Release Notes - Version 3.x

Change Log - Version 3.6

3.6.8 (2018-02-07)

  • Added new Provider EMAIL settings which override the global Registration Server settings (REGSERVER-1226). This makes it possible to specify the SMTP Server to be used to send emails at the Provider level. Support for sending mails using SSL/TLS by prepending the protocol “smtps://” (only supported on CentOS 7 systems due to dependencies of required curl functionality) and authentification with an username and password was added:
    • SMTP_SERVER: The SMTP Mail Server address (host name), if empty the SMTPServer global setting value will be used.
    • SMTP_SERVER_TIMEOUT: the Timeout in seconds when waiting for the SMTP Mail Server, if empty the SMTPServerTimeOut global setting value will be used.
    • SENDER_HOST: Host name of the email originator. If empty the MailSenderHost global setting value will be used.
    • SMTP_SERVER_USER: Username for smtp authentification.
    • SMTP_SERVER_PASSWORD: Password for smtp authentification.
  • Version 3.6.8 requires YVVA runtime version 1.4.5.

3.6.7 (2017-11-06)

  • Fixed a crash when sending email due to incorrect SQL statement (REGSERVER-1223).

  • Fixed sending of “Future Device” messages which are used to sent invitations to users that do not yet have a device.

  • Documentations has been changed to conform to the new TeamDrive CI.

  • Some devices were not receiving invitations because the “Demo” flag was set. This flag is now ignored when invitations are sent.

  • Replaced TeamDrive logo and colors

  • Improved logging of errors when connected to TDNS, Host Servers and other Registration Servers. If an unexpected reply is received, the server will dump the first 420 characters of the response to the log, in order to help debugging proxy related connection errors.

    During setup of a Registration Server details of incorrect results are provided when you press the “Error Details” button. If the server receives an unexpected result when trying to contact other servers then the first 420 characters are display in the dialog window.

  • External Auth Service: corrected generation of user secret. Added the “alt user secret” to enable transition to a new method for generating user secrets.

  • Added the SETUP-2FA conditional variable for the Portal Pages (Portal Pages) which is set to “true” if the user selects to setup 2-Factor Authentication during login.

    The default portal-login page has been altered to use the variable to indicated if the user has selected to setup 2-Factor Authentication or not.

  • Fixed a bug in the Web-based setup of the Registration Server that caused a “Unknown attribute: ‘REG_SERVER_BUILD’” exception (REGSERVER-1214).

  • Registration Setup as Standalone or Master server now requires as “Setup Code”. This is required in order to prevent the accidental installation of a Registration Server that can only be accessed using a customised TeamDrive Client. A Setup Code can be obtained from support@teamdrive.com, but requires an agreement for the deployment of a “white-label” TeamDrive Client.

  • Fixed a bug in the Registration Server Setup that prevented the installation of a server when using a proxy to access the Master Registration Server.

  • Version 3.6.7 requires YVVA runtime version 1.4.4.

3.6.6 (2017-08-04)

  • Fixed an exception that occurred when attempting to wipe a device (REGSERVER-1210).
  • Fixed a error that occurred when removing a device installation on the client of a user had already been removed (REGSERVER-1211).

3.6.5 (2017-07-13)

  • The Reg Server now handles “store forward” invitations sent by the TeamDrive client, when a user has no active devices (because all devices have been inactive for longer than InviteOldDevicesPeriodActive). Previously this only worked if the user had no devices (which can happen if the user was created via the API).

    The first device that becomes active after this point, whether it is a new device or an old device that was re-activated will receive the invitation (REGSERVER-1200).

  • API call “removelicense” was not working due to a problem with NULL values (REGSERVER-1197).

  • Fixed activation of users and devices via the adminconsole (REGSERVER-1199)

  • Uploaded Client log files are now stored in a table created to store all large binary values (TD2LargeBinaries). This prevents a slowdown of access to the TD2BlobData table (REGSERVER-1202).

    On upgrade the log files will be moved from one table to the other. This can take some time.

  • Added a new covering index to the TD2BlobData table that includes all columns used to search the table. This will allow the server to avoid reading the entire row during a search.

    The column TD2BlobData.Extension has been shortened to 40 bytes (ascii) and the columns TD2BlobData.SourceChecksum has been removed because it is no longer used (REGSERVER-1201).

  • Optimised the queries used in the CSV page in the Admin Console, and fixed a bug that left the ‘error’ and ‘success’ file in the database when a CSV file was deleted

  • Fixed a bug in the “searchuser” API call. When <showdevice> was false, the <total> was incorrectly set to 0 (REGSERVER-1204).

  • Fixed a bug when deleting an user and his depots: If user is not the owner of a depot he must be removed from the depot as an user instead of deleting the depot (REGSERVER-1205).

3.6.4 (2017-05-04)

  • Fixed crash in regserverdistribution (REGSERVER-1186).

  • Fixed an error that resulted in the <licensekey> tag missing from a number of API calls that returned license data (REGSERVER-1187).

  • Fixed setting a client update notification using the admin console (REGSERVER-1189).

  • The <intresult> tag was missing from the result of the “createlicensewithoutuser” API call.

  • Several small fixes for the admin console: improved user search speed and added case insensitive search for usernames, fixed regular expression for magic usernames with an ID > 9999, improved client logs download page

  • Added hint how to start the apache service after mysql (see Enabling Service Autostart)

  • Fixed sending API calls for different provider using the same IP (REGSERVER-1194).

  • Fixed license change history in the adminconsole in cases where the ‘license created’ entry was missing from TD2TicketChanges (REGSERVER-1188)

  • Require entry of a confirmation text when deleting licenses (previously this was only required if the license was created in an external system) (REGSERVER-1193)

  • The default provider can now view uploaded log files for all providers at once (REGSERVER-1190)

  • Installation: set max_allowed_packet=32M in order to support the upload of large client log files (REGSERVER-1192)

  • Fixed a number of problems with the API functions “searchuser” (REGSERVER-1195): It is now possible to retrieve all users by not specifying any search condition. Previously this caused error -30116.

    The result tags <current>, <total> and <maximum> now refer to the number of users, regardless of whether devices are included in the result or not. Previously these tags referred to the number of devices, when <showdevice> was set to true.

    Previously it was possible that devices for the last user returned were missing, if the maximum rows (<total> value) was exceeded when including devices in the result.

    When you specify a <startid> value, the <total> value returned now consistently refers to the total number of users with an ID greater than the specified value.

    This means that, in general, if the <total> value is greater than the <current> value, then the caller knows that more user records are available with the input parameters.

    Previously to version 3.6.4 the result <total> was not consistant if <showdevice> was set to true and should not be used.

  • Increased TD2BlobData.Data column size to allow 50 MB uploaded log files (REGSERVER-1191).

  • Increased TD2Depots.ReposDoc column size to 4000 characters required to store larger repository files (REGSERVER-1185).

3.6.3 (2017-03-22)

  • Added Provider setting EMAIL/IGNORE_TEMPLATES_LIST, which contains a list of email templates. Emails will not be sent with the templates specified in this list (REGSERVER-1184).
  • Added the UsePrecedenceBulk setting which determines whether the “Precedence: bulk” header should be added to outgoing emails (REGSERVER-1182).
  • The API documentation now includes a section on the changes to the API based on the Registration Server version. All changes since version 3.5.0 are noted in the documentation of the API calls (REGSERVER-1173).
  • Fixed a bug removing users from a depot who had been added to the depot when it was created (REGSERVER-1159)
  • Several minor changes and fixes in the Admin Console (fixed spelling License -> Licence, moved “change user license” on the edit user page from device block to user block, fixed 2 SQL statements, added username to client logs download page)
  • Added new clients settings allow-webaccess-by-default and enable-space-webaccess in the documentation

Registration Server API

  • The “activatelicense” and “deactivatelicense” API calls no longer return error -30210 (REGSERVER-1177). If the license is already in the state set, then the call is ignored.
  • Specifying a user in the “removeuserfromlicense” API call is now optional. If specified, then the user must be the owner of the license or a “Unknown license” error will be returned (REGSERVER-1178).
  • Remove the API version number (1.0.006, 1.0.007, etc.) The Registration Server version number is now used to determine when API changes have been made. All API calls now return the <regversion> tag which contains the version number of the server (REGSERVER-1173).
  • “getdefaultlicense” API call: removed the exception that returned the features of the license in use if it was higher than the features of the default license.
  • Added a <licensereference> tag to the input parameters of the “loginuser” call. This tag is used if a default license is created for the user. This is only done if the user has no default license, and the Provider setting DEFAULT_LICENSEKEY is empty.
  • The new reference should now be specified using the <newlicensereference> tag in the “setlicensereference” API call.
  • Added an optional <password> tag to the “removeuser” API call input data.
  • The <featurevalue> tag value may now also be specified as an integer in the “createlicense”, “createlicensewithoutuser”, “upgradelicense” and “downgradelicense” API calls.
  • Added the <licensereference> tag to the <license> block in reply of the “getusedlicense” API call.
  • Added the <licensereference> tag to the <user> and the <device> block in reply of the “searchuser” API call.

3.6.2 (2017-02-01)

  • The Registration Server Portal Pages (see Portal Pages) will no longer allow login of users that have previously logged in using an external authentication service (REGSERVER-1180).
  • If a user is using external authentication then the server will no longer allow the user to change his password. The server now returns an error -24907: Permission denied, when the TeamDrive client attempts to perform on of these functions (REGSERVER-1179).
  • External authentication now first checks wether the authentication token is an internal token used by the portal pages. If not, it checks the URL specified by the AUTH_LOGIN_URL setting (REGSERVER-1181).
  • Added Provider setting USER_IDENTIFICATION_METHOD (REGSERVER-1171). This setting determines how users will be identified (see USER_IDENTIFICATION_METHOD). USER_IDENTIFICATION_METHOD replaces the Provider setting USE_EMAIL_AS_REFERENCE, which has been removed.
  • Fixed a bug that caused the switch-distributor function to always create a new depot and license even when the checkboxes where not selected (REGSERVER-1170)
  • Added new server setting PrivacyURL and Provider redirect page REDIRECT_PRIVACY
  • Added fields to select an existing license when creating a new user in the adminconsole (REGSERVER-1166)
  • Can now filter the list of devices by the username or email address of the user who owns the device (REGSERVER-1160)
  • It is now possible to edit licenses with an “extreference” set (REGSERVER-1168)

Registration Server API

  • The <licensekey> tag must be used in place of the <licensenumber> tag in the API. <licensenumber> has been deprecated and will no longer be accepted in Registration Server 4.0.

  • Added a <licensekey> tag and a <licensereference> tag to the input parameters of the “registeruser” API call. One of these tags can be used to specify a license to assign to the newly created user.

  • Removed the Provider setting API_CREATE_DEFAULT_LICENSE (REGSERVER-1163). A default license is now always created when a user is created by the API, or during TeamDrive Client registration.

    Since the Registration Server version 3.6 now allows a license to be assigned to a user, even when the user has no devices, the default license is also assigned to the user on creation via the API. If the license already has the maximum number of users, the new user will not be created.

3.6.1 (2016-12-02)

  • Fixed a crash that occurred when search user was called from a TeamDrive Client that is registered at a different Registration Server (REGSERVER-1161)

3.6.0 (2016-11-25)

TeamDrive Registration Server version 3.6 is the next major public release following after version 3.5.

Version 3.6 of the Registration Server contains the following features and notable differences compared to version 3.5.

Installation

  • The Reg Server 3.6 supports CentOS 7. RPM’s are available for this version of the OS.

Registration Server Functionality

  • Added the “Web Portal Access” capability bit. This bit represents user-level permission to access Web Portals. The capability bit is only used if the ALLOW_WEB_PORTAL_ACCESS Provider setting is set to peruser (see below).

  • Added ALLOW_WEB_PORTAL_ACCESS Provider setting. This setting determined whether users are permitted to access a Web Portal or not. Possible settings are:

    • permit: All users are permitted to login to Web Portals (this is the default).
    • deny: Web Portal access is denied to all users.
    • peruser: Access is determined by the “Web Portal Access” capability bit.
  • TeamDrive Authentication Services now includes an example of how to connect to Vasco IDENTIKEY Authentication Server. When used in conjunction with the Web Portal, Web Portal version 1.0.6 is required.

  • Emails sent by the server now have a maximum size of 16 MB. Previously the limit was 64 K (REGSERVER-1131).

  • Implemented support for Two-Factor Authentication using the Google Authenticator App.

  • Added the AUTH_SETUP_2FA_URL Provider setting. This value must be set to the URL of the page used to setup two-factor authentication.

    See How to Setup Two-Factor Authentication for details.

  • Added ALLOW_MAGIC_USERNAMES Provider setting. When set to True, users of the Provider may register with usernames that match the standard “magic username” pattern.

  • Added ISOLATED_EMAIL_SCOPE Provider setting. When set to True, the users of the Provider may use email addresses that are in use by other users, as long as the email addresses are unique for the Provider (REGSERVER-1125).

  • Added the HIDE_FROM_SEARCH Provider setting. When set to True, this setting will prevent users from being found by a Client when doing the standard username and email address searches, during login and when inviting users to a Space (REGSERVER-1124).

  • Added the PROVIDER_DEPOT Provider setting. This setting may be used to specify that a certain Depot should be used as default Depot for all users of a Provider (REGSERVER-1117).

  • Added the SUPPORT_EMAIL Provider setting. This setting specifies the email address that will be notified if support content is uploaded to the Registration Server.

  • Users will now receive “store forward” invitations no matter which Registration Server the invitation is located on. Previously a user had to register on the same Registration Server as the store forward message.

    A store forward invitation is created when a user invites another user via email, but the user is not yet registered.

  • HTTPS is now used for all communications with a Host Server if the Provider setting API_USE_SSL_FOR_HOST is set to True.

  • Added the Registration Server setting: EmailGloballyUnique. When set to True the Registration Server will check to ensure that an email address is not in use by any other Registration Server in the TeamDrive Network (REGSERVER-809).

    This value is automatically set to the same value as UserEmailUnique on upgrade to version 3.6 or later.

    See EmailGloballyUnique for details.

  • LDAP/AD Connectivity (REGSERVER-506): The LDAP/AD external authentication reference code has been improved so that all important parameters are in one configuration file.

    The file “ldap_config.php.example” must be duplicated and renamed to “ldap_config.php” on installation. The file parameters should then be modified as required. Further instructions and a description of the parameters is provided in the “ldap_config.php” file.

Registration Server API

  • Updated version number of API to 1.0.007.

  • Added notifications: the Registration Server can be configured to send a notification when a change is made to a user. To do this, the Provider setting API_ENABLE_NOTIFICATIONS must be set to True, and the setting API_NOTIFICATION_URL must be set to the URL that will receive the notification (TRUS-136).

  • The tag <webportal> has been added to the API functions: “searchuser”, “loginuser”, “getuserdata” and “registeruser”. This tag indicates whether the user is permitted to access a Web Portal.

    Note that if the Provider setting ALLOW_WEB_PORTAL_ACCESS is set to permit or deny, the the value returned in the <webportal> tag will reflect this setting, not the value of the user’s Web Portal Access capability bit.

    When calling “setcapability” the <capability> tag may be set to the value “webportal”, in order to set Web Portal Access capability bit.

  • The “searchuser” API call now accepts the input tags <distributor>, <reference> and <authid>, which are used to search for users with specific external reference or external authentication ID. These tags can be used in addition to or in place of other search tags. The ‘*’ search wildcard is not recognised which searching for these values.

    When searching by <reference> and <authid> the <distributor> will automatically be added to the search conditions (normally this is only done when you set <onlyownusers>true</onlyownusers>).

    Note that setting <distributor> to a value other than your own Provider code is only permitted if you are the “Default Provider”. Web Portals working on the behalf of a Provider may also set the <distributor> tag accordingly.

  • The “registeruser” API call now returns a <userdata> block with the complete details of the user. The <username> outside of the <userdata> block has been deprecated and will be removed in version 4.0.

  • Added the Provider setting EXT_LICENCE_REF_UNIQUE, default True. If set to False duplicate license references are allowed (REGSERVER-1130).

  • Removed the Provider setting CLIENT_DEFAULTLICREF. The license reference must now be provided as parameter to the API call (REGSERVER-1130).

  • The <licensereference> tag can now be used to specify the license in place of the <licensenumber> tag (REGSERVER-808). Note that the license reference must be unique for each Provider, if EXT_LICENCE_REF_UNIQUE is set to True (which is the default).

  • Added the “sendtemplatemail” API call. This call can be used to sent standard template based emails to user, Providers or some other recipient (REGSERVER-1103).

  • Added lookup of an Email on TDNS to the “tdnslookup” call. The result is a list of Registration Servers (REGSERVER-1113).

  • Client API: the client version will now be extracted from the path: “/teamdrive/clientversion”, in addition to the paths used previously. Command names are case-insensitive.

Administration Console

  • Added “Delete Provider” Functionality (REGSERVER-1127). Deleting a Provider will delete all user, licenses and depots that belong to the Provider. If the Reg Server is connected to TDNS, the delete process will be suspended until the Provider has been removed from TDNS.
  • If too many failed logins are detected for a user, further attempts are subjected to a delay that increases with the number of login attempts, up to a maximum delay of 2 minutes. The previous system of a constant 5 second delay will still be used if the user login is protected by the LOGIN_IP provider setting (REGSERVER-534)
  • Added an option to move spaces from one depot to another (REGSERVER-1116)
  • Depot change history can be displayed on the edit-user page, when available (REGSERVER-1040)
  • A users Spaces are fetched more efficiently when displaying them on the edit-user page, which solves some browser memory problems when a user has a lot of spaces. Unfortunately this also means that the list of spaces can no longer be sorted (REGSERVER-1122)
  • The list of spaces on the edit-user page can now be exported as a CSV document (eg. for opening in Excel) (REGSERVER-1128)
  • Users can now be added or removed from a license on the edit-license page (REGSERVER-1129)
  • Changing a license owner can now be done only via the edit-license page. The function has been removed from the edit-user and license overwiew pages to avoid confusion with the ‘add user to license’ function (REGSERVER-1129)
  • The Admin Console now displays the Host Server version number. The version number is only correctly updated with Host Server version 3.6.1 or later. Otherwise, the number displayed is the version of the original Host Server installation. Note that, in this case, the version number displayed is of the form: <major>.<minor>.**.<patch>, for example: Host Server version 3.0.011 (for example) is displayed as: 03.00.**.00011.

Change Log - Version 3.5

3.5.10 (YYYY-MM-DD)

Registration Server API

  • The <licensekey> tag should be uses in place of <licensenumber> in calls that accept this as an input paramater. <licensenumber> will still be accepted, but has been deprecated and will be removed in Registration Server version 4.0.
  • The “searchuser” API function returns <licensekey> instead of <licensenumber> (as added in 3.5.9).
  • The API calls: “searchuser”, “getuserdata”, “getlicensedata”, “getdefaultlicense”, “getusedlicense”, “createlicense” and “createlicensewithoutuser” now return the tag <licensekey> in addition to <number>. The contents is the same. The <number> tag is deprecated and will be removed in a future version.

3.5.9 (2017-01-16)

  • Avoid adding or removing the depot owner from the user list (REGSERVER-1158)
  • Added a new server PrivacyURL and Provider redirect page

Registration Server API

  • Added <showlicense>true/false</showlicense> tag to the “searchuser” API call. When set to true, license information is returned in the result. This includes <licensenumber>, <featurevalue> and <licensestatus> tags in the <user> tag which indicate the current license set for the user, and the features of the license. A <licenselist> tag is also returned with a list of the licenses that belong to the user.

3.5.8 (2016-08-26)

Note

Version 3.5.8 will fix an error in the depot documents as described below in REGSERVER-1141. To save the successull update the file /var/opt/td-regserver/StartupCache.pbt will be updated. This might fail in case of the wrong user “root” ownership. Please correct the ownership with:

chown apache:apache /var/opt/td-regserver/StartupCache.pbt

Note

Updating the registration server on CentOS 7 with “yum update” might update the apache to a newer version. This update could re-install the deleted “conf”-files in the folder /etc/httpd/conf.modules.d/ and will prevent starting the apache. Please follow the modified instruction to disable all modules in the “conf”-files instead of deleting them as described in Apache 2.4 (CentOS 7)

  • Documented additional client settings and ordered client settings alphabetically.
  • Fixed the problem that email notifications, such as comments on files, to users on other Registration Servers were ignored. In future, only registered and activated users will be able to send emails. However, the sender can specify an email address instead of a username, in order to send a notification to non-registered users, or users on other Regisration Servers (REGSERVER-1147).
  • The Host Server may return a Depot document with a SERVERFLAGS field with an incorrect terminator. These documents will be corrected in the database and when returned by the Host Server (REGSERVER-1141).
  • Fixed a bug in “wipedevice” API call (REGSERVER-1139)
  • The adminconsole will make requests to hostservers over the hostserver proxy, if one is configured (REGSERVER-1148)

3.5.7 (2016-07-12)

  • Fixed a bug in “createlicense” API call: if the user has no other default license, then the created license will now be correctly set as the default.
  • The [[GREETING]] in emails templates: “inv-user-invited-passwd” and “inv-user-invited”, incorrectly used the name of the sender of the invitation, instead if the invitee (REGSERVER-1136).
  • Deleting users, depots, or spaces in the Adminconsole now requires the user to type the word ‘DELETE’ in a confirmation dialog, to prevent accidental deletion (REGSERVER-1133)

3.5.6 (2016-06-21)

  • The ssl configuration has changed. All settings are now located in a separate configuration file. Please remove the old configuration in your ssl.conf:

    RewriteEngine on
    RewriteLogLevel 0
    RewriteLog "/var/log/httpd/rewrite.log"
    
    RewriteRule ^/setup$ /setup/ [R]
    RewriteRule ^/setup(.*) /yvva/setup$1 [PT]
    RewriteRule ^/pbas/td2as/(.*)$ /yvva/$1 [PT]
    RewriteRule ^/pbas/td2api/(.*)$ /yvva/$1 [PT]
    

    and add the new include as described in chapter Configure mod_ssl

  • The authenticate call now handles authentication tokens that do not contain an email address. The allows an external Authentication Service prevent the automatic creation of a user if the user does not exist.

    If the email address is missing from the authentication token then the Registration Server will return the “user not found” error if the user ID in the authentication does not match an existing user.

    As before the user ID in the token is compared to the “External Authentication ID” field of the user. This field can be edited in the Admin Console, if USE_AUTH_SERVICE is enabled (set to True). If users are not created automatically then it is most likely that this field must be set manually when the user is created.

    The alternative is to import the value of the “External Authentication ID” when creating and users using the CSV import facility.

  • Updated Yvva version to 1.3.6 (required with CentOS 7)

3.5.5 (2016-05-14)

  • Add support for CentOS 7 with apache 2.4

  • When a user is removed, if the users licenses are not removed, the licenses are now correctly freed so the may be assigned to another user (REGSERVER-1120) . Note that the default license is no longer a default license when freed.

  • Corrected handling of default license. This could be overbooked (REGSERVER-1119). If a default license is assigned to the owner, and it is overbooked, then it will now be automatically removed from a number of users as required. Removal begins with less active users (users that accessed a device more recently will be favoured when removing licenses).

    When a license is removed, the user license is reset to the user’s default. Note that this may fail if the user is not the owner of his/her default license, which may be the case when using the DEFAULT_LICENSEKEY Provider setting.

  • When changing the Provider of a user update of TDNS was not correct in the case when the case-sensitivity of usernames changed (REGSERVER-361).

  • Added <intresult> tag to result of “createlicense” API call.

  • No longer send email notification message for 4.3.1 clients, because they are able to synchronise user data using the “mod protocol” (REGSERVER-1110).

Registration Server API

  • The order of the XML tags in the API documentation now matches the actually order of tags returned by the server. Some tags that were ommitted have been added (REGSERVER-949).

3.5.4 (2016-01-25)

  • The contents of the <message> tag in an exception was not correctly encoded which lead to invalid XML returned by the DISTRIBUTOR_REDIRECT (-30004) exception, which includes a URL in the message tag.
  • Fixed a crash which could occur when assigning a license to a user with a device that was not activated (REGSERVER-1104)
  • /bal/*html and /act/*html URLs were incorrectly returning “text/xml” as content type. This has been changed to “text/html” (REGSERVER-1106).

3.5.3 (2016-01-14)

  • Added a “Registration Server How To’s” chapter to the Admin Guide.
  • The transfer limit for depots on hostservers that do not enforce the traffic limit is now displayed as ‘Unlimited’ (REGSERVER-742)
  • Added ‘,’ to the reserved characters that are not allowed in usernames. This is in addition to ‘;’ and ‘$’.
  • When DEFAULT_LICENSEKEY is specified the setting PROFESSIONAL_TRIAL_PERIOD no longer has an effect. It is considered to be 0, which means that no trial period is available.
  • ClientPollInterval was incorrectly stored in the database in seconds by the Admin Console. The unit used in the database is 0.2 seconds (i.e. seconds x 5). This has been corrected. Default value is 60 seconds, as before.
  • Fixed a bug editing / deleting depots belonging to a provider other than the default provider
  • Implemented “one-off-secureoffice-trial” license purchase. This will allow users to start a trial period when using the SecureOffice version of TeamDrive.
  • Removed the following Registration Server settings: MediaURL, NotificationURL, RedirectorURL, UpdateAvailableURL. All these Settings now use hard-coded URLs that reference the Registration Server (REGSERVER-1100).
  • Removed all references to providerinfo.html and clientinfopage.php. These were used as default redirect pages. Now, if no redirect URL is set, the Registration Server will return a HTML page with a messsage. For example, if a forum URL is not specified by the Provider (REDIRECT_FORUM setting), or in the Registration Server setting (ForumURL), then a page with the message: “Sorry, your service provider has not specified a forum page”, will be returned (REGSERVER-1080).
  • The LoadBalancerURL may contain multiple URLs separated by a ‘|’ character. In this case, the TeamDrive Clients will automatically use a different URL for each call the Registration Server.
  • Removed BalanceURL Registration Server setting. TeamDrive Clients that still use this setting will be directed to a hard-coded URL on the Registration Server: http://<reg-server-domain>/pbas/td2as/bal/server.xml (REGSERVER-917).
  • Fixed the “MAIL FROM:” header in emails sent. The Reg Server now correctly sets this field according to the MAIL_SENDER_EMAIL Provider setting (REGSERVER-1099)
  • Fixed a bug: the language passed to the Reg Server on registration was incorrectly converted to upper case and stripped of the location information. The unconverted language sent by the Client is now stored in the database (REGSERVER-1097)
  • Fixed a bug in the admin console displaying the license language when editing (REGSERVER-1096)
  • The Reg Server now supports a single Web Portal that manages internet access for multiple providers. This means that Multiple providers can use the same IP number in the API_WEB_PORTAL_IP setting (REGSERVER-1095)

Registration Server API

  • The “registeruser” API call will now always returns a <username> tag as well as the standard <intresult> tag on success. For example:

    <teamdrive><username>$NEW1-1061</username><intresult>0</intresult></teamdrive>
    

    This is useful if the caller wishes to know the magic username generated by the server (REGSERVER-838).

  • If a user is created via the API, or by CSV import, then it may not be known which language the user will use. In this case the language may be set to “-”. The “-” will be ignored by the TeamDrive Client. API calls will return the default language in this case (REGSERVER-1097)

3.5.2 (2015-12-04)

  • Fixed API function “setdistributor” to handle more than one depot in case of switchdepot = true (REGSERVER-1087)
  • Fixed sending a store forward invitation in case of device not found fails, if sender is registered at a foreign Reg-Server (REGSERVER-1088)
  • AdminConsole: Fixed misleading error message in case of deleting a user

Registration Server API

  • Changed API function “confirmuserdelete”: allow using the call without sending the user password (REGSERVER-1089)
  • Fixed sending Store Forward invitation for a “standalone” Registration Server (REGSERVER-1092)

3.5.1 (2015-11-04)

  • Fixed api call “setdepotforuser” and “removedepotfromuser”: The depot information sent to the clients used a wrong format (REGSERVER-1085)
  • API log view in the admin console will now display API requests from the Web-Portal (REGSERVER-1083)
  • Greetings macro was not replaced in mail templates (REGSERVER-1079)
  • Added hint in the admin console to show if the background task for sending mails and processing other background tasks is running (REGSERVER-1078)
  • Fixed API access in the Apache configuration using the URL from older API documentations (using ../td2api/.. in the URL instead of ../td2as/..) (REGSERVER-1071)
  • Fixed deleting a depot for an user in the admin console. Depot was deleted on the Host Server, but the reference on the Registration Server was not removed (REGSERVER-1070)
  • Fixed access to missing language column in the email change confirmation page (REGSERVER-1069)
  • Fixed wrong path to tdlibs-library folder in upload.php (REGSERVER-1067)
  • Changed the default value for the setting TDNSAutoWhiteList to True (REGSERVER-1072) and handle the special case of the Master-Server when changing the setting back to false in the admin console. Master-Server could only be disabled when using a white label client (REGSERVER-1073)
  • Fixed api call “getusedlicense” to avoid duplicate usernames in user list (REGSERVER-1066)
  • Fixed connecting TeamDrive Master Server during the setup in case of server-type “standalone” (REGSERVER-1064)
  • Replaced TeamDrive 3 screenshot with TeamDrive 4 in chapter “TeamDrive Client-Server interaction” (REGSERVER-977)
  • Added hint in documentation to enable HTTPS for the API communication between Registration Server and Hosting Server (REGSERVER-499)

Registration Server API

  • Added API call “changelicensepassword” (REGSERVER-1075) and use bcrypt for license password encryption (REGSERVER-965)

3.5.0 (2015-09-21)

TeamDrive Registration Server version 3.5 is the next major public release following after version 3.0.018.

Note

Please note the the version numbering scheme for the Registration Server has been changed starting with version 3.5. The first two digits of the version string now identify a released version with a fixed feature set. The third digit, e.g. “3.5.1” now identifies the patch version, which increases for every public release that includes backwards-compatible bug or security fixes. A fourth digit identifies the build number and ususually remains at zero, unless a rebuild/republishing of a release based on the same code base has to be performed (e.g. to fix a build or packaging issue that has no effect on the functionality or feature set).

Version 3.5 of the Registration Server contains the following features and notable differences compared to version 3.0.018. This includes all changes made for version 3.0.019, which was an internal interim release used to deploy and test most of the new functionality described below.

Installation

  • The initial configuration and initialization of a Registration Server is no longer performed by filling out the RegServerSetup.xml file and running the RegServerSetup.pbt script on the command line. Instead, a web-based setup process has been implemented, which guides the administrator through the steps involved.
  • The Registration Server no longer depends on the PrimeBase Application Environment (e.g. the mod_pbt Apache module or the pbac command line client), provided by the RPM package PrimeBase_TD in version 3.0.018). Instead, it is now based on the Yvva Runtime Environment which is already used for the TeamDrive Host Server since version 3.0.013 and newer. The environment is provided by the yvva RPM package, which will automatically replace any installed PrimeBase_TD RPM package during an upgrade. The central log file /var/log/td-regserver.log is the central log location for all Yvva-based components; the previous log files (e.g. /var/log/pbt_mod.trace, /var/log/pbvm.log or /var/log/pbac_mailer.log) will no longer be used.
  • The Apache HTTP Server configuration file for the Registration Server has been renamed from /etc/httpd/conf.d/pbt.conf to /etc/httpd/conf.d/td-regserver.httpd.conf.
  • The installation no longer requires the Apache HTTP Server to be configured using the “worker” MPM, which simplifies the overall installation and configuration of the base operating system and allows for using the PHP Apache module instead of the FastCGI implementation for the Administration Console.
  • The login credentials required to access the Registration Server’s MySQL database server are now stored in a single configuration file /etc/td-regserver.my.cnf, which is consulted by all components (e.g. the Administration Console, Registration Server or the Auto Task background service).
  • The background service providing the Registration Server Auto Tasks has been renamed from teamdrive to td-regserver and is now based on the yvvad daemon instead of the PrimeBase Application Client pbac. Please make sure to update any monitoring systems that check for the existence of running processes. The configuration of the td-regserver background service is stored in file /etc/td-regserver.conf.
  • The PBT-based code of the Registration Server is no longer installed in the directory /usr/local/primebase. The content of the td-regserver RPM package has been restructured and relocated to the directory /opt/teamdrive/regserver.

Registration Server Functionality

  • Added support for the new business model introduced with TeamDrive 4 Clients (e.g. full support for trial licenses with an expiration date, restricted Client functionality via Client settings).
  • The CSV import of users is no longer performed by a cron job running a separate PHP script anymore. Instead, there is now an additional “CSV Import” Auto Task that provides this functionality.
  • Email and HTML activation page templates are no longer stored and managed in the Registration Server’s file system. Instead, they are now stored in the Registration Server’s database and managed via the Registration Server Administration Console. During an upgrade from a previous version, any existing template files will be imported from the file system into the database. As a result, the following server settings have have been deprecated and will be removed during an upgrade: PathToEMailTemplates, ActivationURL, ActivationHtdocsPath, HTDocsDirectory.
  • The “Move Store Forward Messages” Auto Task has been removed, as it’s no longer required. Store Forward invitations are now forwarded automatically, when a user installs a new device.
  • Some license related provider settings have been moved from the CLIENT category to the more appropriate LICENSE category, namely CLIENT_DEFAULTLICREF, DEFAULT_FREE_FEATURE and DEFAULT_LICENSEKEY.
  • The provider setting API/API_USE_SSL_FOR_HOST has been moved into the more appropriate HOSTSERVER category.
  • A number of Server Settings that used to apply to all providers hosted on a Registration Server can now be defined on the provider level. The following provider settings have been added:
    • API/API_REQUEST_LOGGING: Set to True to enable logging of API requests in the API log. The value is False by default.
    • EMAIL/USE_SENDER_EMAIL: Set to True if you wish to use the actual email address of the user when sending emails to unregistered users, otherwise the value of EMAIL_SENDER_EMAIL is always used.
    • HOSTSERVER/AUTO_DISTRIBUTE_DEPOT: Set to True if the Depot should be distributed automatically.
    • LICENSE/ALLOW_CREATE_LICENSE: Set to True to allow the creation of licenses. The value is False by default and can only be changed by the default provider.
    • LICENSE/ALLOW_MANAGE_LICENSE: Set to True to allow the management of existing licenses. The value is False by default and can only be changed by the default provider.
  • Log messages and errors from the Yvva-based Registration Server components as well as the Administration Console can now be logged via syslog as well.

Registration Server API

Numerous enhancements and additions to the Registration Server API, to provide more functionality for integrating with external applications (e.g. web shops).

  • Added API call deletelicense, which marks a license as “deleted”. The API call cancellicense will set a license to “disabled” instead of “deleted” now.
  • Added API call tdnslookup, which performs a lookup at the TeamDrive Name Service (TDNS) to find a given user’s Registration Server.
  • Added new functions: deactivateuser, disableuser, enableuser, updated API reference documentation accordingly.
  • Added new function setdepartment to set the department reference for a user.

Administration Console

Various security and usability enhancements as well as modifications to support changes made to the Registration Server API and functionality.

Usability Improvements
  • Re-organized the navigation for the various Administraion Console pages, ordered and grouped them in a more logical fashion.
  • Error messages when making changes to the Provider or Registration Server Settings are now displayed more prominently.
  • The Administration Console now prohibits the manual creation of Depot files for system users such as a Host Server’s tdhosting-<hostname> user.
  • The workflow of the Create Depot page has been reworked to be more straightforward, and will perform better validation to prevent users from different providers getting assigned to the same Depot. The form now also allows creating a depot as the default depot for the selected user. (REGSERVER-700, REGSERVER-907, REGSERVER-913)
  • The login page now displays a notice to enable JavaScript if JavaScript is disabled in the user’s browser. (REGSERVER-916)
  • You can now filter the license table by expiry date, contract number, and holder email. The contract number and holder email have been added to the table, and the rest of the columns have been compacted slightly to create more space. (REGSERVER-885)
  • Trial licenses are marked with a “Trial: <end date>” tag in the “More Details” section of the user overview table, the user editing page, and the license overview. (REGSERVER-891)
  • The user overview will display ‘N/A’ rather than ‘Free’ as the user’s highest license, if the user has no installations yet. (REGSERVER-904)
  • Banner management: Example banner elements are now downloaded with an appropriate file name. (REGSERVER-725)
  • Searching for a username on the main user list is now case insensitive when the entire username is provided. (REGSERVER-906)
  • Most of the input forms on the Administration Console will automatically trim leading and trailing whitespace from text fields. (REGSERVER-912)
  • Can reset/delete multiple messages in the email queue at once (REGSERVER-773)
  • Can delete multiple CSV-import log files at once (REGSERVER-990)
  • The email templates are sorted into categories which can be shown or hidden. Categories of templates that are not relevant (based on provider settings) are hidden by default (REGSERVER-1026)
  • The create-provider dialog will only show the TDNS related fields if TDNS access is enabled in the registration server settings (REGSERVER-1032)
  • Multiple spaces can be deleted at once, without requiring a complete page reload (REGSERVER-573)
  • Deleted licenses are hidden by default, and can be shown by setting a filter option (REGSERVER-825)
  • Merged the “LoginSecurity” server settings group into the “Security” group
  • Edited some table column labels to be more descriptive (REGSERVER-1057)
Security Enhancements
  • The Administration Console can now be configured to require two-factor authentication via email for users that want to log in. The provider-specific setting LOGIN/LOGIN_TWO_FACTOR_AUTH can be used to enable this feature. Two-factor authentication is disabled by default.
  • A Password complexity level is now indicated when creating/changing passwords.
  • Security relevant events are logged either into a local log file /var/log/td-adminconsole.log or via syslog. In particular, the following events are logged:
    • Failed logins
    • Failed two-factor authorization attempts
    • Changes to security-related Provider/Server settings (e.g. login timeouts, API access lists, etc.)
    • Password changes
    • Changes to the privileges of users
    • Failed session validations
  • If, on login, the user already has an active session, require a two-factor authentication step.
  • Added server settings that can be used to limit the number of records that may be viewed in the console. (SearchResultLimit, UserRecordLimit, UserRecordLimitInterval)
  • When, on login, the user already has an active session, there is the option to immediately end existing sessions (after completing the two- factor authentication step) (REGSERVER-1036)
  • The Manage Servers page no longer lists all servers on the TDNS network. Instead, there is an option to either enable/disable communication with all other Registration Servers, and exceptions to the chosen default need to be set by entering the exact server name. This is done so that the name of a customer’s Registration Server is not automatically visible to everyone else on the TDNS network (REGSERVER-1042).
Added Functionality
  • It is now possible to edit the list of users belonging to a Space Depot on the user editing page (REGSERVER-905). Editing of Depots (change limits, delete, activate, etc.) now takes place in a separate dialogue.
  • Added a page that can be used to edit the HTML templates for web pages.
  • The Administration Console now adds the <changeinfo> tag to the following Host Server API calls: createDepot, (de)activateDepot, and createDepot.
  • Added functionality to resend Depot information to the user. (REGSERVER-896)
  • The Administration Console now uses the Registration Server API to enable/disable/wipe users. (REGSERVER-803)
  • Licenses will now be marked as “deleted” with the new deletelicense API function. (REGSERVER-883)
  • Removing a user from a license will now also remove that license from the user’s devices. (REGSERVER-720)
  • Licenses are edited strictly via the API, added the Send email button to all forms, made license type editable.
  • Added support for the new API calls, added support to manage the new license feature flag “Restricted Client” (which allows to enable configurable Client-side restrictions like the maximum number of Spaces).
  • Client log files and support requests can now be viewed on the “Download Client Log Files” page. The default provider can view log files for all providers. (REGSERVER-1025 and REGSERVER-1024)
  • If the default provider has assigned a hostserver to another provider via the HOST_SERVER_NAME setting, the other provider will be able to create depots on that server even if the provider would not normally have access to the server

Change Log - Version 3.0.019

3.0.019.8

  • Fixed the key-repository count on the edit-user page (REGSERVER-1020)
  • Fixed an issue where the Administration console was not using the correct API functions when adding or removing users from a depot (REGSERVER-1061)

3.0.019.7 (2015-07-08)

  • Fix for handling update notifications between version 3.x and 4.x. 3.x clients will not get a 4.x upgrade notification (REGSERVER-985)

3.0.019.6 (2015-07-07)

  • Can now set the newsletter capability bit when creating and editing users (REGSERVER-1010, REGSERVER-1015, REGSERVER-1008, REGSERVER-1007)
  • Added new templates to confirm recieving a newsletter (REGSERVER-1009)
  • Handle messages larger 20K to use 1.0 encryption to avoid timeouts (500x faster than 2.x encryption) (REGSERVER-1014, REGSERVER-1012, REGSERVER-418)

3.0.019.5 (2015-06-23)

  • Fixed bug caused by WEB_PORTAL_IP handling (REGSERVER-969)
  • Administration Console: Support Host Server version 3.0.010 (REGSERVER-976)
  • Extend TDNSRequest to handle provider code returned from TDNS (REGSERVER-980)
  • Handling update notifications between version 3.x and 4.x. 3.x clients will not get a 4.x upgrade notification (REGSERVER-985)
  • Activation code length for email change reduced (same logic as requesting a new password)
  • API: upgradedefaultlicense and downgradedefaultlicense accepts the feature strings instead of license bits

3.0.019.4 (2015-06-02)

  • Administration Console: It is now possible to edit the list of users belonging to a Space Depot on the user editing page (REGSERVER-905). Editing of Depots (change limits, delete, activate, etc.) now takes place in a separate dialogue.
  • Administration Console: Display a notice to enable JavaScript if JavaScript is disabled in the user’s browser. (REGSERVER-916)
  • Administration Console: fixed a bug that could cause entries in the license- change history to appear in the wrong order (REGSERVER-943)
  • API: Function setreference() use newreference XML tag (REGSERVER-936)
  • Fixed access to statistic database (REGSERVER-941)
  • API: Added tdnslookup-call (REGSERVER-956)
  • API: Fixed searchuser-call (handling user and device status)
  • API: Security improvement when to switch distributor
  • API: Added WEB_PORTAL_IP to allow API access from the web prtal

3.0.019.3 (2015-04-09)

  • Administration Console: Fixed a bug then when editing licenses, the correct license type will now be displayed.
  • Administration Console: Select the ‘yearly’ license type by default when creating licenses.
  • Administration Console: Will send the correct license-type identifier to the API when creating TDPS licenses.
  • Administration Console: The Administration Console now uses the Registration Server API to enable/disable/wipe users. (REGSERVER-803)
  • Administration Console: Added functionality to resend Depot information to the user. (REGSERVER-896)
  • Administration Console: You can now filter the license table by expiry date, contract number, and holder email. The contract number and holder email have been added to the table, and the rest of the columns have been compacted slightly to create more space. (REGSERVER-885)
  • Administration Console: Trial licenses are marked with a “Trial: <end date>” tag in the “More Details” section of the user overview table, the user editing page, and the license overview. (REGSERVER-891)
  • Administration Console: Licenses will now be deleted with the new deletelicense API function. (REGSERVER-883)
  • Administration Console: The user overview will display ‘N/A’ rather than ‘Free’ as the user’s highest license, if the user has no installations yet. (REGSERVER-904)
  • Administration Console: The Create Depot page has been reworked to be more straightforward, and will perform better validation to prevent users from different providers getting assigned to the same Depot. The form now also allows creating a depot as the default depot for the selected user. (REGSERVER-700, REGSERVER-907, REGSERVER-913)
  • Administration Console: Searching for a username on the main user list is now case insensitive when the entire username is provided. (REGSERVER-906)
  • Administration Console: Most of the input forms on the Administration Console will automatically trim leading and trailing whitespace from text fields. (REGSERVER-912)
  • API: Fixed a bug in the wipedevice function that prevented the “wipeout pending” flag to be set. (REGSERVER-892)
  • API: Fixed a bug in the sendinvitation function that caused additional Depots not longer to be sent to a user’s devices. (REGSERVER-896)
  • API: Fixed a bug creating default licenses for a user belonging to a different provider. (REGSERVER-889)
  • Installation: Fixed a minor syntax error in RegServerSetup.pbt
  • See the 3.0.018.8 (2015-04-07) change log for additional changes.

3.0.019.2 (2015-03-05)

  • Administration Console: Added support for setting the restricted feature flag on licenses (previously labeled enterprise).
  • Administration Console/Documentation: Updated the TeamDrive logo to the new branding.
  • Administration Console: Check a license’s extreference before allow editing of TDPS licenses. (REGSERVER-855)
  • Administration Console: Continue to show only the selected license after jumping to a specific license in licenceAdmin.php and then removing a user from it.
  • Administration Console: Licenses are edited strictly via the API, added the Send email button to all forms, made license type editable.
  • API: Added new functions: deactivateuser, disableuser, enableuser, updated API reference documentation accordingly.
  • Registration Server: added check to handle an empty LicenseEmail field when sending out license change notifications to a provider. (REGSERVER-871)
  • See the 3.0.018.7 (2015-03-05) change log for additional changes.

3.0.019.1 (2015-02-19)

  • API: Added new function setdepartment to set the department reference for a user.
  • Administration Console: Added <changeinfo> to the following Host Server API calls: createDepot, (de)activateDepot, and createDepot.
  • Registration Server: Fixed bug in returning the Server’s capability bits to the Client.
  • See the 3.0.018.6 (2015-02-19) change log for additional changes.

3.0.019.0 (2015-01-22)

TeamDrive Registration Server version 3.0.019 is the next major release following after version 3.0.018 (based on 3.0.018.5).

Version 3.0.019 contains the following features and notable differences compared to version 3.0.018:

  • Support for the new business model introduced with TeamDrive 4 Clients (e.g. full support for trial licenses with an expiration date, restrict Client functionality via settings).
  • Numerous enhancements and additions to the Registration Server API, to provide more functionality for integrating with external applications (e.g. web shops).
  • Administration Console: added support for the new API calls, added support to manage the new license feature flag “Restricted Client” (which allows to enable configurable Client-side restrictions like the maximum number of Spaces).
  • API call removeuserfromlicense failed in case of empty <changeid>
  • Added API call deletelicense. The API call cancellicense will set a license to disabled instead of deleted now.
  • Administration Console: The workflow of the Create Depot page has been improved and now allows creating default Depots for users that do not yet have a default Depot.
  • Administration Console: can set whether or not a user should receive the newsletter when creating and editing users

Change Log - Version 3.0.018

3.0.018.9

  • Administration Console: update copyright date (REGSERVER-915)
  • Administration Console: fixed a session-handling issue related to parallel ajax requests (the result would usually be a “session variables not set” error in the adminconsole)

3.0.018.8 (2015-04-07)

  • Administration Console: prevent editing of the valid until license field for licenses that are not either in the active or expired phase, as this may cause problems with the restricted license feature. (REGSERVER-886)

  • Administration Console: the restricted license feature flag will be sent to the API as restricted rather than enterprise (REGSERVER-869)

  • Administration Console: Restricted licenses are marked with (Restricted) on the user overview and user details pages. (REGSERVER-877)

  • Administration Console: Allow displaying and entering language codes longer than two characters on the user editing page. (REGSERVER-898)

  • Administration Console: Fixed a bug that caused an incorrect count of a user’s installations and invitations on the user overview page. (REGSERVER-901)

  • Administration Console: Fixed a bug on the edit-user page that prevented editing users that had been flagged for deletion. (REGSERVER-902)

  • Administration Console: The Administration Console will now send the affected user’s provider code instead of the provider code of the user logged into the Administration Console when creating Depots and inviting other users to that Depot. (TRUS-61)

  • API: The API now allows setting language codes as defined in RFC 5646 (e.g. en_US or de_DE) which will be used by TD4 clients when registering a new user. (REGSERVER-898)

  • Registration Server: Improved error logging: the output of several error messages (e.g. error codes -24916, -24919, -24909, -24913 or -24912) is now truncated and reduced to the relevant parts.

    Error messages are now dumped in the following form:

    03/16/2015 15:23:19 #1 ERROR: ERROR -24777: "reg_shared.pbt"@client line 183:
    This is an error! [command=setparcels;device=377]
    

    The Registration Server now reads out the log level defined in variable 342 of the pbvm.env configuration file so that it is used in code run by the PBT Apache module mod_pbt (previously, the log level was ignored by the PBT module). Valid log values are: 0=Off, 1=Errors, 2=Warnings, 3=Trace. (REGSERVER-859)

  • Registration Server: When creating a new device, the device now receives the same license as all other devices, independent of the license’s status. (REGSERVER-888)

  • Documentation: Fixed link structure in the HTML documentation so that clicking Next and Previous works as expected (REGSERVER-908)

  • Documentation: Removed the chapter that describes the MySQL databases and tables that will be installed from the Reference Guide. (REGSERVER-899)

3.0.018.7 (2015-03-05)

  • Administration Console: Added support for setting the restricted feature flag on licenses (previously labeled enterprise).
  • Administration console: Updated list of template types viewed in the mail queue view. (REGSERVER-841)
  • Administration console: Updated misleading text when viewing device messages from users located on another server. (REGSERVER-839)
  • Registration Server: Fixed that ProfileDataExchangeEnabled was not checked when changing a user’s email address and the Registration Server database schema has not been converted to the 3.0.018 schema. (REGSERVER-849)
  • API: Fixed that UserEmailUnique was not enforced when registering users via the API. (REGSERVER-730)
  • API: Added support for setting the “Restricted” license flag, which can be used to disable/limit certain TD 4 Client functionality. Previously, this feature flag was labeled “Enterprise”, but it was not actively used. (REGSERVER-867)
  • Registration Server: Added missing provider setting REDIRECT/REDIRECT_HOME that sets the provider’s home page URL used in the user’s start menu. (REGSERVER-851)
  • Registration Server: fixed mail template fallback code to fall back to the English templates as a last resort, if a default template in the provider’s default language is not available. (REGSERVER-858)
  • Documentation: Updated API chapter and replaced the incorrect statement that the temporary password generated by the “sendpassword” API call expires after a time period of 10 minutes with a notice that a generated temporary password remains active and unchanged until the user’s password will be changed. (REGSERVER-870)

3.0.018.6 (2015-02-19)

  • Installation: To simplify the configuration for new deployments, the default license issued to Clients is now a Professional license including WebDAV support (the value of LICENSE/DEFAULT_FREE_FEATURE was changed from 3 to 10). This change only affects new Registration Server installations, the setting remains unchanged when updating existing installations. (REGSERVER-821)

  • Installation: Updated mysql_install.sh to re-create InnoDB log files after changing innodb_log_file_size in my.cnf. (REGSERVER-847)

  • Installation: fixed bug in the setLicenseExpiryDefault() upgrade routine which inserted incorrect entries into the td2reg.TD2OwnerMeta table for existing licenses having a non-NULL value in the ValidUntil column. (REGSERVER-848)

    If you have have performed an upgrade from a previous Registration Server version to version 3.0.018 before (which included calling setLicenseExpiryDefault()) and you have issued licenses with an expiry date, please perform the following steps to remove the incorrect entries. Start the MySQL client mysql as user teamdrive and enter the following command to delete the entries:

    mysql> DELETE FROM td2reg.TD2OwnerMeta \
        -> WHERE Name="ENABLE_LICENSE_EXPIRY" AND \
        -> OwnerID NOT IN (SELECT DISTINCT ID FROM td2reg.TD2Owner);
    

    Afterwards, verify the setting ENABLE_LICENSE_EXPIRY for all providers hosted on your Registration Server and only set it to True when this provider intends to issue licenses with an expiry date.

    Note that while it was possible to create licenses with an expiry date in previous versions, the Registration Server did not actually check this date prior to version 3.0.018. To avoid an unexpected expiry of existing licenses after upgrading to version 3.0.018, the upgrade function setLicenseExpiryDefault() checks all existing licenses during an upgrade and sets the Provider setting ENABLE_LICENSE_EXPIRY to False for the respective Provider.

  • Administration Console: Added missing <distributor> field to the cancellicense and resetpassword API calls that prevented the default provider from deleting licenses or resetting the user passwords for other providers hosted on the same Registration Server. (REGSERVER-827)

  • Administration Console: Fixed bug where View mail queue did not show all queued email messages (outgoing invitation emails to unregistered users were not displayed). (REGSERVER-818)

  • Administration Console: when importing email templates from the file system into the database, line endings are now automatically converted to be properly terminated with CRLF (\r\n)

  • Admin Console: Fixed error message API error code: -30100, message: User name not provided when deleting a user’s default Depot (the Depot was still deleted as requested). (REGSERVER-835)

  • Administration Console: updated the regular expression that checks for valid URLs in the the LogUploadURL field to accept URLs beginning with https as well. (REGSERVER-837)

    Note that this change is not applied automatically to the configuration table during an update. For existing installations, you need to update the field Format in table td2reg.TD2Setting for this setting as follows, if you want to change the URL via the Administration Console:

    mysql> UPDATE td2reg.TD2Setting \
    SET Format="^(http|https)://[a-zA-Z0-9\-\./]+/.-$" \
    WHERE NAME="LogUploadURL";
    
  • Administration Console: Fixed bug that prevented users logged into the Admin Console with their “magic username” to set their password. Also improved session handling to not drop the session when a user logged into the Admin Console changes his own password (which invalidated the existing session before).

  • API: The call getuserdata failed with User does not exist, if USE_EMAIL_AS_REFERENCE was set to True and the email address was used as the user name. (REGSERVER-824)

  • Registration Server: When using external authentication, TD4 Clients could sometimes receive spurious logout events, requiring the user to log in again. Please note that this bug fix may cause Clients that use external authentication to logout again once after the upgrade. After that, such apparently random log-outs should no longer occur. (REGSERVER-820)

  • Registration Server: Fixed wrong path in the fallback routine that is supposed to use the default mail template for templates missing from a provider’s template folder. (REGSERVER-842)

  • Registration Server: Fixed bug that caused file comment notification emails to include the recipient’s email address in the From:-Header instead of the sender’s email address. (REGSERVER-843)

  • Registration Server: When changing HAS_DEFAULT_DEPOT from True to False, a user’s devices no longer offered a user’s already existing default depot for creating Spaces. (REGSERVER-834)

  • Registration Server: Outgoing email messages (e.g. Space invitations) could violate RFC 5321, if templates did not use the appropriate line termination character sequence (CRLF, \r\n). Now, all outgoing email messages are reformatted before submission to the MTA. (REGSERVER-833)

  • Registration Server: Fixed bug that prevented users from logging in with their user name in different capitalization if UserNameCaseInsensitive was set to True (which is the default) (REGSERVER-823)

  • Registration Server: Shortened the temporary password that gets generated and mailed to a user when a user’s password needs to be changed (e.g. via the “Forgotten Password” option in the Client or via the sendpassword API call. Previously, the temporary password consisted of a random MD5 string (32 characters), that turned out to be difficult to handle (e.g. on mobile devices). It now returns a combination of the characters 0-9, a-z and A-Z (excluding 0, O, l and 1, which can be misread). The length of the temporary password now depends on the Client version: 2.x –> 32 characters (unchanged), 3.x –> 8 characters, 4.x –> 5 characters. The 3.x and 4.x Clients have been changed to accept 4 or more characters, the API uses the version of the most recently used device. (REGSERVER-831)

  • upload.php: Improved security of the PHP script that accepts Client debug log uploads (e.g. to prevent potential XSS attacks), removed absolute path name from the generated upload status file. Note: this script is not included in the RPM distribution and is not installed by default. (REGSERVER-836)

3.0.018.5 (2015-01-23)

  • Registration Server: Fixed Space invitation emails to existing users that contained the recipient as the sender in the mail header. (REGSERVER-817)
  • Installation: added a new RPM package td-regserver-doc-html that contains the Registration Server documentation in HTML format, installed in the Registration Server’s Apache document root /var/www/html/td-regserver-doc/. Access to the documentation can be restricted by editing /etc/httpd/conf.d/td-regserver-doc.conf. (REGSERVER-816)
  • Registration Server: disabled banner support for legacy TD 2.x clients

3.0.018.4 (2015-01-13)

  • Administration Console: Improved reporting of HTTP errors during API requests. (REGSERVER-798)
  • Administration Console: Fixed API error changing a user’s email address if the user name contained UTF-8 characters. (REGSERVER-775)
  • Administration Console: fixed support for activating/deactivating Space Depots. (REGSERVER-810) This requires Host Server version 3.0.013.8 or later.

3.0.018.3 (2014-12-17)

  • Administration Console: fixed incorrect hex encoding of email templates when initially importing them from the file system into the database. (REGSERVER-806)
  • Administration Console: added new Reg Server setting RegServer/RegServerAPIURL for setting a custom URL to issue Reg Server API requests (e.g. in case of a dedicated API server or if https should be used for API requests). If not set, the API URL will be derived from the RegServerURL setting (REGSERVER-799).
  • Administration Console: The default provider can now set new passwords for other providers (REGSERVER-768).
  • Installation: removed <APIChecksumSalt> from RegServerSetup.xml and updated the installation instructions accordingly, to simplify the installation process (this value is generated by RegServerSetup.pbt automatically during the initial installation).
  • Installation: updated installation instructions and VM installation script to install the php-mbstring package (required for the email template import into the database). (REGSERVER-802)
  • Installation: updated installation instructions and VM installation script to set date.timezone in /etc/php.ini, to avoid frequent PHP warning messages when using the CSV import cron job. (REGSERVER-801)
  • Installation: the RPM now automatically re-creates the file StartupCache.pbt and calls HTTPRequest.pbt during an upgrade (e.g. to add new Reg Server settings) (REGSERVER-800)
  • Installation: added max_allowed_packet=2M to the MySQL configuration file my.cnf, to support uploading User Profile information containing profile pictures. In order to support this feature, the PrimeBase_TD package also needs to be updated to version 4548.120 or newer (TDCLIENT-1663).
  • Installation: changed MaxRequestsPerChild in httpd.conf from 0 to 10000, to ensure Apache child processes are restarted from time to time (REGSERVER-762)
  • Registration Server: Fixed that SETTING_TDNS_PROXY_URL gets overwritten by the SETTING_HOST_PROXY_URL setting (in case accessing TDNS requires using a different proxy server than accessing the Host Server (REGSERVER-769).

3.0.018.2 (2014-11-12)

  • Fixed bug in propagating email address changes to other devices belonging to a user
  • Fixed bug in deleting a user’s privileges when deleting the user (REGSERVER-734)
  • Fixed issue with store forward messages that were not forwarded to a user upon registration (REGSERVER-759)
  • Administration Console: Fixed encoding issue when adding users with usernames containing UTF-8 characters (REGSERVER-756)
  • Administration Console: Fixed minor bug in the “Add new provider settings” menu (REGSERVER-747)
  • RegServerSetup.xml: Fixed missing closing bracket in the APIChecksumSalt tag.
  • API: fixed addXMLDepot call that returned invalid URLs when the setting SIMULATE_REGSERVER_20 was enabled. (REGSERVER-741)

3.0.018.1 (2014-11-05)

TeamDrive Registration Server version 3.0.018 is the next major release following after version 3.0.017.

Version 3.0.018 contains the following features and notable differences compared to version 3.0.017:

  • As a security enhancement, TeamDrive user passwords stored on the Registration Server are now hashed using the bcrypt algorithm instead of the previously used salted MD5 method. When logging in with a TeamDrive Client version 3.2.0 (Build: 536) or newer, existing hashed passwords are automatically converted into the new format.
  • Changing, invalidating or resetting a user’s password now also triggers sending an email to the affected user. For this purpose, the following new mail templates were added: passwd-changed, passwd-invalidated and passwd-reset.
  • The Registration Server now supports sharing and synchronizing user profile information across all of the user’s devices and with other users, e.g. initials, registration email, profile picture, full name, phone (telephone number), mobile (telephone number). Before, this information was shared with other users on a per-Space basis. Only users that share Spaces are able to exchange profile data with this new method. This feature will be supported by a future TeamDrive Client version.
  • The expiry date of licenses is now properly checked via the “Expire Licenses” auto task. Users receive an advance notification 10 and 3 days before the license expires. When the date provided in the Valid until field has been reached, the user receives a final notification and his license will be reverted to the default free license. The following email templates were added to facilitate the notification: license-expirein10days, license-expirein3days and license-expired-en. To avoid disruptions/surprises when upgrading from previous Registration Server versions, the update function setLicenseExpiryDefault() will set the default value of ENABLE_LICENSE_EXPIRY to False for providers that already have licenses with an expiry date. When performing a new installation or adding a new provider, license expiration will be enabled by default.
  • Email templates now support the [[BRAND]] macro, to replace the term “TeamDrive” with another string if required. This can be defined via the EMAIL/BRAND_NAME provider setting. The default is TeamDrive.
  • Most parts of the TeamDrive Registration Server installation can now be performed via RPM on Red Hat Enterprise Linux 6 and derivative distributions, which significantly improves the installation procedure and the process of applying updates. In particular, the following components are now provided in the form of RPM packages:
    • The PBT-based Registration Server (td-regserver-4.5.2.0-0.el6.noarch.rpm, files installed in /usr/local/primebase/setup/scripts)
    • The PHP-based Administration Console and support files (td-regserver-adminconsole-4.5.2.0-0.el6.noarch.rpm, files installed in /var/www/html/adminconsole and /var/www/html/tdlibs)
    • The Registration Server documentation in HTML format (td-regserver-doc-html-4.5.2.0-0.el6.noarch.rpm, files installed in the Apache server’s document root /var/www/html/td-regserver-doc/, access to the documentation can be restricted by editing /etc/httpd/conf.d/td-regserver-doc.conf).
    • The PrimeBase Application Environment (PrimeBase_TD-4.5.48.<build>-0.el6.x86_64.rpm installed in /usr/local/primebase), including the PrimeBase Apache module mod_pbt (installed in /usr/lib64/httpd/modules/mod_pbt.so) and some support scripts and configuration files in /etc/.
  • The installation package now contains a script mysql_install.sh that performs the creation of the required teamdrive MySQL user and populating the databases required for the Registration Server.
  • The installation package now contains a log rotation script, to support rotation and compression of the Registration Server’s log files.
  • The installation now uses the default MySQL data directory location (/var/lib/mysql) instead of defining a custom one (/regdb). The default MySQL configuration settings for my.cnf have been reviewed and adjusted.
  • The automatic service startup at bootup time is now configured using the distribution’s chkconfig utility instead of changing the Boot options in file /usr/local/primebase/pbstab. The PrimeBase_TD RPM package provides the required SysV init script /etc/init.d/teamdrive to facilitate this.
  • The term “Distributor” has been replaced with “Provider” in most occasions.
  • The obsolete settings UseExternalAuthentification and UseExternalAuthentificationCall have been removed. External authentication is now enabled by setting AUTHSERVICE/USE_AUTH_SERVICE to True.
  • In previous versions, the setting AUTH_VERIFY_PWD_FREQ did not have any effect (it was added without the actual implementation by accident). Starting with version 3.0.018, a user’s Clients will be logged out from the TeamDrive Service after the time defined in this setting. To avoid surprises and a change in behaviour after an upgrade, updating from a previous version of the Registration Server suggests calling the update function setLoginFreqToZero(); to change this setting to 0 for any existing Provider.

The PHP-based Administration Console received several new features, numerous usability enhancements and security improvements. Some notable highlights include:

  • Tabular output (e.g. a filtered list of users, devices or licenses) can now be exported to CSV files.

  • Tabular output now indicates the current sort order and column name with a small arrow icon.

  • The columns visible in the table displayed on the Manage Users and Manage Licences pages are now configurable.

  • The summary display of a user’s licenses (“Licenses owned” and “Licenses used”) on the Manage Users page has been simplified.

  • The list of Spaces in a user’s Depot is now displayed as a sortable table.

  • It’s now possible to wipe or delete multiple devices of a user at once.

  • The Registration Server’s Authorization Sequence (required for exchanging invitations with users on other Registration Servers via TDNS) can now be obtained from the Administration Console via Edit Settings -> RegServer -> AuthorizationSequence.

  • After sucessful registration, a Host Server’s activation key is now displayed on the Manage Servers page, to simplify the registration process for new Host Servers.

  • It is now possible to remove registered Host Servers via the Manage Servers page.

  • The Administration Console now supports viewing a selection of server log files directly in the web browser instead of requiring logging in on the server’s console. The View Server Logs page is only visible for the Registration Server’s default provider and any user having the VIEW-LOGS privilege. The list of log files is defined in the (read-only) Reg Server setting ServerLogFiles and can only be modified by updating the setting in the database directly. Log files can only be viewed if the user that the Apache HTTP Server is running under (usually apache) has the required access privileges to view these files.

  • Most of the Administration Console Settings are now stored in table TD2Setting of the MySQL database instead of the configuration file tdlibs/globals.php and can be configured via the Administration Console instead:

    • LoginSecurity/LoginSessionTimeout (default: 30)
    • LoginSecurity/FailedLoginLog (default: /var/log/td-adminconsole-failedlogins.log)
    • LoginSecurity/LoginMaxAttempts (default: 5)
    • LoginSecurity/LoginMaxInterval (default: 60)
    • RegServer/ApiLogFile (default: /var/log/td-adminconsole-api.log)
    • RegServer/RegServerAPIURL (previously known as $regServerUrl, not set by default)
    • RegServer/ServerTimeZone (default: Europe/Berlin)

    The only information required in globals.php is the MySQL connection string to access the Registration Server’s MySQL database. Alternatively, these credentials can be provided from a separate MySQL configuration file. See chapter Admin Console MySQL Configuration for details.

  • Disabling a user does no longer provide the apply to devices option, as it’s sufficient to disable the user to block access to the TeamDrive service.

  • A user’s Space Depots on a Host Server can be activated/deactivated (added in 3.0.018.4, requires Host Server version 3.0.013.8 or later).

  • The default provider can now set new passwords for other providers (added in 3.0.018.3).

  • Changing the Provider setting AUTHSERVICE/USE_AUTH_SERVICE to True now automatically adds the other required settings like AUTH_LOGIN_URL and VERIFY_AUTH_TOKEN_URL.

  • The provider filter selection list now also prints the company name after the 4-letter code.

  • An option was added to assign an existing license to a user when editing the user’s details.

  • Various settings that used to expect values in bytes only now provide an option to select other units like “MB” or “GB”.

  • Input fields that expect a date now provide a date picker, to simplify the entering of dates.

  • Filter options by date now provide a more intuitive way to define “before”, “at” or “after” the entered date.

Change Log - Version 3.0.017

30017.13 (2014-09-02)

  • Admin Console: show extreference in the license Administration screen
  • Security improvement: fixed OS permissions/ownerships of some configuration files and log files containing plaintext passwords (REGSERVER-599)
  • Admin Console: Security improvement: Don’t display the Console version on the login page (REGSERVER-558)
  • Virtual Appliance: set ServerTokens to Prod and ServerSignature to Off in httpd.conf, to disable displaying the Apache HTTP Server version and OS version in the HTTP headers and on error pages (REGSERVER-608)
  • Added missing tag <APISendEmail> in DIST.xml template file
  • Security improvement: disabled unneeded HTTP methods in pbt.conf (only allow GET, POST, disable PUT, HEAD, OPTIONS, TRACE) (REGSERVER-613)
  • API: added new API call removedepotfromuser extended setdepotforuser. Fixed bug in setreference and removed deprecated location-Support in getHostForDistributor. Fixed error handling in setinviteduser. Updated API-Version number to “1.0.005”.
  • For monitoring purposes, calling the Reg Server’s ping URL with the optional parameter tdns=$true``(e.g. ``http://regserver.yourdomain.com/pbas/td2as/reg/ping.xml?tdns=$true) now also performs a TDNS lookup, to verify that the communication between the Reg Server and TDNS is working properly.

30017.12 (2014-07-09)

  • Updated to requiring PrimeBase 4.5.48, updated pbstab and documentation accordingly. This version of PrimeBase now installs a shell profile file by default and provides a proper SysV init script that can be used to enable/disable the pbac_mailer background task.
  • Admin Console: Fixed wrong escaping of HTML characters in the device messages popup (REGSERVER-575)
  • Admin Console: changed session timeout from 10m to 30m
  • Admin Console: Added more fields to license editing page
  • RegServerSetup.pbt now sets APIAllowSettingDistributor to true if another distributor is added (REGSERVER-579)
  • Added missing globalDepotID to default depots for clients with two accounts on the same server(s). (REGSERVER-583) (this fix also requires an updated Host Server having the fix from HOSTSERVER-326)

30017.11 (2014-06-26)

  • Admin Console: “Create Depot” now accepts storage limits in other units than bytes. Unified the UI with regards to selecting a Depot owner and selecting Users to invite (REGSERVER-574)

30017.10 (2014-06-17)

  • Admin Console: Added confirmation checkbox for deleting a user’s license when deleting the user (REGSERVER-554)
  • Admin Console: Improved listing of licenses to no longer show one entry per Device for the same license (REGSERVER-565)
  • Admin Console: Replaced “parcel” with “key repository”, replaced “Packet” with “Package” in the License creation/editing dialogues (REGSERVER-567)
  • Admin Console: Added exporting tables as CSV function.
  • Fixed missing LOG_UPLOADS setting in upload.php log upload script (REGSERVER-559)
  • Added Proxy support in upgradeDefaultDepot
  • Major documentation rewrite: added general reference and API documentation, converted all documents to reStructuredText/Sphinx
  • RegServerSetup.xml: Fixed incorrect closing tag (</ProviderInfoURL> -> </DownloadURL>)

30017.9 (2014-04-17)

  • Removed misleading error output in csvimportregserver.php
  • Fixed default license key error using the API (REGSERVER-526)
  • Improved description for StoreRegistrationDeviceIPinSeconds (REGSERVER-532)
  • Admin Console: bugfix for editUser.php: wrong user got displayed when changing depot limits.
  • Admin Console: editUser.php didn’t display “extauthid” in all cases (REGSERVER-537)
  • Admin Console: Display activation code in device-list entry for deactivated tdhosting “users”

30017.8 (2014-03-27)

  • Admin Console: server/distributor settings can now be empty strings (REGSERVER-476)
  • Admin Console: displays a warning if LOGIN_IP is not set
  • REGSERVER-464: RegServerSetup.pbt now prints the Authentication Sequence during initial install
  • REGSERVER-494: Sending notification to users located on different Reg-Server returned “remote authorization not allowed”
  • Improved error handling in case of empty hosting_url or hosting_name
  • REGSERVER-507: Don’t create users in p1reg.sql
  • RegServerSetup.pbt: Improved screen output for readability and clarity
  • RegServerSetup.xml: Default for <TDNSEnabled> must be $true to avoid errors for a default setup
  • CSV_IMPORT_ACTIVE should not add CSV_UPLOAD_DIR, CSV_ERROR_DIR and CSV_SUCCESS_DIR, because we support import using the database or a hot folder. Default is using the database and therefore the Dir-Settings are not required.
  • Packaging: Updated and added DIST.xml to the distribution
  • Fixed link in bannerAdmin.php
  • Removed duplicate code in RegServerSetup.pbt

30017.7 (2014-03-14)

  • Fixed nasty typo in RegServerSetup.xml

30017.6 (2014-03-14)

  • REGSERVER-478: Deleting TD2FreeUserStorage and TD2Parcel in case of deleting a user
  • reg_init.pbt: Now only use the curl-based code to verify external logins (both via http and https)
  • External auth: Updated LDAP ext auth example: implement function base64url to encode the token, to avoid “+” and “/” being included in the token string.
  • REGSERVER-471: Admin Console XSS security fixes related to TD2User
  • External auth: fixed REGSERVER-443 (Sample login page defaults to “Password lost”, not “Login”), changed error messages to show the same error regardless if user name or password are wrong.
  • Admin Console: moved failed-logins log file to /var/log/td-adminconsole-failedlogins.log. NOTE: this log file must now be created during installation

30017.5 (2014-02-25)

  • Updated pbstab version number from 4546 to 4547
  • Added deleteDistributor to RegServerSetup.pbt
  • Executing HTTPRequest.pbt in RegServerSetup.pbt requires no location
  • RegServerSetup.pbt: Generate a mysql update script if changes are required to the database structure
  • Handle the case that the TD2Setting.Format column does not exist, when creating system variables

30017.4 (2014-02-07)

  • REGSERVER-426: Admin Console: changed API log file location to /var/log/td-adminconsole-api.log
  • Admin Console: added option to edit a depots transfer limit
  • REGSERVER-428: Removed duplicate entry <UserEmailUnique> from section <RegServer> in RegServerSetup.xml and RegServerSetup.pbt
  • Admin Console: improved test to check if the setDepot function is available on a host server
  • Install upload.php into logupload/upload.php instead the document root
  • Admin: user simply gets a warning when trying to call setdepot on a host server that does not support it
  • pbt.conf: Reduced mod_pbt log level from 2 (PBT_TRACE) to 1 (ERROR_TRACE) to reduce default log noise in /tmp/pbt_mod.trace
  • Admin: fixed regex that prevented changing the LogUploadURL setting
  • REGSERVER-432: API call upgradelicense no longer throws an error if feature is empty
  • Admin Console: the API log now correctly shows entries that don’t have usernames
  • REGSERVER-436: Setting HAS_DEFAULT_DEPOT to true, creates all missing hosting system parameters

30017.3 (2014-02-04)

  • Bug fixes: REGSERVER-424, double <teamdrive> tag removed, fixed invitations when a user was registered with same e-mail on 2 other Reg Servers, Added Download-URL for invitation mail templates

30017.2 (2014-01-30)

  • Renamed out.log to api.log
  • Fixed RegEx for API_IP_ACCESS
  • Admin Console: Changed default mysql username to teamdrive
  • Updated pbvm.env to write the log file into /var/log/pbvm.log (REGSERVER-423)
  • REGSERVER-422: changed the default log file location in pbstab for the pbac_mailer from /tmp/mail.log to /var/log/pbac_mailer.log
  • Removed setup/pbas.env from the installation package

30017.1 (2014-01-23)

  • First build using the scripted build, updated RegServerSetup.pbt and included some Admin Console fixes

30017.0 (2013-10-23)

  • Not final; Bcrypt is still missing