMAILProvider setting. This setting specifies the email address that will be notified if support content is uploaded to the Registration Server.
- Users will now receive “store forward” invitations no matter which Registration Server the invitation is located on. Previously a user had to register on the same Registration Server as the store forward message. - A store forward invitation is created when a user invites another user via email, but the user is not yet registered. 
- HTTPS is now used for all communications with a Host Server if the Provider setting API_USE_SSL_FOR_HOST is set to True. 
- Added the Registration Server setting: - EmailGloballyUnique. When set to- Truethe Registration Server will check to ensure that an email address is not in use by any other Registration Server in the TeamDrive Network (REGSERVER-809).- This value is automatically set to the same value as ``UserEmailUnique` on upgrade to version 3.6 or later. - See EmailGloballyUnique for details. 
Registration Server API¶
- Added notifications: the Registration Server can be configured to send a notification when a change is made to a user. To do this, the Provider setting - API_SEND_NOTIFICATIONSmust be set to- True, and the setting- API_NOTIFICATION_URLmust be set to the URL that will receive the notification (TRUS-136).
- The tag - <webportal>has been added to the API functions: “searchuser”, “loginuser”, “getuserdata” and “registeruser”. This tag indicates whether the user is permitted to access a Web Portal.- Note that if the Provider setting - ALLOW_WEB_PORTAL_ACCESSis set to- permitor- deny, the the value returned in the- <webportal>tag will reflect this setting, not the value of the user’s Web Portal Access capability bit.- When calling “setcapability” the - <capability>tage may be set to the value “webportal”, in order to set Web Portal Access capability bit.
- The “searchuser” API call now accepts the input tags - <distributor>,- <reference>and- <authid>, which are used to search for users with specific external reference or external authentication ID. This tags can be used in addition to or in place of other search tags. The ‘*’ search wildcard is not recognised which searching for these values.- When searching by - <authid>the- <distributor>will automatically be added to the search conditions (normally this is only done when you set- <onlyownusers>true</onlyownusers>).- Note that setting - <distributor>to a value other than your own Provider code is only permitted if you are the “Default Provider”. Web Portals working on the behalf of a Provider may also set the- <distributor>tag accordingly.
- The “registeruser” API call now returns a - <userdata>block with the complete details of the user.
- Client API: the client version will now be extracted from the path: “/teamdrive/clientversion”, in addition to the paths used previously. Command names are case-insensitive. 
- Added the Provider setting - EXT_LICENCE_REF_UNIQUE, default- True. If set to- Falseduplicate license references are allowed (REGSERVER-1130).
- Removed the Provider setting - CLIENT_DEFAULTLICREF. The license reference must now be provided as parameter to the API call (REGSERVER-1130).
- Updated version number of API to 1.0.007. 
- The - <licensereference>tag can now be used to specify the license in place of the- <licensenumber>tag (REGSERVER-808). Note that the license reference must be unique for each Provider, if- EXT_LICENCE_REF_UNIQUEis set to- True(which is the default).
- Added the “sendtemplatemail” API call. This call can be used to sent standard template based emails to user, Providers or some other recipient (REGSERVER-1103). 
- Added lookup of an Email on TDNS to the “tdnslookup” call. The result is a list of Registration Servers (REGSERVER-1113). 
Administration Console¶
- Added “Delete Provider” Functionality (REGSERVER-1127). Deleting a Provider will delete all user, licenses and depots that belong to the Provider. If the Reg Server is connected to TDNS, the delete process will be suspended until the Provider has been removed from TDNS.
- If too many failed logins are detected for an account, further attempts are subjected to a delay that increases with the number of login attempts, up to a maximum delay of 2 minutes. The previous system of a constant 5 second delay will still be used if the account is protected by the LOGIN_IP provider setting (REGSERVER-534)
- Added an option to move spaces from one depot to another (REGSERVER-1116)
- Depot change history can be displayed on the edit-user page, when available (REGSERVER-1040)
- A users Spaces are fetched more efficiently when displaying them on the edit-user page, which solves some browser memory problems when a user has a lot of spaces. Unfortunately this also means that the list of spaces can no longer be sorted (REGSERVER-1122)
- The list of spaces on the edit-user page can now be exported as a CSV document (eg. for opening in Excel) (REGSERVER-1128)
- Users can now be added or removed from a license on the edit-license page (REGSERVER-1129)
- Changing a license owner can now be done only via the edit-license page. The function has been removed from the edit-user and license overwiew pages to avoid confusion with the ‘add user to license’ function (REGSERVER-1129)
- The Admin Console now displays the Host Server version number. The version number is only correctly updated with Host Server version 3.6.1 or later. Otherwise, the number displayed is the version of the original Host Server installation. Note that, in this case, the version number displayed is of the form: <major>.<minor>.**.<patch>, for example: Host Server version 3.0.011 (for example) is displayed as: 03.00.**.00011.
Change Log - Version 3.6¶
3.6.5 (2017-07-13)¶
- The Reg Server now handles “store forward” invitations sent by the TeamDrive client, when a user has no active devices (because all devices have been inactive for longer than - InviteOldDevicesPeriodActive). Previously this only worked if the user had no devices (which can happen if the user was created via the API).- The first device that becomes active after this point, whether it is a new device or an old device that was re-activated will receive the invitation (REGSERVER-1200). 
- API call “removelicense” was not working due to a problem with NULL values (REGSERVER-1197). 
- Fixed activation of users and devices via the adminconsole (REGSERVER-1199) 
- Uploaded Client log files are now stored in a table created to store all large binary values (TD2LargeBinaries). This prevents a slowdown of access to the TD2BlobData table (REGSERVER-1202). - On upgrade the log files will be moved from one table to the other. This can take some time. 
- Added a new covering index to the TD2BlobData table that includes all columns used to search the table. This will allow the server to avoid reading the entire row during a search. - The column TD2BlobData.Extension has been shortened to 40 bytes (ascii) and the columns TD2BlobData.SourceChecksum has been removed because it is no longer used (REGSERVER-1201). 
- Optimised the queries used in the CSV page in the Admin Console, and fixed a bug that left the ‘error’ and ‘success’ file in the database when a CSV file was deleted 
- Fixed a bug in the “searchuser” API call. When - <showdevice>was- false, the- <total>was incorrectly set to 0 (REGSERVER-1204).
- Fixed a bug when deleting an user and his depots: If user is not the owner of a depot he must be removed from the depot as an user instead of deleting the depot (REGSERVER-1205). 
3.6.4 (2017-05-04)¶
- Fixed crash in regserverdistribution (REGSERVER-1186). 
- Fixed an error that resulted in the - <licensekey>tag missing from a number of API calls that returned license data (REGSERVER-1187).
- Fixed setting a client update notification using the admin console (REGSERVER-1189). 
- The - <intresult>tag was missing from the result of the “createlicensewithoutuser” API call.
- Several small fixes for the admin console: improved user search speed and added case insensitive search for usernames, fixed regular expression for magic usernames with an ID > 9999, improved client logs download page 
- Added hint how to start the apache service after mysql (see Enabling Service Autostart) 
- Fixed sending API calls for different provider using the same IP (REGSERVER-1194). 
- Fixed license change history in the adminconsole in cases where the ‘license created’ entry was missing from TD2TicketChanges (REGSERVER-1188) 
- Require entry of a confirmation text when deleting licenses (previously this was only required if the license was created in an external system) (REGSERVER-1193) 
- The default provider can now view uploaded log files for all providers at once (REGSERVER-1190) 
- Installation: set - max_allowed_packet=32Min order to support the upload of large client log files (REGSERVER-1192)
- Fixed a number of problems with the API functions “searchuser” (REGSERVER-1195): It is now possible to retrieve all users by not specifying any search condition. Previously this caused error -30116. - The result tags - <current>,- <total>and- <maximum>now refer to the number of users, regardless of whether devices are included in the result or not. Previously these tags referred to the number of devices, when- <showdevice>was set to- true.- Previously it was possible that devices for the last user returned were missing, if the maximum rows ( - <total>value) was exceeded when including devices in the result.- When you specify a - <startid>value, the- <total>value returned now consistently refers to the total number of users with an ID greater than the specified value.- This means that, in general, if the - <total>value is greater than the- <current>value, then the caller knows that more user records are available with the input parameters.- Previously to version 3.6.4 the result - <total>was not consistant if- <showdevice>was set to- trueand should not be used.
- Increased TD2BlobData.Data column size to allow 50 MB uploaded log files (REGSERVER-1191). 
- Increased TD2Depots.ReposDoc column size to 4000 characters required to store larger repository files (REGSERVER-1185). 
3.6.3 (2017-03-22)¶
- Added Provider setting EMAIL/IGNORE_TEMPLATES_LIST, which contains a list of email templates. Emails will not be sent with the templates specified in this list (REGSERVER-1184).
- Added the UsePrecedenceBulksetting which determines whether the “Precedence: bulk” header should be added to outgoing emails (REGSERVER-1182).
- The activatelicenseanddeactivatelicenseAPI calls no longer return error -30210 (REGSERVER-1177).
- Specifying a user in the “removeuserfromlicense” API call is now optional. If specified, then the user must be the owner of the license or a “Unknown license” error will be returned (REGSERVER-1178).
- The API documentation now includes a section on the changes to the API based on the Registration Server version. All changes since version 3.5.0 are noted in the documentation of the API calls (REGSERVER-1173).
- Remove the API version number (1.0.006, 1.0.007, etc.) The Registration Server
version number is now used to determine when API changes have been made.
All API calls now return the <regversion>tag which contains the version number of the server (REGSERVER-1173).
- “getdefaultlicense” API call: removed the exception that returned the features of the license in use if it was higher than the features of the default license.
- Added a <licensereference>tag to the input parameters of the “loginuser” call. This tag is used if a default license is created for the user. This is only done if the user has no default license, and the Provider settingDEFAULT_LICENSEKEYis empty.
- The new reference should now be specified using the <newlicensereference>tag in the “setlicensereference” API call.
- Added an optional <password>tag to the “removeuser” API call input data.
- The <featurevalue>tag value may now also be specified as an integer in the “createlicense”, “createlicensewithoutuser”, “upgradelicense” and “downgradelicense” API calls.
- Added the <licensereference>tag to the<license>block in reply of the “getusedlicense” API call.
- Added the <licensereference>tag to the<user>and the<device>block in reply of the “searchuser” API call.
- Fixed a bug removing users from a depot who had been added to the depot when it was created (REGSERVER-1159)
- Several minor changes and fixes in the Admin Console (fixed spelling License -> Licence, moved “change user licence” on the edit user page from device block to user block, fixed 2 SQL statements, added username to client logs download page)
- Added new clients settings allow-webaccess-by-defaultandenable-space-webaccessin the documentation
3.6.2 (2017-02-01)¶
- The Registration Server Portal Pages (see Portal Pages) will no longer allow login of users that have previously logged in using an external authentication service (REGSERVER-1180). 
- If a user is using external authentication then the server will no longer allow the user to change his password. The server now returns an error -24907: Permission denied, when the TeamDrive client attempts to perform on of these functions (REGSERVER-1179). 
- External authentication now first checks wether the authentication token is an internal token used by the portal pages. If not, it checks the URL specified by the - AUTH_LOGIN_URLsetting (REGSERVER-1181).
- The - <licensekey>tag must be used in place of the- <licensenumber>tag in the API.- <licensenumber>has been deprecated and will no longer be accepted in Registration Server 3.7.
- Add a - <licensekey>tag to the “registeruser” API call. This tag can be used to specify a license to assign to the newly created user.
- Added Provider setting - USER_IDENTIFICATION_METHOD(REGSERVER-1171). This setting determines how user accounts will be identified (see USER_IDENTIFICATION_METHOD).- USER_IDENTIFICATION_METHODreplaces the Provider setting- USE_EMAIL_AS_REFERENCE, which has been removed.
- Removed the Provider setting - API_CREATE_DEFAULT_LICENSE(REGSERVER-1163). A default license is now always created when a user is created by the API, or during TeamDrive Client registration.- Since the Registration Server version 3.6 now allows a license to be assigned to a user, even when the user has no devices, the default license is also assigned to the user on creation via the API. If the license already has the maximum number of users, the new user will not be created. 
- Fixed a bug that caused the switch-distributor function to always create a new depot and license even when the checkboxes where not selected (REGSERVER-1170) 
- Added new server setting PrivacyURL and Provider redirect page REDIRECT_PRIVACY 
- Added fields to select an existing license when creating a new user in the adminconsole (REGSERVER-1166) 
- Can now filter the list of devices by the username or email address of the user who owns the device (REGSERVER-1160) 
- It is now possible to edit licenses with an “extreference” set (REGSERVER-1168) 
3.6.1 (2016-12-02)¶
- Fixed a crash that occurred when search user was called from a TeamDrive Client that is registered at a different Registration Server (REGSERVER-1161)
3.6.0 (2016-11-25)¶
- Initial release. 
- LDAP/AD Connectivity (REGSERVER-506): The LDAP/AD external authentication reference code has been improved so that all important parameters are in one configuration file. - The file “ldap_config.php.example” must be duplicated and renamed to “ldap_config.php” on installation. The file parameters should then be modified as required. Further instructions and a description of the parameters is provided in the “ldap_config.php” file.