Registration Server Settings

Registration Server Settings can be changed in the Administration Console, via the Admin -> Server Settings page.

These settings are split up into several categories, which are listed below (in alphabetical order).

API Settings

APIAllowSettingDistributor

When accessing the API, providers are identified by the IP address of the caller (see API_IP_ACCESS).

Set this to True if you want a provider to be able to make requests on behalf of another provider. This means that a provider that manages (see the “Managed by” setting on the Providers page in the Admin Console) other providers can set the caller provider to one of those providers.

The “Default Provider”, specified by the DefaultProvider setting (see DefaultProvider) has the right to manage all other providers.

In order to make an API request on behalf of some other providers, set the <distributor> tag to the required provider code (see API Input Parameters).

Since the Admin Console uses the API, you must set APIAllowSettingDistributor to True if you wish to access Providers other than the default Provider through the Admin Console.

APIChecksumSalt

To detect “man in the middle” attacks when sending API requests to the Registration Server, a random “salt value” is generated during the initial installation. The sender must add this salt value to his request before calculating the MD5 hash value of the API request content which will be sent to the Registration Server.

The checksum will be included in the URL, so that the Registration Server can check if the content was modified during the transport.

This setting is read-only and can not be changed via the Administration Console.

See chapter API Basics for details.

APILogFile

A log file that tracks API requests issued by the Administration Console. This file needs to be owned and writeable by the apache user (default: /var/log/td-adminconsole-api.log).

RegServerAPIURL

Optional Reg Server API URL, used by the Administration Console (e.g. http://regserver.yourdomain.com/pbas/td2as/api/api.htm). Must be set, if HTTPS should be used for API communication or if a dedicated API server is used. If empty, it will be derived from RegServerURL.

Client Settings

ClientPasswordLength

You can define a minimum password length to be used by a user. The default value is 8 characters. This parameter will only be checked by the API, since the Clients only send an MD5 hash of the password, which can not be checked on server side. A password complexity check is not implemented at the moment.

ClientPollInterval

The default poll interval for clients (in seconds) to look for new invitations on the Registration Server.

ClientSettings

These settings are sent to all Clients after login. Settings specified for a Provider can override the values defined here.

Note

This setting can be overridden by the provider setting CLIENT/CLIENT_SETTINGS on a per-provider basis. See chapter CLIENT_SETTINGS for details.

ClientUsernameLength

You can define a minimum username length to be used by a user. The default value is 5 characters.

EmailGloballyUnique

This setting specifies whether a Registration Email address should be globally unique or not. When set to True, the Registration Server will check that an email is unique over the entire TeamDrive Network.

By default this parameter is set to the value if UserEmailUnique. In other words, if UserEmailUnique is set to True, then EmailGloballyUnique will be set to True on upgrade to version 3.6.

InvitationStoragePeriod

Invitations will be stored on the server for a specified period of time. The default is 30 days (2592000 seconds). After that duration the server will automatically delete older invitations. If the value is to 0, invitations will never be deleted. Deletions are carried out by the background task described here: “Delete Old Messages” Task.

InvitationStoragePeriodFD

This setting is deprecated and will be removed in a future version. The functionality will only be used by TeamDrive 3 clients. TeamDrive 4 clients are using the key repository instead (see following link to the chapter Invitation for future devices).

Within 14 days after the first registration, the client will send an invitation for each created Space to the registration server for devices the user may install in future. See Invitation for future devices for a detailed description.

InviteOldDevicesPeriodActive

Each new Client installation by a user will create a new device in the database. If the user were to get a new PC, it would be installed as a new device, but the first device will remain in the Registration Server database, even if the user no longer uses it. Invitations will only be sent to devices which were active within the defined period. Please notice, that the device active timestamp will only be updated once a day. So, the value should not be less than one day (86400 seconds). The default value is 96 days (8294400 seconds).

A device that is no longer receiving invitations is said to be “inactive”. An inactive device can be re-activated by starting the TeamDrive client on the device. As long as the TeamDrive installation on the device has not been deleted, the device will be re-activated, and will be able receive invitations again.

If you try to send an invitation to a user that has no active devices, the TeamDrive client register an error. You should then contact the user and request that an old device be re-activated, or a new device installed by the user. The invitation will then need to be sent again.

StoreRegistrationDeviceIPinSeconds

Each client registration will store the IP address which was used to register the client. In case of a hacked user, it may be possible to identify the source of the request. The default is 2592000 seconds (30 days) after which the IP will be removed. Other possible values are -1 (never store the value) or 0 (never delete it). All values greater than zero will be taken as seconds. The Delete Client IPs auto task as described in “Delete Client IPs” Task must be enabled.

UserEmailUnique

This setting specifies if email address must be unique for the entire Registration Server. If set to False then email address need only be unique per Provider. The setting EmailGloballyUnique specifies whether email address must be unique over all TeamDrive Registration Servers.

Email Settings

These settings define how the Registration Server delivers outgoing email messages to an SMTP server (MTA).

MailSenderEmail

The sender header can be defined to avoid spam classification (see sender field description in: http://en.wikipedia.org/wiki/Email#Header_fields). This is necessary in case that the invitations between the users don’t match to the domain which will be used by the registration server. If this value is empty, only the from header will be used. The email will also be used as the ‘envelope-from’-email in user-to-user mails like invitations and as the ‘from’-email for all server-to-user emails like the activation email, new password, etc.

Note

This setting can be overridden by the provider setting EMAIL/EMAIL_SENDER_EMAIL, to define a custom sender address on a per-provider basis. See chapter EMAIL_SENDER_EMAIL for details.

MailSenderHost

As described in the SMTP protocol http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#SMTP_transport_example there will be communication between the SMTP client on the registration server and the SMTP server which will accept the email for delivery. To avoid spam classification the HELO command must match the servers FQDN. If this value is empty, the default hostname / IP address detection will be used which might get 127.0.0.1 instead of the hostname.

MaxEmailPerDay

This is a security setting, since invitation mails can, potentially, also be used for spam mails from an user sent by your mail server. You can define how many mails the user can send per day. (-1 = unlimited, 0 = no mail)

SMTPServer

The IP or DNS name of the SMTP server.

In order to use a TLS/SSL connection to the SMTP server prefix the host name of the server with “smpts” protocol (only supported on CentOS 7 systems), for example: “smtps://my.smtpserver.com”. If no protocol is specified then “smpt” is assumed.

SMTPServerUser

An username for smtp authentication (only supported on CentOS 7 systems).

SMTPServerPassword

The password for smtp authentication (only supported on CentOS 7 systems).

SMTPServerTimeOut

Timeout parameter in seconds for sendmail requests.

TemplatePath

This is the location of the default email and HTML templates.

UsePrecedenceBulk

Set this value to True in order to add the header:

Precedence: bulk

to all outgoing emails. This should reduce the number of automatic reply mails for “out of office” and “vacation”. This setting is False by default.

Proxy Settings

HOSTProxyHost

IP address or host name of the HTTP proxy server to be used for the Registration Server to Host Server communication.

HOSTProxyPort

TCP port of the HTTP proxy server to be used for Host Server requests.

HOSTUseProxy

Set to True if outgoing Host Server requests must be sent via a HTTP proxy server. This requires setting HOSTProxyHost and HOSTProxyPort as well.

Note

In case of using a squid proxy, you have to set ignore_expect_100 on in your squid configuration (see squid documentation http://www.squid-cache.org/Doc/config/ignore_expect_100/).

ProxyHost

IP address or host name of the HTTP proxy to be used for outgoing HTTP requests.

ProxyPort

TCP Port of the HTTP proxy server to be used for outgoing HTTP requests.

UseProxy

Set to True if outgoing requests must be sent via a HTTP proxy server. This requires setting ProxyHost and ProxyPort as well. Note that Host Server access uses different proxy settings (see HostUseProxy).

RedirectURL Settings

There are a number of URLs that will be used by the TeamDrive Client to open web pages in response to clicks within the client. These are referred to as “Redirect URLs”.

The various target pages of the Redirect URLs can be set by providing value for the following variable: DownloadURL, FAQURL, ForumURL, HelpURL, LicensePurchaseURL, ProviderInfoURL, ReferralURL, TDPSOrderURL and TutorialURL.

These settings are optional. If no URL is provided the Registration server will return a HTML result containing an english error message.

In addition, all the settings can be overridden by Provider specific settings (see Provider Settings). This means that the Registration Server settings act as a default, if the Provider does not specify a particular URL.

A number of URL parameters are passed to the target pages. These parameters can be used within the target landing pages to generate the content.

page and distr
These parameters are used to determine the target page. These parameters are used by the Registration Server to select a target URL from the various Redirect URL settings.
lang
The international language code of the current language of the client.
platf
Specifies the platform of the client: mac, win, linux, ios, android or unknown.
user
Base 64 encoded username. This parameter is only supplied for the LicensePurchaseURL URL.
product
Specifies the product ordered. Only provided for the TDPSOrderURL URL. Currently the only possible value is TDPS.

DownloadURL

A link to the Client software download page. This URL is optional and may be overridden by the REDIRECT_DOWNLOAD Provider setting.

FAQURL

An optional link to a FAQ page. This URL can be overridden by the REDIRECT_FAQ Provider setting.

ForumURL

An optional link to a Forum which can be overridden by the REDIRECT_FORUM Provider setting.

HelpURL

An optional link to a general Help page. This URL can be overridden by the REDIRECT_HELP Provider setting.

LicensePurchaseURL

This an optional link to a page on which new licenses can be purchased. This URL may be overridden by the REDIRECT_PURCHASE Provider setting.

LogUploadURL

In case of errors on the Client side, the user can submit a support request by uploading its log files to the Registration Server. The archive of log files and additional debug information will be sent to a PHP script upload.php. We recommend keeping the existing URL since in general it will only be possible for TeamDrive Systems GmbH to understand the log output.

If you want to set up your own log upload service, you can direct the URL to your server. For details see chapter Client Log Files.

PrivacyURL

An optional link to a privacy page which is required by the Google Play Store or the Apple App-Store. This URL can be overridden by the REDIRECT_PRIVACY Provider setting.

ProviderInfoURL

URL of the Provider information page which will describe all Provider codes available to the user. This link may be overridden by the REDIRECT_PROVIDERINFO Provider setting.

ReferralURL

The optional user-invite-user referral link, which can be overridden by the REDIRECT_USERINVITEUSER Provider setting.

TDPSOrderURL

An optional link used to purchase a license for TDPS (TeamDrive Personal Server). This URL can be overridden by the REDIRECT_ORDER Provider setting.

TutorialURL

An optional link a tutorials page. This URL can be overridden by the REDIRECT_TUTORIALS Provider setting.

RegServer Settings

AuthorizationSequence

Authorization sequence used to send invitations to users which are registered on other Registration Servers in the TeamDrive Network via TDNS.

CacheInterval

The time in seconds that Registration Server configuration options are cached. Changes to the Registration Server or Provider setting will be reloaded after CacheInterval expired.

DefaultProvider

Select the existing Provider that acts as the Default Provider (this is usually the first provider created on the Registration Server).

For more information about the Provider concept, please refer to Provider Concept.

LoadBalancerURL

Optional load balancer URL. This URL will be used by the client in place of the standard registration Server URL. If empty RegServerURL will be used.

This setting may contain multiple URLs separated by a ‘|’ character. In this case, the TeamDrive Clients will automatically use a different URL for each call the the Registration Server.

MasterServerName

The name of the Master Registration Server in your TeamDrive Network.

MasterServerURL

Default URL of the Master Registration Server.

PingURL

For an inital connection or later on the online test, the client will ping the PingURL. This will return a defined answer:

<?xml version='1.0' encoding='UTF-8' ?>
<teamdrive>
        <intresult>0</intresult>
</teamdrive>

back to the client, so that the client can check if he can reach the server, or if there is a proxy or an other gateway which require additional steps to get internet access. The PingURL can be located on another server and just requires a file ping.xml with the above content. Default should be the same domain as in RegServerURL,

RegServerDescription

This is a description of the Registraton Server and should include the name of the owner or name of the company that hosts the server. The name and contact information of the administrator of the server should also be provided.

Note

This information is transported to other Registration Servers in the TeamDrive network.

RegServerName

The name of your Registration Server which should be defined together with TeamDrive Systems GmbH. The name must be unique within the TDNS network, and it can not be changed later on without reinstalling all clients.

RegServerURL

This is the main URL which will be used by the Clients to register and interact with the Registration Server. This URL must always be reachable by the Clients to offer the services. If the URL is no longer valid the Clients have no possibility to reach the server again.

ServerLogFiles

Location of various server log files that can be viewed from within the Administration Console via Admin -> View Server Logs. For security reason this setting can only be changed directly in the database to avoid unauthorized access to other than the allowed log files.

ServerTimeZone

Timezone used for date functions in the Adminstration Console. Please ensure that the timezone is valid (see /usr/share/zoneinfo/ for available time zone information)! (default: Europe/Berlin)

SimulateRegServer20

Enables backward compatibility with TeamDrive 2 clients.

Security Settings

These settings allow to enforce some security related restrictions on the Administration Console.

EnableSyslog

Log security events to a local syslog, rather than td-adminconsole.log.

EnableXForwardedFor

Set this value to True if the Admin Console should should read the “X-Forwarded-For” HTTP header. This is required if the Admin Console is configured to run behind a load balancer or some other proxy.

In this case the Admin Console is not directly contacted by the user’s Web-browser, and the IP address of the browser is placed in the “X-Forwarded-For” header by the proxy.

LoginMaxAttempts

The number of failed login attempts of a particular user within LoginMaxInterval before further login attempts are subjected to a delay (default: 5).

LoginMaxInterval

Time interval used by LoginMaxAttempts, in minutes (default: 60).

LoginSessionTimeout

Period of idle time before you need to log in to the Administration Console again, in minutes (default: 30).

SearchResultLimit

The maximum number of search results that will be shown for any given request (0 == unlimited)

UserRecordLimit

If set to a non-zero value, this is the maximum number of user records that can be viewed within the interval defined by UserRecordLimitInterval.

UserRecordLimitInterval

The time interval that UserRecordLimit applies to.

TDNS Settings

TDNSAutoWhiteList

Set this value to True to enable new Registration Servers added to the TDNS network automatically. By default this setting is set to True. Registration Servers automatically whitelisted can be disabled manually in the Admin Console. Note, that if you set this setting to False, you must ensure that the TeamDrive Master Registration Server is manually enabled.

If the Master Registration Server is not enabled then the standard TeamDrive Clients will not be able to connect to your Registration Server. In this case, a custom Client with a DISTRIBUTOR file that references your Registration Server is required.

TDNSEnabled

This value will be used to activate the TDNS integration of the RegServer, so that the users of your Registration Server can invite users of other Registration Servers which are registered in the TDNS network. Each Provider on a Registration Server needs an own TDNS-ServerID and a TDNS-Checksum value which will be defined by TeamDrive Systems. Without these values your server can not communicate with the TDNS. The two values must be set when for adding a new Provider on the Registration Server (see TDNS Settings).

TDNSURL

URL used to access the TeamDrive Name Server (TDNS).