Registration Server Settings¶
Registration Server Settings can be changed in the Administration Console, via the Admin -> Server Settings page.
These settings are split up into several categories, which are listed below (in alphabetical order).
API Settings¶
APIAllowSettingDistributor¶
When accessing the API, providers are identified by the IP address of the caller (see API_IP_ACCESS).
Set this to True
if you want a provider to be able to make requests on
behalf of another provider. This means that a provider that manages (see
the “Managed by” setting on the Providers page in the Admin Console)
other providers can set the caller provider to one of those providers.
The “Default Provider”, specified by the DefaultProvider
setting (see
DefaultProvider)
has the right to manage all other providers.
In order to make an API request on behalf of some other providers, set
the <distributor>
tag to the required provider code
(see API Input Parameters).
Since the Admin Console uses the API, you must set APIAllowSettingDistributor
to True
if you wish to access Providers other than the default
Provider through the Admin Console.
APIChecksumSalt¶
To detect “man in the middle” attacks when sending API requests to the Registration Server, a random “salt value” is generated during the initial installation. The sender must add this salt value to his request before calculating the MD5 hash value of the API request content which will be sent to the Registration Server.
The checksum will be included in the URL, so that the Registration Server can check if the content was modified during the transport.
This setting is read-only and can not be changed via the Administration Console.
See chapter API Basics for details.
APILogFile¶
A log file that tracks API requests issued by the Administration Console. This
file needs to be owned and writeable by the apache user (default:
/var/log/td-adminconsole-api.log
).
RegServerAPIURL¶
Optional Reg Server API URL, used by the Administration Console (e.g.
http://regserver.yourdomain.com/yvva/api/api.xml
). Must be set, if HTTPS
should be used for API communication or if a dedicated API server is used. If
empty, it will be derived from RegServerURL
.
Client Settings¶
ClientPasswordLength¶
You can define a minimum password length to be used by a user. The default value is 8 characters. This parameter will only be checked by the API, since the Clients only send an MD5 hash of the password, which can not be checked on server side. A password complexity check is not implemented at the moment.
ClientPollInterval¶
The default poll interval for clients (in seconds) to look for new invitations on the Registration Server.
ClientSettings¶
These settings are sent to all Clients after login. Settings specified for a Provider can override the values defined here.
Note
This setting can be overridden by the provider setting
CLIENT/CLIENT_SETTINGS
on a per-provider basis. See chapter
CLIENT_SETTINGS for details.
ClientUsernameLength¶
You can define a minimum username length to be used by a user. The default value is 5 characters.
EmailGloballyUnique¶
This setting specifies whether a Registration Email address should be globally
unique or not. When set to True
, the Registration Server will check that
an email is unique over the entire TeamDrive Network.
By default this parameter is set to the value if UserEmailUnique
. In other
words, if UserEmailUnique
is set to True
, then EmailGloballyUnique
will be set to True
on upgrade to version 3.6.
InvitationStoragePeriod¶
Invitations will be stored on the server for a specified period of time. The default is 30 days (2592000 seconds). After that duration the server will automatically delete older invitations. If the value is to 0, invitations will never be deleted. Deletions are carried out by the background task described here: “Delete Old Messages” Task.
InvitationStoragePeriodFD¶
This setting is deprecated and will be removed in a future version. The functionality will only be used by TeamDrive 3 clients. TeamDrive 4 clients are using the key repository instead (see following link to the chapter Invitation for future devices).
Within 14 days after the first registration, the client will send an invitation for each created Space to the registration server for devices the user may install in future. See Invitation for future devices for a detailed description.
InviteOldDevicesPeriodActive¶
Each new Client installation by a user will create a new device in the database. If the user were to get a new PC, it would be installed as a new device, but the first device will remain in the Registration Server database, even if the user no longer uses it. Invitations will only be sent to devices which were active within the defined period. Please notice, that the device active timestamp will only be updated once a day. So, the value should not be less than one day (86400 seconds). The default value is 96 days (8294400 seconds).
A device that is no longer receiving invitations is said to be “inactive”. An inactive device can be re-activated by starting the TeamDrive client on the device. As long as the TeamDrive installation on the device has not been deleted, the device will be re-activated, and will be able receive invitations again.
If you try to send an invitation to a user that has no active devices, the TeamDrive client register an error. You should then contact the user and request that an old device be re-activated, or a new device installed by the user. The invitation will then need to be sent again.
StoreRegistrationDeviceIPinSeconds¶
Each client registration will store the IP address which was used to register the client. In case of a hacked user, it may be possible to identify the source of the request. The default is 2592000 seconds (30 days) after which the IP will be removed. Other possible values are -1 (never store the value) or 0 (never delete it). All values greater than zero will be taken as seconds. The Delete Client IPs auto task as described in “Delete Client IPs” Task must be enabled.
UserEmailUnique¶
This setting specifies if email address must be unique for the entire
Registration Server. If set to False
then email address need only be
unique per Provider. The setting EmailGloballyUnique
specifies whether
email address must be unique over all TeamDrive Registration Servers.
Email Settings¶
These settings define how the Registration Server delivers outgoing email messages to an SMTP server (MTA).
EmailSendRate¶
This is the maximum send rate for emails per minute. The default is “0” which means unlimmited.
MailSenderEmail¶
The sender header can be defined to avoid spam classification (see sender field description in: http://en.wikipedia.org/wiki/Email#Header_fields). This is necessary in case that the invitations between the users don’t match to the domain which will be used by the registration server. If this value is empty, only the from header will be used. The email will also be used as the ‘envelope-from’-email in user-to-user mails like invitations and as the ‘from’-email for all server-to-user emails like the activation email, new password, etc.
Note
This setting can be overridden by the provider setting
EMAIL/EMAIL_SENDER_EMAIL
, to define a custom sender address on a
per-provider basis. See chapter EMAIL_SENDER_EMAIL for details.
MailSenderHost¶
As described in the SMTP protocol
http://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol#SMTP_transport_example
there will be communication between the SMTP client on the registration server
and the SMTP server which will accept the email for delivery. To avoid spam
classification the HELO
command must match the servers FQDN
. If this
value is empty, the default hostname / IP address detection will be used which
might get 127.0.0.1
instead of the hostname.
MaxEmailPerDay¶
This is a security setting, since invitation mails can, potentially, also be used for spam mails from an user sent by your mail server. You can define how many mails the user can send and/or receive per day. (-1 = unlimited, 0 = no mail)
MaxInboxEmailPerDay¶
This setting specifies the number of emails an inbox can sent per day. This
on concerns the upload confirmation emails which are sent to unregistered
users. The upload notification emails are always sent to registered users
and are included in the MaxEmailPerDay
which each user may receive.
As for MaxEmailPerDay
, “-1” mean unlimited, and “0” means no email will be
sent.
SMTPServer¶
The IP or DNS name of the SMTP server.
In order to use a TLS/SSL connection to the SMTP server prefix the host name of the server with “smpts” protocol (only supported on CentOS 7 systems), for example: “smtps://my.smtpserver.com”. If no protocol is specified then “smpt” is assumed.
SMTPServerUser¶
An username for smtp authentication (only supported on CentOS 7 systems).
SMTPServerPassword¶
The password for smtp authentication (only supported on CentOS 7 systems).
SMTPServerTimeOut¶
Timeout parameter in seconds for sendmail
requests.
TemplatePath¶
This is the location of the default email and HTML templates.
UsePrecedenceBulk¶
Set this value to True
in order to add the header:
Precedence: bulk
to all outgoing emails. This should reduce the number of automatic reply mails
for “out of office” and “vacation”. This setting is False
by default.
Proxy Settings¶
HOSTProxyHost¶
IP address or host name of the HTTP proxy server to be used for the Registration Server to Host Server communication.
HOSTProxyPort¶
TCP port of the HTTP proxy server to be used for Host Server requests.
HOSTUseProxy¶
Set to True
if outgoing Host Server requests must be sent via a HTTP
proxy server. This requires setting HOSTProxyHost
and HOSTProxyPort
as well.
Note
In case of using a squid proxy, you have to set ignore_expect_100 on
in your squid configuration (see squid documentation
http://www.squid-cache.org/Doc/config/ignore_expect_100/).
ProxyHost¶
IP address or host name of the HTTP proxy to be used for outgoing HTTP requests.
ProxyPort¶
TCP Port of the HTTP proxy server to be used for outgoing HTTP requests.
UseProxy¶
Set to True
if outgoing requests must be sent via a HTTP proxy server.
This requires setting ProxyHost
and ProxyPort
as well. Note that Host
Server access uses different proxy settings (see HostUseProxy
).
RedirectURL Settings¶
There are a number of URLs that will be used by the TeamDrive Client to open web pages in response to clicks within the client. These are referred to as “Redirect URLs”.
The various target pages of the Redirect URLs can be set by providing value for the
following variable: DownloadURL
, FAQURL
, ForumURL
,
HelpURL
, LicensePurchaseURL
, ProviderInfoURL
, ReferralURL
,
TDPSOrderURL
and TutorialURL
.
These settings are optional. If no URL is provided the Registration server will return a HTML result containing an english error message.
In addition, all the settings can be overridden by Provider specific settings (see Provider Settings). This means that the Registration Server settings act as a default, if the Provider does not specify a particular URL.
A number of URL parameters are passed to the target pages. These parameters can be used within the target landing pages to generate the content.
page
anddistr
- These parameters are used to determine the target page. These parameters are used by the Registration Server to select a target URL from the various Redirect URL settings.
lang
- The international language code of the current language of the client.
platf
- Specifies the platform of the client: mac, win, linux, ios, android or unknown.
user
- Base 64 encoded username. This parameter is only supplied for the
LicensePurchaseURL
URL. product
- Specifies the product ordered. Only provided for the
TDPSOrderURL
URL. Currently the only possible value is TDPS.
DownloadURL¶
A link to the Client software download page. This URL is optional and may be
overridden by the REDIRECT_DOWNLOAD
Provider setting.
FAQURL¶
An optional link to a FAQ page. This URL can be overridden by the REDIRECT_FAQ
Provider setting.
ForumURL¶
An optional link to a Forum which can be overridden by the REDIRECT_FORUM
Provider setting.
HelpURL¶
An optional link to a general Help page. This URL can be overridden by
the REDIRECT_HELP
Provider setting.
LicensePurchaseURL¶
This an optional link to a page on which new licenses can be purchased. This URL may
be overridden by the REDIRECT_PURCHASE
Provider setting.
LogUploadURL¶
In case of errors on the Client side, the user can submit a support request by
uploading its log files to the Registration Server. The archive of log files
and additional debug information will be sent to a PHP script upload.php
. We
recommend keeping the existing URL since in general it will only be possible for
TeamDrive Systems GmbH to understand the log output.
If you want to set up your own log upload service, you can direct the URL to your server. For details see chapter Client Log Files.
PrivacyURL¶
An optional link to a privacy page which is required by the Google Play Store or the
Apple App-Store. This URL can be overridden by the REDIRECT_PRIVACY
Provider setting.
ProviderInfoURL¶
URL of the Provider information page which will describe all Provider codes
available to the user. This link may be overridden by the
REDIRECT_PROVIDERINFO
Provider setting.
RedirectorProtocol¶
This setting applies to all URL’s returned by the Registration Server. This includes the portal pages, and the provider “REDIRECT” settings, and global “RedirectURL” settings.
These are all URL’s requested by the TeamDrive client in various situations, or when
the user requires additional information. For example, DownloadURL
or
REDIRECT_DOWNLOAD
, is requested by the TeamDrive client when it directs the
user to the location of client software updates.
Even if a setting such as REDIRECT_DOWNLOAD
is set to a URL like:
http://my.server.org/download.html
, if RedirectorProtocol
is set to “https”, then
then a request for REDIRECT_DOWNLOAD
will return https://my.server.org/download.html
.
By default the value is blank which means that the protocol in the setting value is
not changed. And, if no protocol is specified, then “http” will be used.
RedirectorProtocol
may be set to either “http” or “https”.
This setting is new in Registration Server 4.1.3.
ReferralURL¶
The optional user-invite-user referral link, which can be overridden by the
REDIRECT_USERINVITEUSER
Provider setting.
TDPSOrderURL¶
An optional link used to purchase a license for TDPS (TeamDrive Personal Server).
This URL can be overridden by the REDIRECT_ORDER
Provider setting.
TutorialURL¶
An optional link a tutorials page. This URL can be overridden by the
REDIRECT_TUTORIALS
Provider setting.
RegServer Settings¶
AuthorizationSequence¶
Authorization sequence used to send invitations to users which are registered on other Registration Servers in the TeamDrive Network via TDNS.
CacheInterval¶
The time in seconds that Registration Server configuration options are cached.
Changes to the Registration Server or Provider setting will be reloaded after
CacheInterval
expired.
DefaultProvider¶
Select the existing Provider that acts as the Default Provider (this is usually the first provider created on the Registration Server).
For more information about the Provider concept, please refer to Provider Concept.
EnableSuperPINRepository¶
If False
(the default) the option to enable the Super PIN Repository, and
the function to require account users enable the Super PIN are not available in
the Admin Console.
If set to True
the Super PIN account level options become available to
account managers in the Admin Console. In addition, all account managers are
prompted by a banner to read information about the Super PIN and the options
available to accounts and users.
LoadBalancerURL¶
Optional load balancer URL. This URL will be used by the client in place of
the standard registration Server URL. If empty RegServerURL
will be used.
This setting may contain multiple URLs separated by a ‘|’ character. In this case, the TeamDrive Clients will automatically use a different URL for each call the the Registration Server.
MasterServerName¶
The name of the Master Registration Server in your TeamDrive Network.
MasterServerURL¶
Default URL of the Master Registration Server.
PingURL¶
For an inital connection or later on the online test, the client will ping the
PingURL
. This will return a defined answer:
<?xml version='1.0' encoding='UTF-8' ?>
<teamdrive>
<intresult>0</intresult>
</teamdrive>
back to the client, so that the client can check if he can reach the server,
or if there is a proxy or an other gateway which require additional steps
to get internet access. The PingURL
can be located on another server
and just requires a file ping.xml
with the above content.
Default should be the same domain as in RegServerURL
,
RegServerDescription¶
This is a description of the Registraton Server and should include the name of the owner or name of the company that hosts the server. The name and contact information of the administrator of the server should also be provided.
Note
This information is transported to other Registration Servers in the TeamDrive network.
RegServerName¶
The name of your Registration Server which should be defined together with TeamDrive Systems GmbH. The name must be unique within the TDNS network, and it can not be changed later on without reinstalling all clients.
RegServerURL¶
This is the main URL which will be used by the Clients to register and interact with the Registration Server. This URL must always be reachable by the Clients to offer the services. If the URL is no longer valid the Clients have no possibility to reach the server again.
ServerLogFiles¶
Location of various server log files that can be viewed from within the Administration Console via Admin -> View Server Logs. For security reason this setting can only be changed directly in the database to avoid unauthorized access to other than the allowed log files.
ServerTimeZone¶
Timezone used for date functions in the Adminstration Console. Please ensure
that the timezone is valid (see /usr/share/zoneinfo/
for available time
zone information)! (default: Europe/Berlin
)
SimulateRegServer20¶
Enables backward compatibility with TeamDrive 2 clients.
Security Settings¶
These settings allow to enforce some security related restrictions on the Administration Console.
EnableSyslog¶
Log security events to a local syslog, rather than td-adminconsole.log
.
EnableXForwardedFor¶
Set this value to True
if the Admin Console should should read the
“X-Forwarded-For” HTTP header. This is required if the Admin Console is
configured to run behind a load balancer or some other proxy.
In this case the Admin Console is not directly contacted by the user’s Web-browser, and the IP address of the browser is placed in the “X-Forwarded-For” header by the proxy.
LoginMaxAttempts¶
The number of failed login attempts of a particular user within
LoginMaxInterval
before further login attempts are subjected to a delay
(default: 5
).
LoginMaxInterval¶
Time interval used by LoginMaxAttempts
, in minutes (default: 60
).
LoginSessionTimeout¶
Period of idle time before you need to log in to the Administration Console
again, in minutes (default: 30
).
SearchResultLimit¶
The maximum number of search results that will be shown for any given request (0 == unlimited)
UserRecordLimit¶
If set to a non-zero value, this is the maximum number of user records that
can be viewed within the interval defined by UserRecordLimitInterval
.
UserRecordLimitInterval¶
The time interval that UserRecordLimit
applies to.
TDNS Settings¶
EnableDomainSupport¶
When set to True
this setting enables the support for the reservation of domains
and registration of service by a provider (by default this setting is False
).
This functionality requires TDNS 1.9.11 or later, and so this should only be set
to True
when this version of TDNS has been installed.
When enabled, a page to manage domains and services is avialble to providers in the Admin Console.
TDNSAutoWhiteList¶
Set this value to True
to enable new Registration Servers added to the TDNS
network automatically. By default this setting is set to True
.
Registration Servers automatically whitelisted can be disabled manually
in the Admin Console. Note, that if you set this setting to False
, you must
ensure that the TeamDrive Master Registration Server is manually enabled.
If the Master Registration Server is not enabled then the standard TeamDrive Clients will not be able to connect to your Registration Server. In this case, a custom Client with a DISTRIBUTOR file that references your Registration Server is required.
TDNSEnabled¶
This value will be used to activate the TDNS integration of the RegServer, so
that the users of your Registration Server can invite users of other
Registration Servers which are registered in the TDNS network. Each
Provider on a Registration Server needs an own TDNS-ServerID
and a
TDNS-Checksum
value which will be defined by TeamDrive Systems. Without
these values your server can not communicate with the TDNS. The two values
must be set when for adding a new Provider on the Registration Server
(see TDNS Settings).
TDNSURL¶
URL used to access the TeamDrive Name Server (TDNS).