Provider Settings¶

LOGIN_IP¶

A comma-separated list of IP addresses allowed to login to the Admin Console. If empty, there are no restrictions to login other than those specified by the PROVIDER_LOGIN_IP setting (see below).

Note that if you wish to allows normal users to access the Admin Console, for example account managers, then it may be required to set this setting to empty, since the IP addresses used by account managers to access the Admin Console may vary. In this case, you may wish to set the PROVIDER_LOGIN_IP setting in order to restrict the users that have provider level privileges or higher.

LOGIN_TWO_FACTOR_AUTH¶

Set to True to enable two-factor authentication via email for logging into the Administration Console (please notice that the two-factor authentication for the admin console is independent from the new client two-factor authentication added in version 3.6).

PROVIDER_LOGIN_IP¶

This setting is similar to LOGIN_IP but it only restricts the login of users with provider or higher privileges levels. The IP address of these users must be in the comma-separated list of IP addresses specified by this setting in order to login to the Admin Console.

If the setting is empty, then login of users with provider privilege is not restricted.

API_ADMINCONSOLE_LIC_REF¶

Value for the license reference column when creating licenses using the Administration Console. Note that if you use this setting then EXT_LICENCE_REF_UNIQUE must be set to False.

API_ALLOW_CHECKSUMERR¶

If set to True, the API will not require and check the checksum that usually needs to be provided in API calls. This might be useful when developing or testing the API functions.

API_CREATE_DEFAULT_DEPOT¶

If set to True, each new user created via the API will receive a default depot as defined in the HOSTSERVER provider settings. If set to False you can create and assign depots to users via the API.

API_IP_ACCESS¶

Comma-separated list of IP addresses that are allowed to perform API calls.

Two different Providers cannot use the same IP address, because the IP address is be used to identify the Provider. This is done for security reasons: a Provider may only access its own users, licenses, and other data belonging to the Provider.

If you wish to access multiply Providers from one point then APIAllowSettingDistributor must be set to True. See APIAllowSettingDistributor for more details on accessing multiple Providers.

If you are using the Admin Console, then the IP address of every host on which the Registration Server is running must be entered in the API_IP_ACCESS list of the Default Provider. APIAllowSettingDistributor also has to be set to True in order to access multiple Providers using the Admin Console.

API_NOTIFICATION_URL¶

When user change notification is enabled (see API_ENABLE_NOTIFICATIONS), this setting specifies the URL to which the change information is sent. If not set, the changes are written to the log.

Further details are provided in the chapter User Change Notifications.

API_REDIRECT¶

This value is a URL which will be returned for various API calls if the calling user belongs to another Provider. The caller is expected to re-redirect the user to the specified URL.

See Redirect due to user belonging to another Provider for more details.

API_REQUEST_LOGGING¶

Set to True to enable logging of API requests in the API log. The value is False by default.

API_SEND_EMAIL¶

If set to True, the API will send mails using the API mail templates for various actions like changing the email or password. A list of mail templates is described in Mail Templates for API Actions.

Note that if API_SEND_EMAIL is set to False, then users created using the registeruser API call will be automatically activated, if the <activate> tag is not explicitly set. This is to avoid having to send an activation email to the user.

API_ENABLE_NOTIFICATIONS¶

Set this setting to True to enable user change notifications. When enabled you must also set API_NOTIFICATION_URL.

See User Change Notifications, for more details.

API_USER_NOT_ACTIVE_ACCESS_ALLOWED¶

The API will normally behave like a TeamDrive Client, meaning that access to not activated users will return an error. Set this option to True to allow API access to not activated users.

REG_NAME_COMPLEXITY¶

Which characters are allowed for usernames using the API. This value must be identical to the value set in the DISTRIBUTOR file. For further details, see reg-name-complexity (default: basic-ascii).

AUTH_CHANGE_EMAIL_URL¶

This URL points to the Change Email page of the external Authentication Service.

AUTH_LOGIN_URL¶

This URL points to the Login page of the external Authentication Service.

By default, this page is set to: https://regserver.yourdomain.com/pbas/td2as/portal/login.html

AUTH_LOST_PWD_URL¶

This URL points to the Lost Password page of the external Authentication Service.

By default, this page is set to: https://regserver.yourdomain.com/pbas/td2as/portal/lost-pwd.html

AUTH_REGISTER_URL¶

This URL points to the Registration page of the external Authentication Service.

By default, this page is set to: https://regserver.yourdomain.com/pbas/td2as/portal/register.html

AUTH_SETUP_2FA_URL¶

Set this value to the URL that reference the page used to setup two-factor authentication, if this is supported by the external Authentication Service.

By default, this page is set to: https://regserver.yourdomain.com/pbas/td2as/portal/setup-2fa.html

AUTH_VERIFY_PWD_FREQ¶

Maximum length of time (in minutes) user may remain logged in before they are required to enter their password again.

If this value is 0, users are never promoted to re-enter their password.

Note that this setting applies to all users, not only to those using external authentication.

PREVIOUSLY_UNNAMED_SERVICES¶

This is a comma separated list of registered (named) external authentication services.

Add the name of services to the list when upgrading existing authentication services to a named external authentication service. Named services are registered using the Admin Console.

This list of services is used by the Registration Server to identify users that were registered using an external authentication service, before upgrade, and are therefore not associated with a named authentication service.

Note that users of such an upgraded service will not be able to login until the name of the service has been added to this list.

USE_AUTH_SERVICE¶

Set to True in order to enable external authentication.

This setting must be set to True, in order to use external authentication services specified using “Domains & Services” or the provider settings: AUTH_LOGIN_URL and AUTH_LOST_PWD_URL.

If external authentication is enabled then, on login, the TeamDrive client will first check the domain of the user’s email address, and try to match this with a external authentication service specified for the domain.

If none is found, the if AUTH_LOGIN_URL and AUTH_LOST_PWD_URL are specified (are not empty), and the PRE_LOGIN_SETTINGS include enable-web-login=true, then user is directed to the external login service specified by the AUTH_LOGIN_URL setting.

If AUTH_LOGIN_URL and AUTH_LOST_PWD_URL are empty, but enable-web-login=true has been set in PRE_LOGIN_SETTINGS, then the user is directed to the Web login page provided by the registration server.

When external authentication is enabled, the settings: AUTH_CHANGE_EMAIL_URL, AUTH_REGISTER_URL and AUTH_SETUP_2FA_URL are also active.

VERIFY_AUTH_TOKEN_URL¶

This URL is used by the Registration Server to verify an Authentication Token, sent by the client after login using the Authentication Service.

ALLOW_EMAIL_CHANGE¶

When set to False, the Registration Server will return an error if the user attempts to change his/her email address.

If external system (for example, an LDAP or AD server) manages the user registration data, changing the email address in the TeamDrive Client should be disabled. You may use the API functions to synchronize email address changes in the external system with the email address stored for the user on the Registration Server.

ALLOW_PASSWORD_CHANGE¶

When set to False, the Registration Server will return an error if the user attempts to change his/her password.

If external system (for example, an LDAP or AD server) manages the user registration data, changing the password in the TeamDrive Client should be disabled.

CLIENT_NETWORKS¶

This is a list of networks (in CIDR notation) or IP addresses that identify users of the Provider. Using this setting, a Provider can determine that certain networks “belong” to the Provider. For example, any company that has been allocated a Provider Code can take ownership of own networks (as determined by global IP address ranges), and use this fact to control TeamDrive Clients started in those networks.

When a TeamDrive Client connects to the Registration Server, and before the user has logged in, the server determines the client’s IP address and checks whether the client is running in a network that has been specifically allocated to a Provider. If so, then the Provider Code is sent to the client and this overrides Provider Code in the DISTRIBUTOR file. This way, if the user registers after this point, the user will be automatically allocated to the Provider that owns the network in which the client was started.

CLIENT_SETTINGS¶

These settings are sent to the client after registration or login.

These settings can be used to configure the behaviour of the TeamDrive Client as required by the Provider. They will override any settings made on the client-side, and also override the global Registration Server ClientSettings setting as describe in Client Settings.

Note that after registration or login, the user’s Provider is fixed, and therefore the Provider Code in the DISTRIBUTOR file, or the network (see Client Settings) in which the client is stated doesn’t play a role any more.

For a complete list of allowed settings see chapter Login and Registration Client Settings

EXT_USER_REFERENCE_UNIQUE¶

Set to True if the user’s external reference column must be unique. Set this value to True if you wish to use the reference column in the user record to identify user via the Registration Server API or when using CSV import.

If set to False then this column is a free field which can be set to any value you like.

FREE_LIMIT_SIZE¶

This is the value in bytes to limit the amount of data which can be handled by a free client over all Spaces. The limitation will be shown in the client if he is reaching the 75 % border. A progress bar will be visible right above the status bar in the client. If the user will reach the 100 % he can still synchronize data, but the client is switching to meta data synchronisation. Downloading the contents of the files must be initiated manually by the user for each single file and version.

HIDE_FROM_SEARCH¶

This setting is used to hide users from the TeamDrive Client searches during login or when inviting users to a Space. When set to True, the users of this Provider will not be returned as the result of a Client search.

In order to find the users, the Client setting enable-provider-only-search must be set to true so that the Client performs a Provider specific search. In this case, however, the TeamDrive user will only see users belonging to his own Provider.

Note that users that are hidden will never receive store forward invitations (see allow-store-forward-invitations=true/false (default: true)). Store forward invitations are only sent to globally visible email addresses.

ISOLATED_EMAIL_SCOPE¶

Use this setting to create an “isolated email scope” for users of the Provider. This means that the email addresses used by the users may be in use by other users, but must be unique with regard to other users of the Provider.

When this setting is set to True, the users of an isolated email scope can not be found via their email address. Users can stil be found using there username. In order to find a isolated user a via the email address, you must set the Client setting enable-provider-only-search to true. In this case, however, the TeamDrive user will only see users belonging to his own Provider.

Note that users of an isolated email scope will never receive store forward invitations (see allow-store-forward-invitations=true/false (default: true)). Store forward invitations are only sent to globally visible email addresses.

MAXIMUM_DEVICES_PER_USER¶

This setting specifies the maximum number of user devices that may be activate at any given time. By default the value is zero which means there is no limit. This setting is new in Registration Server 4.5.0.

If set to another value the new “Deactivate/Activate Devices” auto task (see “Deactivate/Activate Devices” Task for more detauls) will enabled and disable devices as required to ensure that only the specified number of devices are active.

The disabled devices are set to the “too many devices” status, which means that the client user interface and synchronisation will be disabled. In addition, the device will not receive invitations, untill it is reenabled.

The Registration Server always disables the least recently used devices. As a result, a device can be reenabled by simply starting the TeamDrive client. However, it takes an average of 3 hours before a device is reenabled by the server.

If the activation of devices is changed then the server sends an email to the user using the devices-disabled email template (see Templates for Client Actions).

MAXIMUM_OUTLOOK_PLUGINS¶

This is the maximum number of Microsof Outlook plugins that can be installed per user. The default value is 1. This is the minimum value that may be set.

If the user registers more Outlook plugins than specified by this value, then old registrations will be automatically deleted. This makes the old installations unusable.

Note that if the value of MAXIMUM_OUTLOOK_PLUGINS is reduced, the Registration Server will not reduce the number of plugin registrations of users until a new Outlook plugin is registered.

MINIMUM_CLIENT_VERSION¶

Any clients with a version below this may not register a new device. The default is 3.0.0.000. For setting up a new server you might increase the minimum client version to 4.0.0.000 if you want to support only version 4 clients.

CSV_ALLOW_SET_DEPARTMENT¶

Set to False if the department may not be changed by the CSV Import.

CSV_ERROR_DIR (optional)¶

Error logs for not imported users will be written to this folder. If not defined, you will find the value in the database using the Administration Console.

CSV_IDENTITY_COLUMN¶

This setting specifies which column will be used to identify a user in the CSV import. Valid options are: username, email, reference and authid.

See CSV File Structure for more details about this setting.

CSV_IMPORT_ACTIVE¶

The switch enables the CSV import functionality. You may specify an upload hotfolder (via the CSV_UPLOAD_DIR setting), or upload the data to be imported directly via the Administration Console.

CSV_SUCCESS_DIR (optional)¶

Success logs for imported users will be written to this folder. If not defined, you will find the value in the database using the Administration Console.

CSV_UPLOAD_DIR (optional)¶

CSV hot folder. If not defined, the CSV processing will just use the database. If defined, the contained files will be imported to the database and processed from the database record. Processed CSV files can be downloaded again from the Administration Console, if necessary.

CSV_USE_FILESYSTEM¶

Enable this setting to use a hotfolder for importing CSV files.

DISABLE_MISSING_CSV_USERS¶

When set to True, users not found in a CSV import file are disabled. This feature only works if the “department” field is identical for all records in the import file. Only users in the specified Department will be disabled.

In other words, to use this feature, you must create a CSV import file per department. If the Department field is not used, then all users may be placed in the same import file.

BRAND_NAME¶

The brand name that is substituted for [[BRAND]] in e-mail templates. If not set, the default TeamDrive will be used.

EMAIL_ALLOWED_LANG¶

Each Provider Code defines a comma separated list of languages allowed for the emails. A set of templates is required for each language. The language used depends on the language setting of the user’s record.

EMAIL_DEFAULT_LANG¶

If the user is using a language which is not listed in <AllowedEmailLanguage>, the <DefaultEmailLanguage> will be used instead.

EMAIL_SENDER_EMAIL¶

Email address of the ‘envelope-from’-email in user-to-user mails like invitations and ‘from’-email for all server-to-user emails like the activation email, new password, etc, if empty the MailSenderEmail global setting value will be used. The address will also be used to set the “sender header” (see MailSenderEmail).

FROM_EMAIL_OPTIONS¶

This setting determines the “From:” email address used when sending invitations to TeamDrive spaces, and other notifications sent directly from TeamDrive users.

The option can be set to one of the following:

user: “From:” is set to the email address of the TeamDrive user sending the email.

provider: “From:” is set to the EMAIL_SENDER_EMAIL setting value.

replyto: “From:” is set to the EMAIL_SENDER_EMAIL setting value, and the email address of the sending user is placed in angle brackets (< and >). In addition, “Reply-To:” is set to the email address of the sending user.

For example: <td-user@example.com> no-reply@teamdrive.com, where the email address of the sending user is td-user@example.com and the value of EMAIL_SENDER_EMAIL is no-reply@teamdrive.com.

The purpose of this setting is to prevent problems with Mail Servers that generate an error when the “From:” email address is unknown. The use of angle brackets is to ensure that email programs display the actual email address of the sending user, as some email programs do not display the “Reply-To:” address automatically.

replyto-only: “From:” is set to the EMAIL_SENDER_EMAIL setting value, and “Reply-To:” is set to the email address of the sending user.

replyto-via: “From:” is set to the EMAIL_SENDER_EMAIL setting value, and “Reply-To:” is set to the email address of the sending user. The additional hint (Via BRAND) will be added.

The default value for this setting is user.

IGNORE_TEMPLATES_LIST¶

This is a list of email templates that are to be ignored. By default, the list is empty. Emails will not be sent using the templates specified in this list.

In other words, the Administrator can use this setting to ensure that emails of a certain type are never sent by the Registration Server.

SENDER_HOST¶

Host name of the email originator. If empty the MailSenderHost global setting value will be used. Will be visible in the email header in ‘Received: from’. If using an own Host Name, the IP address must match to the servers FQDN (see MailSenderHost).

SMTP_SERVER¶

The SMTP Mail Server address (host name), if empty the SMTPServer global setting value will be used.

In order to use a TLS/SSL connection to the SMTP server prefix the host name of the server with “smpts” protocol (only supported on CentOS 7 systems), for example: “smtps://my.smtpserver.com”. If no protocol is specified then “smpt” is assumed.

SMTP_SERVER_USER¶

An username for smtp authentication (only supported on CentOS 7 systems).

SMTP_SERVER_PASSWORD¶

The password for smtp authentication (only supported on CentOS 7 systems).

SMTP_SERVER_TIMEOUT¶

the Timeout in seconds when waiting for the SMTP Mail Server, if empty the SMTPServerTimeOut global setting value will be used.

SUPPORT_EMAIL¶

This setting specified the support email address. A notification will be sent to this address when support related information has been uploaded by a user.

API_USE_SSL_FOR_HOST¶

If your Host Server accepts API requests via SSL/TLS, you can enable SSL communication between the Registration Server Administration Console and Host Server API by setting this value to True.

HAS_DEFAULT_DEPOT¶

Set to True if a default depot should be created for all new users. The HOST_SERVER_NAME setting specifies the Host Server to be used to create the default depot. If the user is an account member, and the account has an account level Host Server, then this Host Server will be used instead.

Note that a default depot is only created if a user does not otherwise have a depot in use. A user may be assigned a depot automatically due to the following:

• The PROVIDER_DEPOT setting specifies a depot to be assigned to all new users of a Provider.
• The user belongs to an account where the manager has specified an account level default depot.

It is also possible to manually assign a depot to a user for usage.

In addition, a default depot will not be created for a user due to the following:

• The user has a license with the NoDepot feature (see DEFAULT_FREE_FEATURE for details).
• The HAS_DEFAULT_DEPOT is overriding on the account level (see below).

If an account has its own Host Server, then the manager can also override this setting by setting the default depot handling at the account level. The options are:

• Use the provider level defaults
• Never create or assign a default depot
• Always create a default depot if the user has no depot

HOST_DEPOT_SIZE¶

The size of the default depot for the user in bytes. Default is: 2 GB = 2147483648 Bytes.

If an account has its own Host Server, then the manager can also override this setting and set the storage size of default depots at the account level.

HOST_SERVER_NAME¶

Specifies the Host Server to be used when creating a default depot for new users.

If the user is a member of an account, and the account has an account level Host Server, then this value is ignored.

HOST_TRAFFIC_SIZE¶

The monthly allowed traffic for the user in bytes. Default is: 20 GB = 21474836480 Bytes.

If an account has its own Host Server, then the manager can also override this setting and set the traffic limit of default depots at the account level.

PROVIDER_DEPOT¶

This setting is used to specify that a specific depot is to be assigned for usage by all new users of the Provider.

The depot is assigned to the user in place of, for example, creating a default depot for each user.

This value must be set to the local database ID of the depot. Note that this is not the Depot ID, which is the ID of the depot on the Host Server. This is done automatically when using the Admin Console.

Setting PROVIDER_DEPOT to zero does not remove the depot from users already using the specified depot, it just prevents the depot from being assigned to user’s in the future.

At the account level it is possible to override this setting by setting an account level default depot. The options at the account level are:

• Use the provider level defaults
• Never create or assign a default depot
• Always create a default depot if the user has no depot

In addition, if the user’s license has the NoDepot feature, then this setting will also be ignored (see DEFAULT_FREE_FEATURE for details).

ACTIVATE_ON_INVITATION¶

The setting determines whether a user account is activated after setting their password after receiving an inv-newuser-invited email (see INVITATION_CREATES_USER below).

The default value is True, which means that the user account will be activated when the user sets his password. If set to False, then the user is required to activate their account when they login for the first time.

AUTO_CREATED_USER_TIMEOUT¶

This setting specifies a certain number of days. If an automatically created user is not activated within the time specified here, then the user is automatically deleted.

Note that the user is only deleted if the user account is not modified in any way, and the user does not login to TeamDrive using the user account.

The default value is 60 days. Setting AUTO_CREATED_USER_TIMEOUT to zero disables the deletion of users.

INVITATION_CREATES_USER¶

In the TeamDrive client it is possible to invite a user (via email) to join a space, even when the user is not yet a registered TeamDrive user.

When this setting is set to True the Registration Server automatically registers these users using the email address used in the invitation.

An email using the inv-newuser-invited is sent to the new user with the details of the space to which the user is invited, and a link which can be used to activate the new account (see Templates for Client Actions).

This has the advantage that the user can be on-boarded quickly, and need only set a password in order to activate their account. After this, the user can be directed to an online Web Portal, or to a download page for TeamDrive client.

If ACTIVATE_ON_INVITATION is False (see above), then the user will be required to activate their account after the first login.

INVITATION_NEW_USER_PROVIDER¶

When INVITATION_CREATES_USER is enabled, this setting determines the Provider with which the user is registered. By default the new user is registered with the same Provider as the inviting user.

MAX_PROMOTION_USER¶

The maximum amount of new users which can be invited by an existing user.

You can configure a referral program by setting this value to a value greater than zero.

A referral program provides an incentive for users to invite other users in order to increase their free storage limit (see PROMOTION_UPGRADE below).

The Registration Server will do the matching when the invited user is activated, increasing the depot values and sending the notification mails to the inviter (see Templates for Client Actions).

This feature requires an active Host Server and default depots for your users (see above HOSTSERVER Settings).

NEW_USER_LICENSE_FEATURES¶

When INVITATION_CREATES_USER is enabled, this setting determines the features of the license created for the new user.

Bey default this is set to: Professional, Restricted, NoDepot, which means the user has professional account which is restricted to accessing a limited number of spaces (see active-spaces-limit (default: 0)), and no default depot is created for the user.

For a list if options available see DEFAULT_FREE_FEATURE.

PROMOTION_UPGRADE¶

If you are using a referral program then this is the upgrade size in bytes that of a user’s default depot for each user invited.

The depot limit is increased for both users: the inviter and invitee.

ACCOUNT_RESTRICTIONS¶

This setting specifies license based restrictions to user accounts.

Current the only setting supported is super-pin-repo-pro-license-limit, which is used to restrict the use of the Super PIN Repository to accounts with a certain number of professional licenses. This is all license with the professional, secureoffice and agent license features.

For example, setting this setting to super-pin-repo-pro-license-limit=5 will disable the Super PIN Repository unless the account has 5 or more professional licenses. By default, the use of the Super PIN Repository is not restricted.

ACTIVE_SPACES_LIMIT¶

This setting specifies the maximum number of Spaces that can be active in the TeamDrive Client for users that have a license with the Restricted feature.

By default the value is set to 1. This limitation can be disabled by setting the value to 0.

If non-zero the Registration Server will automatically add the active-spaces-limit setting to the CLIENT/CLIENT_SETTINGS value sent to the client, provided the CLIENT_SETTINGS` value does not explicitly include this setting.

ALLOW_CREATE_LICENSE¶

Set to True to allow the creation of licenses for this Provider. This setting can only be changed by the Default Provider (see DefaultProvider).

ALLOW_MANAGE_LICENSE¶

Set to True to allow the management of licenses for this Provider. This setting can only be changed by the Default Provider (see DefaultProvider).

DEFAULT_ACCOUNT_FEATURE¶

The DEFAULT_ACCOUNT_FEATURE determines the features of default license of users that belong to an account. This setting is similar to the DEFAULT_FREE_FEATURE setting which applies to users that do not belong to an account.

DEFAULT_ACCOUNT_FEATURE is set to Personal and Restricted by default. These and other details about license features are described in the section:DEFAULT_FREE_FEATURE below.

If DEFAULT_ACCOUNT_FEATURE is empty then the Admin Console will not allow managers to create a new license when adding a user.

DEFAULT_FREE_FEATURE¶

This setting determines the features of the default license of users that do not belong to an account (see DEFAULT_ACCOUNT_FEATURE for the setting for account users). It is set to WebDAV by default.

When a user is created or registered for the first time, and no license is specified, a default license is automatically created for the user. The settings DEFAULT_FREE_FEATURE and DEFAULT_ACCOUNT_FEATURE determine the features of this license, depending on whether the user is a member of an account or not.

Note that if the setting DEFAULT_LICENSEKEY is set, then a default license will never be created (see DEFAULT_LICENSEKEY below).

Due to license changes between TeamDrive 3 and TeamDrive 4 there are differences in the meaning of the license features between these versions.

TeamDrive 3 supports two commercial license models: the Personal and the Professional Licenses (these are identified by the Personal and Professional license features).

Licenses without these features are considered free licenses by TeamDrive 3, which then imposes a blanket limit on the on the amount of data handled by the client (set to 2 GB by default by default). The TeamDrive 3 Personal and Professional Licenses remove this restriction.

However, the TeamDrive 3 Personal License disables certain features only available to the Professional License holder, this includes: a limit to the number of versions stored on the Host Server, publish file functionality is disabled and various email notifications and support for network drives is disabled.

TeamDrive 4 distinguishes between commercial/business and non-commercial users. TeamDrive 4 is free for non-commercial usage. Commercial and business users must purchase a Professional License.

TeamDrive 4 requires that non-commercial users confirm their non-commercial status daily, but otherwise imposes no restrictions on the non-commercial users.

Free commercial licenses are also available for TeamDrive 4, but these licenses must include the Restricted feature (see below).

Feature descriptions:

The Agent feature is required by licenses used by the TeamDrive Agent.

The Banner feature is which was only supported by TeamDrive 3 clients is no longer supported by Registration Server version 4.1 or later.

The Inbox feature is required by licenses used for a user hosting an Inbox.

This license feature disables the automatic creation and assignment of a depots for a user. This means that this feature overrides the PROVIDER_DEPOT and HAS_DEFAULT_DEPOT provider settings, and the account level setting for creating a default depot.

This means that a new user with this license feature will only have a depot if the user is a member of an account with an account level default depot.

The Personal feature was used to create TeamDrive 3 Personal Licenses. Licenses for TeamDrive 4 clients should use the Professional feature instead. This feature bit is no longer supported by the Registration Server version 4.1 or later.

The Professional feature is used to create TeamDrive Professional Licenses.

TeamDrive 3 Clients enabled certain Professional-only features when this feature is set.

TeamDrive 4 Clients disable the daily dialog which requires the user to confirm that he/she is non-commercial user of TeamDrive when this feature is set.

This feature enables restrictions that are specified using certain client settings. Currently the only active restriction is determined by the ACTIVE_SPACES_LIMIT provider setting. This setting determines the maximum number of spaces that may be active on the client (see ACTIVE_SPACES_LIMIT).

The SecureOffice feature is identical to the Professional feature, but adds support for the SecureOffice version of TeamDrive.

This feature enables the storage of Spaces on a WebDAV server. WebDAV access is also enabled as part of the Personal, Professional or SecureOffice features.

DEFAULT_LICENSEKEY¶

Define a specific license that will be assigned to all users upon registration. This license’s features will override the features defined in the DEFAULT_FREE_FEATURE and DEFAULT_ACCOUNT_FEATURE settings.

Setting this value will also disable the PROFESSIONAL_TRIAL_PERIOD setting. When a default license is defined, a Professional trial period is no longer possible, and will not be permitted by the client software.

ENABLE_LICENSE_EXPIRY¶

Set to True if you wish to use licenses with a Valid Until date. When set to False, licenses with an existing Valid Until date will not expire.

This setting is True by default.

However, if you are upgrading from Registration Server 3.0.017 or earlier, this setting will be set automatically be set to False for providers that already have licences with expiry dates. This is because expiry was not implemented by this version of the server, so the setting is disabled in order not to disrupt potential users of such licenses.

EXT_LICENCE_REF_UNIQUE¶

Set to True if the external license reference should be unique. This is the default value.

If you set API_ADMINCONSOLE_LIC_REF, then this setting must be False.

PROFESSIONAL_TRIAL_PERIOD¶

This is the number of days for the one-off professional trial period, set to 0 if no trial is allowed.

SPACE_SIZE_LIMIT¶

The maximum size in bytes of active spaces for users with restricted license and non-professional licenses. This limit refers to the size of the space on the Hosting Service. User will not be able to enter a space that exceeds this limit if the do not have the required license. In addition, spaces that exceed this limit are disabled in the client.

The default value is “0”, which means that restriction is disabled.

ACTIVATION_ALLOWED_LANG¶

A comma separated list of allowed languages for the activation pages. For each A set of activation pages must be available for each language defined here.

ACTIVATION_DEFAULT_LANG¶

The activation page’s language depends on the language chosen by the user. If the user’s language is not supported, the default language specified here will be used.

The default HTML pages must always be available.

ALLOWED_DIST_CODES¶

A list of allowed Client Provider Codes, besides the Provider’s own code This refers to the Provider Code in the TeamDrive Client’s DISTRIBUTOR file. The default value is ‘*’, which means all codes are allowed. ‘*.’ means all providers on this Registration Server are allowed.

This setting caters for providers that have a specific version of the TeamDrive Client and want to ensure that only this type of client is used by the providers’s users. Such versions are identified by the Provider Code specified in the DISTRIBUTOR file. Since the DISTRIBUTOR file is signed it cannot be manipulated on the client side, and therefore, this value can be trusted.

ALLOWED_LOGIN_ATTEMPTS¶

This setting determines the number of times a user may fail to login before the failed login timer is activated (see FAILED_LOGIN_TIMER). The default value is 3.

Note that this also includes login attempts when logging in with a temporary password, after a user has lost their password.

When the number of allowed failed logins is exceeded, the server sends an email using the too-many-failed-logins email template to the user (see Templates for Client Actions).

ALLOW_MAGIC_USERNAMES¶

This setting is used to allow the registration of users with usernames that match the standard “magic username” pattern. This is usernames of the form: “$AAAA-9999999....”, where AAAA is the distributor code, and 9999999.... is any number of digits.

The TeamDrive Client software does not display magic usernames. If a user has a magic username, then the user’s registration email address is used in all user interfaces, instead of the username. Alternatively the user’s “display name” is shown in the user interface.

ALLOW_NEW_REGISTRATION¶

This setting controls whether a user can register new users on the Registration Server using the TeamDrive client. Set the variable to False if your users were imported into the Registration Server or some form of external authentication is used.

When set to False, the Registration Server will return an error if the user attempts to register.

As of Registration Server version 4.5 the server will add enable-registration=false to the LOGIN/PRE_LOGIN_SETTINGS sent to the TeamDrive client. The client will then disable the registration dialog accordingly (see chapter enable-registration=true/false/default (default: true) for details).

ALLOW_WEB_PORTAL_ACCESS¶

This setting determines whether user’s of the Provider are permitted to access a Web Portal.

Possible values of the setting are:

• permit: All users are permitted to login to Web Portals. This is default value of the setting.
• deny: Web Portal access is denied to all users.
• peruser: Access is determined by the “Web Portal Access” capability bit.

The “Web Portal Access” capability bit represents user-level permission to access a Web Portal. The capability bit is only used if ALLOW_WEB_PORTAL_ACCESS is set to peruser. The “Web Portal Access” capability bit can only be set in the Admin Console.

Note that access to a Web Portal may be denied by the Web Portal itself. This is determined by the Web Portal AllowedProviders setting, which contains a list of Providers that are permitted to access the Web Portal.

Further access control to a Web Portal may be built into the external Authentication Service which is used by the Web Portal, if the Web Portal uses such a service. For example, the LDAP/AD Authentication Service may limit login to the Web Portal to users in a specific LDAP/AD group.

FAILED_LOGIN_TIMER¶

This is the time in seconds the Registration Server will wait before allowing another login attempt, after the user has failed to login the number of times specified by ALLOWED_LOGIN_ATTEMPTS. The default value is 300 seconds (5 minutes).

LOGIN_WITHOUT_ACTIVATION¶

Set to False if a confirmation email (also known as activation email) should be sent to users after login on a new device. In this case, the device is not activated until the user clicks a link in the email.

If set to True (the default), new devices are automatically activated and the user will only receive a notification email instead of a confirmation email.

PRE_LOGIN_SETTINGS¶

These settings are sent to the TeamDrive Client before login or registration. As a result, they can be used to configure login and registration in the same manner as settings within the DISTRIBUTOR file. Settings from the server always override client-side settings, so these settings will also override the values in the DISTRIBUTOR file.

The Provider of the user must be ascertained before the pre-login settings can be sent to the client. Before login or registration, the Provider of the user is either determined by the Provider Code in the DISTRIBUTOR file or the IP address of the client, if it is found to be in a network belonging to a specific Provider. The IP address has priority over the DISTRIBUTOR file.

SUPERPIN_LOGIN_WITHOUT_ACTIVATION¶

On login to a new installation with the Super PIN instead of a password, this setting determines whether an activation email is sent to the user or not.

By default the value is False, which means that activation of the new installation is required, and an email with an activation link will be sent.

TEMP_PASSWORD_TIMEOUT¶

This is the time in seconds that a temporary password is valid, The default value is 10 minutes. The minimum value is 1 minute, and the maximum is 2 hours.

A temporary password is sent to the user via email when setting a new password during login. If the temporary password is not used within the timeout specified here, it is marked as invalid, and the user must request a new temporary password.

Note if the Super PIN functionality is enabled for a user account, then the password can no longer be set using a temporary password. Instead, the user must use either their Super PIN or a Recovery Code obtained using the Recovery URL (a QR code) in order to login and change their password.

USER_IDENTIFICATION_METHOD¶

This setting determines how a user is identified. In other words, what type of name is used on login to TeamDrive. It may be set to one of the following: username, email or default.

After an upgrade to version 3.6, this setting will be set to email, if the setting USE_EMAIL_AS_REFERENCE was set to True. Note that USE_EMAIL_AS_REFERENCE has been deprecated and removed in version 3.6.

As of Registration Server version 4.5 the server will add user-ident-method=<value> to the LOGIN/PRE_LOGIN_SETTINGS sent to the TeamDrive client. The client will then adjust the registration dialog accordingly.

TeamDrive clients older than 4.6.9 do not support this option and will continue to require a username to be specified on registration, no matter what the value of this setting.

If an email address is used to identify a user, then the Registration Server automatically generates a username called the “magic username”. A magic username has the form $<provider-code>-<integer value>, for example $ACME-12345. The user is not aware of the magic username, and does not ever use this name to login, and it is not displayed in the TeamDrive GUI (except in some older versions of the TeamDrive Client and servers). Magic usernames are intended for internal use by the TeamDrive only. However, it can be used to reference a user through the Registration Server API.

If email addresses are allowed as for user identification then the Client Setting allow-email-login must be set to true, so that your users can login using an email address. This value is set to true by default. Note that, in this case, login with the email address is also allowed when a user is identified by a username. However, it may be that the email address is not globally unique, which can lead to login failure. The TeamDrive Client, however, can handle this situation, and allows the user to select one of a number of user records, further identified by the Provider code.

Note that once a user is created with either username or email identification this cannot be changed.

REDIRECT_ALLOWED_LANG¶

A list of allowed languages for the redirector pages.

REDIRECT_DEFAULT_LANG¶

Default language in case that the user’s language is not in the list of REDIRECT_ALLOWED_LANG. Use [lang] in your links to replace them with the user’s language.

REDIRECT_DOWNLOAD¶

This URL redirects to a page where the Provider’s version of TeamDrive can be downloaded.

REDIRECT_FAQ¶

This URL redirects to the Provider’s FAQ (frequently asked questions) page.

REDIRECT_FORUM¶

This URL redirects to the Provider’s forum page.

REDIRECT_HELP¶

This URL redirects to the Provider’s help page.

REDIRECT_PRIVACY¶

This URL redirects to the Provider’s privacy page.

REDIRECT_HOME¶

This URL redirects to the Provider’s home page.

REDIRECT_ORDER¶

This URL redirects to the Provider’s product order page. The variable [product] can currently only be ‘TDPS’.

REDIRECT_PROVIDERINFO¶

This URL redirects to a provider information page which describes all available provider codes which may be used during registration.

REDIRECT_PURCHASE¶

This URL redirects to the Provider’s page for purchases licenses. The variable [user] is a base 64 encoded username.

REDIRECT_TERMS¶

This URL redirects to the Provider’s “Terms of Service” page.

REDIRECT_TUTORIALS¶

This URL redirects to the Provider’s tutorials page.

REDIRECT_USERINVITEUSER¶

This URL redirects to the Provider’s user-invite-user page.

TDNS_CHECKSUMKEY¶

The checksum which will be added to the checksum over the request which will be send to the TDNS. For more details please look at TeamDrive Name Server (TDNS).

TDNS_SERVERID¶

The ID of the Provider’s entry in the TDNS.

SHOP_ENABLED¶

Set to True to enable shop buttons in the Admin Console. The default value is False.

SHOP_LANDING_PAGE¶

This is the URL of the shop page that is used by the Admin Console to initiate a shop-based function.

ENABLE_PURCHASE_LICENSE¶

Set to False to disable the purchase license button in the Admin Console. The default value is True.

ENABLE_PURCHASE_DEPOT¶

Set to False to disable the purchase depot button in the Admin Console. The default value is True.

ENABLE_UPGRADE_LICENSE¶

Set to False to disable the upgrade button for licenses in the Admin Console. The default value is True.

ENABLE_UPGRADE_DEPOT¶

Set to False to disable the upgrade button for depots in the Admin Console. The default value is True.

CURRENT_CLIENT_VERSION¶

This setting determines whether TeamDrive client will post an update notification or not.

If the version specified here is greater than the current TeamDrive client version, and the version is greater than the last version that the user choose to ignore, then an update notification will be displayed.

ENABLE_UPDATE_TEST¶

Set this value to True in order to test how the TeamDrive client reacts to an update notification.

You can test the update notification without triggering an update notification to all clients by setting this value to True, and by specifying a test user (UPDATE_TEST_USER`) and a test version (``UPDATE_TEST_VERSION).

UPDATE_TEST_USER¶

Use this setting to specify a user (either username or email address) for testing the update notification.

The specified user will then receive an update notification regardless of whether the update is required by their TeamDrive client or not (see UPDATE_TEST_VERSION for more details).

UPDATE_TEST_VERSION¶

Set this value to specify the test update version. If not set, the server will return the CURRENT_CLIENT_VERSION value.

If version returned is higher than the current version of the client then the client will always display the update notification.

If the not, then the client will only display the update notification if the version is higher than the last version the user choose to ignore.

API_WEB_PORTAL_IP¶

To allow API access from the web portal. Each Provider must set the IP address or list of IP addresses of the web portal to allow users to login using the web portal. Providers which don’t configure this IP will not allow their users to use the web interface to access their spaces. The IP of one web portal could be used by more than one Provider.

ENABLE_INBOX_SERVICE¶

Set to True if a web portal should be used to create inboxes for accounts. The setting WEBPORTAL_API_URL specifies the web portal to be used when this is enabled.

Note that the setting WEBPORTAL_API_CHECKSUM_SALT must also be set correctly for the inbox service to work.

WEBPORTAL_API_CHECKSUM_SALT¶

The is the value of the web portal APIChecksumSalt setting, which is used to access the web portal API.

WEBPORTAL_API_URL¶

The URL of the web portal API, used to create an inbox.