Registration Server How To’s¶
This chapter covers a number of common tasks that you may want to or need to perform with the Registration Server.
Managing Client Updates¶
To inform your users about the availability of a new version of the TeamDrive
client, you use the UPDATE/CURRENT_CLIENT_VERSION
setting. This value
determines whether a TeamDrive client receives an update notification.
If the version of the client is less than CURRENT_CLIENT_VERSION
then the
user will be notified that a new version of the TeamDrive client is available.
Note that this notification only applies to desktop clients (mobile clients will be informed by the Google Play Store or by the Apple App Store).
As of Registration Server version 4.1, the Admin Console no longer supports update notifications for TeamDrive 3.
The ENABLE_UPDATE_TEST
allows you to test how the client responds to an
update notification. Setting the value to True
will send an update
notification to the user specified by the UPDATE_TEST_USER
setting.
You can specify the client version to be sent to the update test user by
setting the UPDATE_TEST_VERSION
setting (available in version 4.1.3).
If this setting is empty, then CURRENT_CLIENT_VERSION
will be returned.
The update notification will direct the user to internet page where the
latest version can be downloaded. The URL of the download page is defined in
the Provider setting REDIRECT/REDIRECT_DOWNLOAD
. Set this to point to the
download location where your users can obtain a new version of the TeamDrive client,
e.g. http://www.yourdomain.com/download.html
.
Configuring a Default License¶
A default license is generated for each user on registration. The features
of this license are determined by the either the LICENSE/DEFAULT_FREE_FEATURE
(see DEFAULT_FREE_FEATURE) or the LICENSE/DEFAULT_ACCOUNT_FEATURE
Provider
settings.
If a user is registered as a member of an account then the
DEFAULT_ACCOUNT_FEATURE
setting is used, otherwise the DEFAULT_FREE_FEATURE
setting is used. This allows you to specify users that are created
for a specific account receive different default license features to those
that register themselves.
Alternatively, it is possible to create a single license which is to be used as a default for multiple users. To do this, first create the license using the Admin Console (see Creating License).
Then set the Provider setting LICENSE/DEFAULT_LICENSEKEY
to the key of the
newly created license. Note that you must ensure that the license user limit
is sufficiently high to cover the number of users that will register and use
the license.
The DEFAULT_LICENSEKEY
applies to all newly registered users, including those
assign to an account.
Changing the Default Depot Size¶
A default Depot for storage of Space data, may be created for a user
on registration. For this purpose, a Hosting Service must be
connected to the Registration Server. If this is the case, then you will
be able to set the HOSTSERVER/HOST_SERVER_NAME
Provider setting by
selecting the Hosting Service from a popup menu.
The default size of the Depot is specified using the HOST_DEPOT_SIZE
setting. By default, this value is 2 GB.
If you change this value then, for TeamDrive 3 users, you should also
change the CLIENT/FREE_LIMIT_SIZE
setting to the same value.
TeamDrive 3 clients limit the amount of data that will be processed by the
Client when not using a Personal or Professional license. This means that
if you do not increase FREE_LIMIT_SIZE
in accordance with the
HOST_DEPOT_SIZE value, users will not be able to use all the disk
space available in the default Depot.
Setting up a Master User¶
A master user is a user that is automatically invited to all spaces of users of a Provider. This has a number advantages, for example:
- All spaces keys used by users can be collected as a backup, in case the keys are lost.
- It creates a central repository where an Administrator can enter any Space used by any of the users.
A disadvantage is that anyone with access to the master user has access to all spaces.
You create a master user by setting the master-user
client setting to
the username of the master user. The value must be set in the
CLIENT/CLIENT_SETTINGS
Provider setting (see CLIENT_SETTINGS).
This user will now be automatically invited to all Spaces with the
“Master User” rights.
Note
In case of using the email as username (see USER_IDENTIFICATION_METHOD) you have to use the magic username as master username.
It is now possible to install a TeamDrive client, login as the master user
and setup the client to automatically accept invitations
sent to it. This can be done by setting the client setting auto-accept-invitation
to true
.
Do not set this setting in the CLIENT_SETTINGS
Provider setting
as this would mean that users, in general, will loose control of how they wish
to handle Space invitations. Instead, it is possible to set this setting
in a local configuration file, so that it only applies to the master user
installation.
This is the “/Users/Shared/teamdrive.ini” file on Mac OS X, “/etc/teamdrive.ini” on Linux and “%ProgramData%/TeamDrive3/teamdrive.ini” (usually “C:\ProgramData\TeamDrive3\teamdrive.ini”) on Windows.
When run on a machine that is “always on” (i.e. a server) this will ensure that all invitations are received when sent to the master user from other clients.
The behaviour, whether files are downloaded directly after accepting the
invitation, or just the “meta-data” of the Space, is determined by the
auto-accept-invitation-mode
client setting. This can be set to
one of the following values: non-offline-available
, offline-available
or archived
. The default is archived
, which means the Space key
is stored, and the Space will be marked as “Inactive”. The Space can then be
activated manually at a later stage.
Using a “Restricted” Client License Model¶
The Restrict License Model is intended to provide users with a limited but free version of TeamDrive. For this reason a restricted license is can to be the default license which a user receives on first time registration.
Note
The Restricted Client License Model is only supported by TeamDrive 4 Clients.
A restricted license tells the TeamDrive Client that certain restrictions apply. Currently this may only be a restriction to the number of Spaces that may be active at any one time.
To setup a Restricted Client License Model, do the following:
Set the Provider settings DEFAULT_FREE_FEATURE
and
DEFAULT_ACCOUNT_FEATURE
to the Restricted and WebDAV
features, depending on whether you want a non-commercial or a
commercial license.
If you include the Personal feature the license will be usable by commercial/business users. Alternatively you could include the Professional feature which is considered identical to the Personal feature by TeamDrive 4 clients (see DEFAULT_FREE_FEATURE for details).
If you only want non-commercial/private users to be able to use the license then include the WebDAV feature instead of the Personal or Professional feature. This will ensure that the user can still use WebDAV hosting services, which is automatically included in the Personal or Professional features.
To ensure that the DEFAULT_FREE_FEATURE` and DEFAULT_ACCOUNT_FEATURE
settings take effect you mus set DEFAULT_LICENSEKEY
is blank.
Finally, ensure that the LICENSE/ACTIVE_SPACES_LIMIT
Provider setting
is set to a value greater than 0 (by default the value is 1). This setting
automatically adds the active-spaces-limit
to the CLIENT/CLIENT_SETTINGS
value
sent to the client. The value determines the number of active Spaces allowed
by the TeamDrive Client when the Restricted license feature is set.
The active-spaces-limit
setting only has an effect if the
Restricted feature is set on the user’s license. This means
that users with a standard Professional License (that have just the
Professional license feature) are not effected by this limitation.
In order to upgrade such a user to the a fully commercial license you can either remove the Restricted feature manually in the Admin Console, or it can be done using the “downgradedefaultlicense” API call (see downgradedefaultlicense), which can be used to remove features from a license.
How to Restrict Device Registration¶
As a Provider you may wish to restrict the creation of new TeamDrive installations by your users. For example, the users of a certain Provider may be prevented from using private devices, in order to control the proliferation of company data.
In order to do this, you can configure the Registration Server to require manual approval for every new device registration.
The details are explained in chapter LOGIN_WITHOUT_ACTIVATION
How to Setup Two-Factor Authentication¶
The Reg Server version 3.6 supports two-factor authentication (2FA) using the Google Authenticator App (https://support.google.com/accounts/answer/1066447?hl=en) or using an Email OTP (one-time password).
Two-factor authentication can be activated in the Admin Console by the user in the TeamDrive App.
How to migrate existing Users, Depots and Licenses to an Account¶
Create a new account as described in Create Account. You can already choose the manager and account members, but both are optional and not required. When moving existing users to an account their licenses and depots will not automatically be moved to the depot. Both are still bound to the user.
Click on
Edit Account
to change the account record itself and / or managers, members, licenses and depots.You can create a new license with
Create License
(depends on your access rights) or you can move existing licenses to an account withAdd License
. The license select list is limited to licenses which:- are not assigned to a TeamDrive user or
- belong to an user which is already a member of this account, but is not the default license of the user and has a user limit > 1.
When you move an existing license to an account, the account will be the new owner of the license and not the user anymore (this is important, if you remove the user from the account, because the user will not be able to use this license anymore).
You can create a new depot with
Create Depot
(depends on your access rights) or you can move existing depots to an account withAdd Depot
. The depot select list is limited to depots which:- are not assigned to a TeamDrive user or
- belong to an user which is already a member of this account.
When you move an existing depot to an account, the depot will be shown under the account, but also still have a Teamdrive user as an owner of the depot, because the TeamDrive Clients need this information to set/change the Admin-User of a space.
Requiring Manual Activation of Devices¶
As a Provider, if you want to control the creation of new devices (also known as a TeamDrive installation) you can required “manual activation”.
Normally, activation of a new devices is done by the user. The user receives an email that includes an “activation link”. By clicking on the link, the user activates the new device.
If the user account is new and not yet activated (which means the email address has been verified) then device activation is required before the installation can proceed.
However, if LOGIN_WITHOUT_ACTIVATION
is set to True
, then new devices of an
already activated user are activated automatically.
To enable manual activation set the Provider setting MANUAL_ACTIVATION_REQUIRED
to True
(see MANUAL_ACTIVATION_REQUIRED). This specifies that all
new devices must be manually activated by a Provider manager or the Provider
administrator.
When manual activation is enabled the settings: LOGIN_WITHOUT_ACTIVATION
,
SUPERPIN_LOGIN_WITHOUT_ACTIVATION
and ACTIVATE_ON_INVITATION
must be set to
False
. The Admin Console will require these settings are changed to False
before allowing manual activation to be enabled.
Manual Activation Email Templates¶
When manual activation is enabled two types are emails, generated using corresponding email templates, are sent when a user creates a new device (a new TeamDrive installation).
- activation-pending:
- This email is sent to the user. The email is used to inform the user that manual activation of the new device is necessary to completed the installation, and that the manager of the user account has been notified.
- activation-required:
This email is sent to the managers that have been selected to perform the task of manual activation. It includes the details of the device to be activated and a link to the Admin Console. The link selects the user account and highlights the device to be activated.
Which managers receive this email is described below.
Specifying Manual Activation Users¶
In order to perform manual activation a user must have Provider level privileges.
This includes users that login as the Provider administrator whose username is specified in the “Provider Record” on the Provider Setting page in the Admin Console.
Manual activation can also be performed by users with PROVIDER-MANAGER
privilege and
users that have Superuser-Level privileges.
If the user is a member of an account, then the Account Manager will also be able to activation devices of the user.
Note
A user can also activate their own device if they have permission to login to the Admin Console.
By default, the Provider administrator is notified when a new device is created. This uses the email address specified in the “Provider Record”.
You can specify explicitly which users should be notified by setting the
NEW_DEVICE_NOTIFICATION_LIST
Provider setting. This is a comma separated list of
usernames and/or email addresses of existing users.
The Provider administrator username can also be specified in the list. Alternatively
you can specify the Provider administrator by using the Provider Code preceded by a
“$” characters. For example if you want to notify the Administrator of of Provider ABCD
,
then you can add “$ABCD” to the list.
Note that the Registration Server does not check if the users in this list have the required privilege to perform the activation task. If is just a list of users that will receive the activation-required email.
Performing Manual Activation¶
Usually a user account and/or a new device is activated when the user clicks on an activation link sent via email.
Activation of the user account means that the user’s email address has been verified (i.e. the user has confirmed that they have access to the email address). Activation of a device is required in order to use the device for the purpose of data storage and transfer in TeamDrive.
When manual activation is enabled the enduser will neither perform activation of devices nor the activation of their own user account. Both operations are performed by a manager (or managers) appointed by the Provider.
When a new user installs TeamDrive for the first time, activation of the user account and the initial device is performed simultaneously. When performing manual activation in this case the Admin Console will indicated that both the user account and the device are in the “Not activated” state.
If you click the button in the Admin Console to activate the user account, the device will be activated as well. If you click the button to activate the device, the user account will be automatically activated when the TeamDrive client completes the installation.
There are other cases in which both the user account and the device require activation. These include:
- a user was created due to a Space invitation sent to an unregistered user, or
- a user was registered in the Admin Console or in the Shop.
When such a user logs into the Web Portal or installs TeamDrive for the first time, both user account activation and device activation will be required.
In all of these cases, the manager need only activate the device. The user account will be automatically activated as well. So by activating the device the manager is effectively verifying the user’s email address at the same time.