Seitenhierarchie
Zum Ende der Metadaten springen
Zum Anfang der Metadaten

In this article you will find all available settings which can be set in the server configuration file. Most of those settings can also be set in the web interface.


Location and Format

The PowerFolder.config server configuration file location depends on the operating system:

  • Windows 7/8/10/2008 R2/2012 R2/2016: C:\ProgramData\PowerFolder\PowerFolder.config
  • Linux and Mac: ~/.PowerFolder/PowerFolder.config

The format is a simple text base formats with key=value formatted lines. Comments can be inserted with by adding a # (dash) in front of each line.


General Settings

Admin Account Settings

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Admin usernameplugin.webinterface.usernameadmin

The username of the account which has full control over the server and all its settings.

(Info) When inserting the parameter into the config file, the server will rename the current admin to the specified name and remove the parameter afterwards.

Current password


The password of the account specified above.
New passwordplugin.webinterface.passwordpassword

The new password for the account specified above (required when the password should be changed).

(Info) When inserting the parameter into the config file, the server will set the specified password for the the current admin and remove the parameter afterwards.

Confirm new password


The confirmation for the new password for the account specified above (required when the password should be changed).

Licensing

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
PowerFolder.com E-Mail


PowerFolder.com account of the licensee for PowerFolder Server. This account also holds the microcredit purchased with the product. Usually this field is already filled due to the initial activation of PowerFolder Server.
PowerFolder.com Password


PowerFolder.com password of the account specified above.

Limit users per Server
license.limit.user

Any numeric valueTo limit the maximum number of users.
Overview:

Logging

Web SettingConfig SettingConfig Default ValueConfig Possible ValuesDescription

Console Log Level

*Cannot *be changed with reload (requires restart)

log.console.levelINFO
  • FINER
  • FINE
  • INFO
  • WARNING
  • SEVERE
  • OFF

Sets the log detail level for the web console.

(warning) High log levels result in reducing overall system speed.

File Log Level

*Cannot *be changed with reload (requires restart)

log.file.levelINFO
  • FINER
  • FINE
  • INFO
  • WARNING
  • SEVERE
  • OFF

Sets the log detail level for the log files.

(warning) High log levels result in reducing overall system speed.

Enable log file rotation

*Cannot *be changed with reload (requires restart)

log.file.rotatetrue
  • true
  • false
Controls if the log files should be rotated after a specified number of days. If enabled, the oldest log file will be deleted after it expired.

Log file rotation days

*Cannot *be changed with reload (requires restart)

log.file.keep.days31
  • A valid positive number

Defines the number of days after the oldest log file will be deleted.

Syslog server hostname

*Cannot *be changed with reload (requires restart)

log.syslog.host
  • A valid hostname
Defines the hostname of a Syslog server to log to. If a hostname will be defined, the logging will be automatically enabled.

Syslog server port

*Cannot *be changed with reload (requires restart)

log.syslog.port514
  • 1-65535
Defines the port of a Syslog server to log to.

Syslog server level

*Cannot *be changed with reload (requires restart)

log.syslog.levelINFO
  • FINER
  • FINE
  • INFO
  • WARNING
  • SEVERE
  • OFF

Defines the level of log output for the Syslog server.

(warning) High log levels result in reducing overall system speed.

Log transfers

*Cannot *be changed with reload (requires restart)

plugin.pro.monitor.transfer.use_csv
plugin.pro.monitor.transfer.use_sql 
false
  • true
  • false

Defines if data transfers of files and directories should be logged. This setting has three values:

  • Disabled - No transfers are logged
  • CSV file - All transfers will be logged in comma separated files in sub-directories named after the current date.
  • Database: All transfers will be logged in the internal/external database table TransferLogEntry.

(Info) Transfer Monitoring is described in an extra article in our documentation.

Log active threads

*Cannot *be changed with reload (requires restart)

log.active_threads

false


  • true
  • false

Will log all active threads. Only enable this option our support requests you to do so.

(warning) Might reduce system speed significantly!

Log web requests

*Cannot *be changed with reload (requires restart)

web.dump.requestsfalse
  • true
  • false
Will log all web requests. Only enable this option if our support requests you to do so.

Database Settings

The following entries got introduced in version 14.2.13

There are many more entries but you might only see the following ones if you used a database prior v. 14.2.13.

Please review hibernate and c3p0 documentation for all possible configuration entries

(Fehler) Please be cautious changing these settings since it might result in corrupted databases or not working database connections!

SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription

Database Connection URL

(Fehler) Setting not available via web

hibernate.connection.url


Database user

(Fehler) Setting not available via web

hibernate.connection.username


Passeword for database user

(Fehler) Setting not available via web

hibernate.connection.password


Max Connection Pool Size

(Fehler) Setting not available via web

hibernate.c3p0.max_size


Log SQL queries to log file

(Fehler) Setting not available via web

hibernate.show_sql


(Fehler) Setting not available via web

hibernate.format_sql


(Fehler) Do NOT change this setting as this may damage your system.

(Fehler) Setting not available via web

hibernate.dialect


How many new pooled connection get created

(Fehler) Setting not available via web

hibernate.c3p0.acquire_increment


How long should the server wait until it tests the sql connectivity

(Fehler) Setting not available via web

hibernate.c3p0.idle_test_period


Minimum size for the connection pool

(Fehler) Setting not available via web

hibernate.c3p0.min_size


(Fehler) Do NOT change this setting as this may damage your system.

(Fehler) Setting not available via web

hibernate.c3p0.timeout


(Fehler) Do NOT change this setting as this may damage your system.

(Fehler) Setting not available via web

hibernate.cache.provider_class


(Fehler) Do NOT change this setting as this may damage your system.

(Fehler) Setting not available via web

hibernate.cache.use_query_cache


(Fehler) Do NOT change this setting as this may damage your system.

(Fehler) Setting not available via web

hibernate.cache.use_second_level_cache


(Fehler) Do NOT change this setting as this may damage your system.

(Fehler) Setting not available via web

hibernate.connection.driver_class


(Fehler) Do NOT change this setting as this may damage your system.

(Fehler) Setting not available via web

hibernate.connection.provider_class


(Fehler) Do NOT change this setting as this may damage your system.

(Fehler) Setting not available via web

hibernate.connection.release_mode


(Fehler) Do NOT change this setting as this may damage your system.

(Fehler) Setting not available via web

hibernate.current_session_context_class


Maintenance Folder

SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription

Maintenance Folder Path

*Cannot *be changed with reload (requires restart)




Shows the current location of the Server Maintenance Folder.

Maintenance Folder ID

*Cannot *be changed with reload (requires restart)

plugin.server.maintenancefolderid

Defines the ID of the Server Maintenance Folder. Please only modify the value if preparing the servers to run in a high availability setup.

Cluster Config Synchronisation

(Fehler) Setting not yet available via web

*Cannot *be changed with reload (requires restart)

config.clustertrue
  • true
  • false
Enables synchronisation of cluster settings via Server Maintenance Folder (Cluster.config).

Proxy

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
HTTP proxy hosthttp.proxy.host
  • A valid hostname

Proxy server to connect to for outbound HTTP/S connections.

HTTP proxy porthttp.proxy.port80
  • 1-65535
Proxy server port.
HTTP proxy usernamehttp.proxy.username

Username required to access the proxy server.
HTTP proxy passwordhttp.proxy.password

Username required to access the proxy server.

User Accounts

SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Database user account defaults


A link to the profile for database users.
LDAP user account defaults


A link to the profile for LDAP users.
RADIUS user account defaults


A link to the profile for RADIUS users.
Account validity (days)server.register.os.days-1
  • Setting server.register.os.days to 0 or -1 will result in no valid till date being set -> Accounts are valid from now on forever
  • Setting server.register.os.days to a number > 0 will set a valid till date of number of days in the future
  • Setting server.register.os.days to a number < -1 will set a valid till date of number of days in the past, resulting in a disabled account
Defines the default number of days a new account should be valid.
Login script to uselogin.script
  • A full path to an executable script

Will be executed after each user login / authentication via client or web portal. Example:

login.script=http://myserver/process_login.php

(Glühbirne) The server will add an entry to the log if the script was executed successfully or not. On Linux it's possible to pass messages to stdout and stderr, so they will be added to the logs. Example:

echo This is a stdout test >&1
echo This is a stderr test >&2
Wait for login scriptlogin.script.waitfalse
  • true
  • false
Controls if other server processes will wait for the login script to finish.
Login type to useserver.username.isemailboth
  • true: Field label will be "Email", login field only accepts logins containing an 'at' (@) and a "dot" (.) sign after that. The first email from LDAP will be set as username.
  • false: Field label will be "Username", login field doesn't check the format.
  • both: Field label will be "Username/Email", login field doesn't check the format.
  • <custom>: Field label will be the value specied (replace <custom> with a label of your choice), login field doesn't check the format.

Controls:

  • if usernames are allowed, which don't include an 'at' (@) and a "dot" (.) sign after that.
  • what kind of label the login field in the web and client interface has

(Info) The setting also applies to LDAP, so users are forced to use either the mail or userPrincipalName attribute (or any other attribute including an email-like value) if true is specified.

Message if user account has expiredserver.register.account_expiredYour account is invalid
  • Any text message
A message to the user, if his/her account has expired.
Message if user account is not yet validserver.register.account_not_yet_validYour account is not valid yet
  • Any text message
A message to the user, if his/her account is not yet valid.

Authentication Settings

LDAP / Active Directory

LDAP configuration entries available with version 11.5. Please also watch New LDAP configuration files

<index> priorizes the LDAP Server. The server requests the LDAP servers sorted by these numbers.

For PowerFolder versions pre 11.5 watch our old LDAP Configuration entries

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Only a visual entry in Web UIldap.<index>.server.nameLDAP 0, LDAP 1, LDAP 2, ...Any string

Describing name for the UI.

LDAP hostname
ldap.<index>.server.url

LDAP Server URL starting with ldap:// or ldaps://

Examples:

  • ldap://ldap.example.com
  • ldap://ldap.example.com:389

Contains the hostname, port and SSL settings of the directory server server.

Username suffixes

ldap.<index>.server.username_suffixes

Examples:

  • example.com
  • ldap.local
Comma-separated string of the user name suffixes to establish a mapping between user groups and an LDAP/AD server.

LDAP username

ldap.<index>.search.username

Example:

administrator@example.com

The distinguished name of the user to use when connecting to the directory server.

(Fehler) Setting not available via web

ldap.<index>.search.passwordobf

Must not be set by user.

The hidden password of the search.user. Is generated automatically.
LDAP password
ldap.<index>.password


The password of the search.user. Is transferred to search.passwordobf and then deleted from the configuration file.


Search contextldap.<index>.search.base dc=company,dc=local

Description of the accounts in the LDAP tree, below which you want to search for users, groups, and organizations.

Mapping of organization

ldap.<index>.search.org.depth 0

0=No organisation mapping

1=Single Domain mapping

2=Multi Domain Mapping

To what depth below the search.base you want to search for and import organizations.

Search match criteria

ldap.<index>.search.expression

(|(sAMAccountName=$username)(mail=$username)(userPrincipalName=$username)(uid=$username)(distinguishedName=$username))


Search filter used to identify the user. $username is a placeholder replaced by the name of the user.
Search context for groups
ldap.<index>.search.expression.groups
(|(objectClass=group)(objectClass=groupOfNames)(objectCategory=group))
Search filters that identify the groups.

Attribute identifying the member in a group

ldap.<index>.search.groups.member
 member
Attribute that identifies the members of a group. In an ActiveDirectory, a group contains the member attributes.
Attribute identifying a group of a user
ldap.<index>.search.groups.member_of

memberOf


Attribute that identifies the groups of a user. In an ActiveDirectory, a user contains the memberOf attributes.

Synchronize LDAP

ldap.<index>.sync.type

0

0=No users

1=Only already imported users

2=All users in LDAP

Rule how users should be imported from an LDAP/AD.

Synchronize LDAP
ldap.<index>.sync.time

0


Time interval in hours between automatic user imports.
Match accounts by mail attributeldap.<index>.accounts.match_email

true

  • true
  • false

Should users known to the PowerFolder server be merged with information from LDAP/AD if the e-mail address matches?

(Fehler) Setting not available via web

ldap.<index>.sync_groups.enabledfalse
  • true
  • false
Should groups be imported from LDAP/AD?
Import match criterialdap.<index>.import.expression

Example:

  • (objectClass=person)
  • (&(objectClass=person)(!(objectClass=computer)))
Filters that identify users. For OpenLDAP (objectClass=person) and for ActiveDirectory (&(objectClass=person)(!(objectClass=computer)))

Mapping of additional E-Mail addresses

ldap.<index>.mapping.mail_addresses
 mail,mailAddresses,proxyAddresses
Comma-separated string containing the attributes to be added to a user as e-mails.

Mapping of account name

ldap.<index>.mapping.usernamesAMAccountName,uid
Comma-separated string containing the attributes that identify a user name. The first appropriate attribute is used to set the user name.

Mapping of given name

ldap.<index>.mapping.given_name

givenName


Comma-separated string of attributes that identify the first name.

Mapping of common name

ldap.<index>.mapping.common_name

cn,commonName


Comma-separated string of the attributes representing the common name, e. g. the full name, if it is a person.

Mapping of middle name

ldap.<index>.mapping.middle_name

middleName


Comma-separated string of the attributes containing the middle names.

Mapping of surname

ldap.<index>.mapping.surname

sn,surname


Comma-separated string of attributes containing the last name.

Mapping of the display name

ldap.<index>.display_name

displayName,name


Comma-separated string of attributes containing the display name.

Mapping of telephone number

ldap.<index>.mapping.telephone

mobileTelephoneNumber,telephoneNumber,mobile


Comma-separated string of attributes containing telephone numbers.

Mapping of account expiration date

ldap.<index>.mapping.expiration

accountExpires


Comma-separated string of the attributes that contain an expiration date for a user.

Mapping of date the account is valid from

ldap.<index>.mapping.valid_from

validFrom


Comma-separated string of the attributes that contain a validity date for a user.
Mapping of the account quotaldap.<index>.mapping.quota

quota


Comma-separated string of the attributes that contain the quota for a user.

(Fehler) Setting not available via web

ldap.<index>.mapping.quota.unit

GB
  • TB
  • GB
  • MB
Size unit for the quota of a user.

Kerberos SSO

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Enable Single Sign-On via Kerberoskerberos.sso.enabledfalse
  • true
  • false

Controls if Kerberos support for server and client is enabled or not.

Domainkerberos.sso.realmWORKGROUP
  • A valid Active Directory domain name
Specifies the Active Directory Domain name.
Key Distribution Centerkerberos.sso.kdc
  • A valid KDC
Specifies the Active Directory Key Distribution Center (KDC). Most likely this will be your domain controller.
Service Principal Namekerberos.sso.service_namedomain/hostname
  • A valid registered SPN

Specifies the Service Prinicipal Name created for the machine which is running PowerFolder Server.

RADIUS

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Enable RADIUS authentication


Controls if RADIUS support will be enabled in the server.

RADIUS hostnameradius.server

Example:

  • radius.example.com:1812
Specifies the hostname and (optional) port for the RADIUS server.
RADIUS shared secretradius.sharedsecret

Specifies the shared secret for communication with the RADIUS server.
RADIUS protocolradius.authPEAP
  • EAPMD5
  • EAPMSCHAPV2
  • EAPTLS
  • EAPTTLS
  • PEAP
  • MSCHAPV1
  • MSCHAPV2
  • CHAP
  • PAP
Specifies the proctol to use for communication with the RADIUS server.
RADIUS timeoutradius.timeout.seconds30
Specifies when RADIUS server communication should time out.

Shibboleth

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Enable Shibboleth authenticationshibboleth.enabledfalse
  • true
  • false

Controls if Shibboleth support will be enabled in the server.

Federation Metadata URLshibboleth.metadata.url
Defines the URL to receive the Metadata from.
Discovery Feed URLshibboleth.serviceprovider.url
  • A valid URL (optional)
Defines the URL to the Discovery Feed.

Enable organization mapping

shibboleth.create.organizationstrue
  • true
  • false
Controls if Shibboleth organizations should be mapped to PowerFolder organizations.

Organization attribute

shibboleth.organizations.attributeo
  • A valid organization attribute
Defines the organization attribute.
Auto-create organizations on loginshibboleth.create.organizationstrue
  • true
  • false
Controls if organizations created automatically on login.
Session-Identifier (ID) attribute shibboleth.attribute.sessionidShib-Session-ID
  • A valid Session-Identifier (ID) attribute
Defines the Session-Identifier attribute.
Persistent-Identifier (ID) attributeshibboleth.attribute.persistentidpersistent-id,uniqueID
  • A valid Persistent-Identifier (ID) attribute
Defines the Persistent-Identifier (ID) attribute.
Username attributeshibboleth.attribute.usernameeppn,EPPN,eduPersonPrincipalName
  • A valid Username attribute
Defines the Username attribute.
Mail attributeshibboleth.attribute.mailmail,email
  • A valid Mail attribute
Defines the Mail attribute.
Match accounts by mail attributeshibboleth.accounts.match_emailtrue
  • true
  • false
Controls if accounts are matched by mail attribute.
Given name attributeshibboleth.attribute.givennamegivenName
  • A valid Given name attribute
Defines the Given name attribute.
Surname attributeshibboleth.attribute.surnamesurname,sn
  • A valid Surname attribute
Defines the Surname attribute.
Expiration attributeshibboleth.attribute.expiration
  • A valid Expiration attribute
Defines the Expiration attribute.
Custom attribute 1shibboleth.attribute.custom1affiliation,eduPersonScopedAffiliation
  • A valid Custom attribute 1
Defines the Custom attribute 1.
Custom attribute 2shibboleth.attribute.custom2
  • A valid Custom attribute 2
Defines the Custom attribute 2.
Custom attribute 3shibboleth.attribute.custom3
  • A valid Custom attribute 3
Defines the Custom attribute 3.
Discovery feed URL
server.idp.disco_feed.url

A valid URL.Loads the identity provider list from this URL. Identity providers are selectable by end-users for login.
Names of external organizationsserver.idp.external_names
  • Default is empty
  • Comma separated list of names to be displayed in IdP dropdown list as "other external" users
    Example:
    server.idp.external_names=Gastkennungen/Guests,!Org Beispiel 1,!Org Beispiel 2,!Org Beispiel 3,!Firma aus M\u00FCnchen,!KEIN_RECOVERY,MIT_RECOVERY

Defines the names of external organizations added to the identity provider list loaded from the discovery feed. Selecting any organization of this list during login will authenticate the user vs. non-SAML sources, such as LDAP, Database or RADIUS if setup.

If an exclamation mark is added in front of the organization name, password recovery won't be available for that organization (e.g. LDAP).

Authentication Order

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription

Authentication order

*Cannot *be changed with reload (requires restart)

security.auth.order
  • ldap
  • rad
  • shibboleth
  • db

Defines in which order the server will contact different authentication sources to authenticate users.

Activating federated login
server.federation.login_enabled

  • true
  • false

Defines, if the server is acting as a central login page for federated services to search for the provider that hosts and forwards to the external service.

(warning) Available with version 11.4 or higher

Storage Settings

Storage

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Default storage pathfoldersbase
  • Windows: C:\ProgramData\PowerFolder\PowerFolders
  • Linux: ~/PowerFolders

Example:

  • foldersbase=D:\PowerFolders
  • foldersbase=\\exampleserver\PowerFolders\
  • foldersbase=/home/user/PowerFolders

The directory on your disk, which is used by PowerFolder Server to store new folders.

Add new folders in the default storage path automatically

look.for.folder.candidatesfalse
  • true
  • false
Controls if a new folder in the default storage path should be automatically managed by the server.
Create user-based directory schemecreate.folder.path.pattern$username/$foldername

Example:

  • $username/$foldername
  • $username
  • $foldername
  • $username/PowerFolders/$foldername
Sub-directory pattern relative to the folderbase directory of the server. Two placeholders are possible: $username will be replaced by the username of the user who creates a folder. $foldername will be replaced by the name of the folder the user creates.
Delete non-managed folders from default storage pathplugin.server.folders.auto_removefalse
  • true
  • false
Controls if the server should move unused folders (not assigned to any existing user) from its folderbase to a sub-directory in the folderbase, which is called BACKUP_REMOVE. The check runs every hour. The contents of the BACKUP_REMOVE directory have to be deleted manually.
Move folders to backup directory when users delete themserver.folders.delete_datatrue
  • true
  • false

Controls how to handle removals of folders by a user (owner or admin of a folder) in the client or the web interface. By default the server moves the contents/files to a directory called BACKUP_REMOVE. Set this option to false to prevent any file system changes when a user deletes a folder.

Mount folders dynamically in high-availability setups

*Cannot *be changed with reload (requires restart)

folders.mount.dynamicfalse
  • true
  • false

Controls if folders will only be actively managed if the folder is really served by the same node. 

(error) Not compatible with create.folder.use.existing=FALSE Data loss occurs!

Use existing folders with the same name

create.folder.use.existingtrue
  • true
  • false
Controls if the server should delete an existing folder if a client tries to create a new one with the same name. Otherwise the server creates new empty directories appending numbers, like (2),(3),...
(Warnung) Does not backup the contents of the existing folder if enabled.
Preserve NTFS filesystem permissionsfolder.copy_after_transfer.enabledfalse
  • true
  • false 
Controls if a transfered file is moved from the temporary transfer directory. If enabled the transfered file will be copied and deleted from the temporary transfer directory.

Use filesystem API to watch for changes

*Cannot *be changed with reload (requires restart)

folder.watcher.enabledtrue
  • true
  • false 
Controls if folder changes will be recognized using filesystem APIs. If disabled, changes will be detected only if the folder is accessed by a client.

Recovery of 0 byte files and deleted files by server

recover.zero_byte.files

false

(Warnung) Default in PowerFolder version 10.6/11 is true

  • true
  • false
Enables users the option to recover 0 byte files and deleted files by PowerFolder server.

(Fehler) Setting not yet available via web

storage.stickyness.accountsfalse
  • true
  • false
Keeps one user account sticked to the same storage path, if multiple storage paths are configured.
Storage Path Check

folder.storage.path.check

folder.storage.path.report

false
  • true
  • false

Checks periodically if the folder path on server storage still is correctly for this user.

E.G. If the ownership rights of a folder are transferred to another user, this function moves the folder into the correct directory on the server to keep the data structure clear for administrative purposes.

folder.storage.path.report is only demo mode. Only writes the log entrys but doesn't move files or folders.

(warning) Available with version 11.4 or higher

Archiving

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Archivingdefault.archive.versions5
  • A valid number of version

Controls the default number of versions of new folders kept on the server

Archiving durationarchive.cleanup.days0
  • A valid number of days
Controls how many days archived file is kept. (0 = infinite number of days).

Customization Settings

Download URLs

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Android App URLweb.android.client.urlhttps://market.android.com/details?id=de.goddchen.android.powerfolder.A


Specifies the link to the Android app in the Google Play Store

iOS App URLweb.ios.client.urlhttps://itunes.apple.com/de/app/powerfolder/id536214931?mt=8


Specifies the link to the iOS app in the Apple Store
Windows Client URLweb.download.client.urlclient_deployment/PowerFolder_Latest_Installer.exe


Specifies where clients can download the latest Windows version of the PowerFolder Client.
Mac Client URLweb.mac.client.urlclient_deployment/PowerFolder_Latest_Mac.dmg
Specifies where clients can download the latest Mac version of the PowerFolder Client.
Linux .tar.gz URLweb.linux.client.urlclient_deployment/PowerFolder_Latest_Linux.tar.gz
Specifies where clients can download the latest Linux .tar.gz version of the PowerFolder Client.
Linux x86 .deb URLweb.linux.client.deb32.urlclient_deployment/PowerFolder_Latest_i386.deb
Specifies where clients can download the latest Linux .deb (i386) version of the PowerFolder Client.
Linux x64 .deb URLweb.linux.client.deb64.urlclient_deployment/PowerFolder_Latest_amd64.deb
Specifies where clients can download the latest Linux .deb (amd64) version of the PowerFolder Client.
Linux x86 .rpm URLweb.linux.client.rpm32.urlclient_deployment/PowerFolder_Latest.i386.rpm
Specifies where clients can download the latest Linux .tar.gz version of the PowerFolder Client.
Linux x64 .rpm URLweb.linux.client.rpm64.urlclient_deployment/PowerFolder_Latest.x86_64.deb
Specifies where clients can download the latest Linux .tar.gz version of the PowerFolder Client.
Versioncheck URLweb.checkversion.client.urlclient_deployment/PowerFolderPro_LatestVersion.txt
Specifies where clients can check for the latest version number to show an update dialogue to the user.
Force update of clients if new version is available

update.force

(Warnung) (must be set in the Default.config!)

true
  • true
  • false
When the client starts it check if it's on the latest version. If not, it will issue a notification to the user. It's also possible to force users to update. If they don't, the client will not continue working.

Information URLs

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescriptionSince version
URL / Homepageprovider.url.main




URL / Shop

provider.url.buy





URL / Supportprovider.url.support https://wiki.powerfolder.com TestURL of the PowerFolder Support
URL / Support / Settingprovider.url.support.show_in_menufalse
  • true
  • false
Whether to show the support link in application menu11.3 SP3
URL / Quickstart Guideprovider.url.quickstart



URL / Documentationprovider.url.wiki



URL / Contact Pageprovider.url.contact



URL / Ticketprovider.url.ticket



URL / Company Pageprovider.url.about



Network Settings

Hostname and Ports

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription

Hostname/IP

*Cannot *be changed with reload (requires restart)

hostname
  • A valid hostname or IP address


DNS hostname or IP of the PowerFolder Server, which are also used by the clients to connect.

Data port (TCP)

*Cannot *be changed with reload (requires restart)

port1337
  • 1-65535


The port on which PowerFolder Server listens for incoming data connections.

AJP port

*Cannot *be changed with reload (requires restart)

(warning)Depricated since v. 10

ajp.port
  • 1-65535
Apache JServ Protocol port. If this setting is not added to the configuration file, the port is disabled by default.

HTTP port

*Cannot *be changed with reload (requires restart)

plugin.webinterface.port8080
  • 1-65535
TCP port under which the web interface will be served.

HTTPS/SSL port

*Cannot *be changed with reload (requires restart)

ssl.port
  • 1-65535

TCP port under which the SSL protected web interface will be served.

(Info) This field will only be used if the SSL Configuration Wizard has been used to import the SSL certificate. When running behind an external webserver, like Apache or Nginx, you should set this to-1.

Bind to specific IP

*Cannot *be changed with reload (requires restart)

net.bindaddress
  • A valid IP address of a local interface
IP address to which PowerFolder Server should be restricted to.

Network ID

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription

Network ID

*Cannot *be changed with reload (requires restart)

networkid


The network ID will automatically be generated on the first start of the server. It separates the server from other PowerFolder installations. PowerFolder Clients or Server will only exchange data with other servers or clients which are using the same network ID. Usually it's NOT necessary or recommended to change the ID. It is only required in high-availability setups.

Server Name

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Internal server namenick


The server name will be displayed in some views of the client, in log files or in the server overview. Changing it will NOT have an influence on any functions.

Server URLs

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription

Web base URL

*Cannot *be changed with reload (requires restart)

web.base.url


The URL on which the web interface can be reached by the clients. This parameter is only necessary if the server fails the detection test (e.g. when using a reverse proxy or NAT) of the web interface.
(Warnung) If this parameter is used, it is also required to set the provider.url.httptunnel parameter!

Web tunnel URL

*Cannot *be changed with reload (requires restart)

provider.url.httptunnel


The URL on which PowerFolder Server is listening for HTTP tunneled connections. This parameter is required when using the web.base.url parameter.

(Fehler) Setting not yet available via web


*Cannot *be changed with reload (requires restart)

http.tunnel.service.enabledtrue
  • true
  • false
If the server side HTTP tunnel service should be available. URI: /rpc
(Fehler) Setting not yet available via webhttp.tunnel.service.restrictedtrue
  • true
  • false
Restricts HTTP tunnel

Security Settings

Folder Security

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription

(Fehler) Setting not available via web for security reasons!

security.permissions.server_admin_folder_accesstrue
  • true
  • false

Defines, if an Administrator is allowed to access all folders of a server installation.

If set to false, the Administrator will only be shown the folders, he/she has a permission to. His/her username will be shown in auto-complete fields.

Allow passing folder ownershipfolder.change_owner.allowedtrue
  • true
  • false


Controls if it is allowed to change the owner of a folder.

Enable folder admin role

security.permissions.show_folder_admintrue
  • true
  • false

Controls if the ADMIN permission on folder level should be available in the web interface and clients.

(Info) Existing permissions will be left untouched when changing the value.

Enable group admin rolesecurity.permissions.group_admin.enabledtrue
  • true
  • false

Controls if group admin role is enabled.

Version: 10 SP3

Enable folder sharingserver.invite.enabledtrue
  • true
  • false
Defines if it should be possible for users to invite other users to their folders.
Enable accepting new folder sharesfolder.agree.invitation.enabledfalse
  • true
  • false
Controls if users need to accept invitations first, before they are being added to the members list and have the folder listed under their folders.
Enable link sharingweb.public.allowedtrue
  • true
  • false

Controls if it's possible to share public links.

Allow sharing on social networkssocial.networks.enabledtrue
  • true
  • false

Controls if sharing on social networks is enabled.

Version: 10 SP3

Folder delete permissionsecurity.folder.delete.permissionADMIN
  • READ
  • READ_WRITE
  • ADMIN
  • OWNER

Defines minimum right for folder deletion.

Version: 10 SP3

File history restore permissionsecurity.folder.archive.permissionREAD_WRITE
  • READ
  • READ_WRITE
  • ADMIN
  • OWNER

Defines minimum right for restore.

Version: 10 SP3

Permission for shared folder via profilessecurity.folder.shared.permissionREAD_WRITE
  • READ
  • READ_WRITE
  • ADMIN
  • OWNER

Defines default right for folders shared via profile.

Version: 10 SP3

Highest permission for limited userssecurity.folder.limited_user.permissionREAD
  • READ
  • READ_WRITE
  • ADMIN
  • OWNER

Defines highest possible permission for limited user.

Version: 10 SP3

(Fehler) Setting not yet available via websecurity.web.csrftokens.enabledtrue
  • true
  • false

Activates the CSRF protection.

Version: 10 SP4

(Info)Starting with PowerFolder version 10 SP6 this CSRF-config-entry has been removed. By default it is now always enabled.

User Account Security

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription

Allow merging user accounts

server.merge_accounts.enabledfalse
  • true
  • false

Defines if users are allowed to merge existing accounts.

If this feature is turned on, user can add an e-mail address to their account. There are two alternative ways to do that:

  1. If this e-mail address is not yet associated with any other account, the user will receive an e-mail to confirm that he/she can access the e-mail account.
  2. If the e-mail address is already associated with anotther account, the user will be redirected to the login page, to enter the password for this account.

In the first case, the e-mail address is simply added to the list of e-mail addresses of the account.

In the second case, both existing accounts will be merged:

  • The username of the account associated with the e-mail address will become an e-mail address, if it is valid
  • All e-mails are merged
  • All licenses are merged
  • All permissions are merged
  • All groups are merged
  • All computers/devices are merged
  • All notes are merged
  • If one or both accounts are member of an organization, they are merged according to the table below

Merging account


Account to merge

Not member of an organizationMember of an organization
Not member of an organizationAccounts are merged according to the list above.Accounts are merged according to the list above. All Folder
the account to merge is owner of will be added to the merging
account's organization. All Folder the account to merge is not
owner of won't be accessible for the merging account.
Member of an organizationThe merging account will be added to the organization
of the account to merge. All Folder the merging account
is owner of, will be added to the organization. All Folder
the merging account is not owner of won't be accessible
for the merging account.
The merging account will stay a member of the organization
he/she was in before. All Folder the account to merge is owner of
will be added to the merging account's organization. All Folder
the account to merge is not owner of won't be accessible for
the merging account.
Allow password recovery for usersserver.recover.password.enabledtrue
  • true
  • false

Defines if exisiting users should be able to recover their password.

Create user accounts when sharingserver.invite.new_users.enabledtrue
  • true
  • false
Defines if existing users are allowed to invite new users, which doesn't exist in the database yet. On invitation the server will automatically create a new user account for them.
Enable group admin rolesecurity.permissions.group_admin.enabledfalse
  • true
  • false
Enabling the Group Administrator Role lets standard users create groups.
The creator of a group will be a Group Administrator and can invite users to the group.
Enable user self-registrationserver.register.enabledfalse
  • true
  • false

Defines if users can register themselves an account.

(Warnung) This option should be only enabled, if you are a Cloud Service Provider and offer trial accounts to new users.

Enable web login for usersweb.login.allowedtrue
  • true
  • false

Defines if non-admin users are allowed to login to the webinterface.

Enable auto-complete when sharingweb.invite.auto_completetrue
  • true
  • false
Controls if auto-complete using all known accounts on that server will be available when inviting someone via web. It's recommended to disable this setting when running a public cloud or when this might be forbidden due to privacy policies.
Enable auto-complete on organizations onlyweb.invite.auto_complete.org.onlyfalse
  • true
  • false
Controls if auto-complete using all known accounts on that server will be available for non-organization User when inviting someone via web. If true only User with an organization will be able to use auto-complete.
Enable Extended Securtiy Controlsecurity.permissions.strictfalse
  • true
  • false

Enables Extended Security Control for server and client. Administrators are able to restrict access to certain client functions on the user level:

  • Open / change preferences
  • Setup / remove new folders
  • Change folder settings
Restrict admin login to certain IP Address rangeslogin.admin.iplist
  • 172.16.0.0-172.16.255.255
  • 10.16.17.18-11.12.13.15,192.168.1.0-192.168.1.255

Allow administrative users to only log in with computers that have a certain IP address.

This configuration entry may contain one or more IP address ranges specified by a dash ('-') between the starting and ending IP address and separated by a comma (',').

Secure login data with tokens for

security.tokens.enabled
security.tokens.valid.time.seconds

true
2592000 

  • true
  • false

Defines if token-based authentication is enabled and the validity period of tokens.

Version: 10 SP3

Organization Security

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Allow organization admin access to folderssecurity.permissions.org_admin_folder_accesstrue
  • true
  • false


Defines, if an Administrator of an organization is allowed to access all folders of a server installation.

If set to false , the Administrator will only be shown the folders, he/she has a permission to. His/her username will be shown in auto-complete fields.

Allow organizations created by usersweb.org.create_by_userfalse
  • true
  • false
Controls if a user is allowed to create an own organization.
Maximum number of users in organizationserver.register.org.max_users

999Number between 0 and 999The maximum of users in organization created by a user. Must be less than the number of users of your license.
 (Fehler) Setting not yet available via webserver.register.org.inherittrue
  • true
  • false
If changed to server.register.org.inherit=false a new invited user is not belonging to the same organisation as the invitor

File Link Security

These settings are available in PowerFolder Server version 10.5 SP5 and 11

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Validity time default (days)file_link.validity.default
  • 0
  • 39

Set a default value of days a newly generated file link should be valid.

Remove value if no default should be specified.

Validity time maximum (days)file_link.validity.maximum
  • 0
  • 39

Set a maximum value of days that can be set for file links.

If no default value is specified, the maximum value will be taken as default.

Remove value if no maximum should be specified.

Also sets the maximum validity of Upload Forms.

Number of downloads defaultfile_link.max_downloads.default
  • 0
  • 82

Set a default value of downloads for a file link.

Remove value if no default should be specified.

Numer of downloads maximumfile_link.max_downloads.maximum
  • 0
  • 82

Set a maximum value of downloads for a file link.

If no default value is specified, the maximum value will be taken as default.

Remove value if no maximum should be specified.

Password Policyfile_link.password_policyOPTIONAL
  • OPTIONAL
  • RECOMMENDED
  • REQUIRED

Specify if a password is

  • optional (file links don't need a password set),
  • recommended (file links don't need a password but the user is asked to set one anyway, the "More options" panel is opened automatically)
  • or required (file links need a password, the "More options" panel is opened automatically)
Allow Upload Linksfile_link.allow_uploadsfalse
  • true
  • false
Allows external users to upload files in generated file links without registration. (warning) Available with version 11.4 or higher

(Fehler) Setting not yet available via web

*Cannot *be changed with reload (requires restart)

file_link.upload_mails
Valid mail addressAllows the server administrator to monitor the usage of the upload forms feature. A mail is sent to the specified mail address when a user upload any data to an upload forms. (warning) Available with version 11.4 or higher
Validation days for file upload links
file_link.validation_days
1
Sets validation days for upload links.

SMTP Settings

SMTP Server Settings

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
SMTP hostnamemail.smtp.host


Defines the hostname of the SMTP server.

(Info) It's possible to append a port number, if the SMTP server uses a port other than 25: mail.smtp.host=smtp.example.com:465

SMTP usernamemail.smtp.user


Defines the username used to authenticate against the SMTP server.
SMTP passwordmail.smtp.password

Defines the password of the username used to authenticate against the SMTP server.
Enable TLS supportmail.smtp.starttls.enablefalse
  • true
  • false

Controls if the connection to the SMTP server should use TLS.

Enable Microsoft Exchange supportmail.smtp.exchangefalse
  • true
  • false
Defines if the mail server is a Microsoft Exchange server.

SMTP Headers

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Admin emailmail.admin.email


Defines the email address of the administrator for server notifications.

From emailmail.defaultfrom.email


Defines which email address should be used in the From header in emails sent to users.
From namemail.defaultfrom.name

Defines which name should be used in the From header in emails sent to users.
Reply-to emailmail.defaultreplyto.email

Defines which email address should be used in the Reply-to header in emails sent to users.

Reply-to namemail.defaultreplyto.name

Defines which name should be used in the Reply-to header in emails sent to users.

Mail Settings

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Send introduction mail to new usersmail.send.registrationtrue
  • true
  • false


Controls if users should get a welcome mail when a new user account is registered. It's possible to disable sending welcome registration mails.

Web Settings

Appearance

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Browser titleweb.title


Sets the browser title which will be displayed on on the PowerFolder Server web interface.

Select skinplugin.webinterface.skin


The drop-down will offer a list of skins found in the skins folder.
Create skin


When filled and saved, a new sub-directory with the given will be created in the skins folder, which will contain a copy of the default skin.
Primary colorweb.color.primary

Sets the primary color used in the web interface.

Secondary colorweb.color.secondary

Sets the secondary color used in the web interface.
Button text colorweb.color.background

Sets the button text color used in the web interface.
Border colorweb.color.border

Sets the border color used in the web interface.
Text colorweb.color.text

Sets the text color used in the web interface.

Version of the Terms of Service


Allow LDAP accounts to skip Terms Of Service

server.tos.version


server.tos.skip.ldap



false

Number


true

Terms of service

Version: 10 SP3

When set to true, accounts authenticated by LDAP are not required to accept the Terms Of Service.

Version: 10.4.273

Features

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Enable Client Downloadweb.download_app.enabledtrue
  • true
  • false

Controls if it's possible to download the clients on the web interface.

Enable Music Playerweb.musicplayer.enabledtrue
  • true
  • false
Controls if the music player will be available when browsing folders.
Enable Newsweb.news.enabledtrue
  • true
  • false
Controls if the web interface should offer a News tab to show recently changed folder content.
Enable Picture Galleryweb.gallery.enabledtrue
  • true
  • false

Controls if the gallery view will be available when browsing folders.

Enable Telephone Fieldsweb.telephone.enabled true
  • true
  • false
Controls if users are allowed to enter their telephone number. 
Enable WebDAVweb.dav.enabled true
  • true
  • false
Controls if it's possible for users to access their folders via WebDAV. 
Enable ZIP compressionweb.zip.compression true
  • true
  • false 
Controls if HTTP ZIP compression is activated. It might be useful to disable if a proxy is used which already compresses HTTP elements. 

(Fehler) Setting not yet available via web

*Cannot *be changed with reload (requires restart)

file_link.upload_landing_pagefalse
  • true
  • false

Activates the Upload Forms Feature. It enables the possibility for the user to create a landing page for a folder where user can upload files.

(warning) Available with version 11.4 or higher

Document Viewing

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
Enable external document viewersweb.inline_viewfalse
  • true
  • false

Controls if certain filetypes will be displayed inline by an external document viewer, which can be either Google Docs or Microsoft Office Documents Online Viewer. Which of those providers will be used depends on the file extension:

(Info) Please note that this function will make the viewed document temporarily available to the providers of those two services.

Browser extensionsweb.inline_view.in_browser.extensionspdf|txt

Pipe-separated list of extensions

Controls which extensions should be handled by the browser instead of the external document viewers.
Google Docs APIweb.inline_view.googlehttp://docs.google.com/viewer?url=%URL%&embedded=true
Sets the URL to the Google Docs Document Viewer API.
Google Docs extensionsweb.inline_view.google.extensionspages|ai|psd|tif|tiff|eps|ps|svgPipe-separated list of extensions

Controls which extensions will be displayed inline by the Google Docus Document Viewer.

Microsoft Office APIweb.inline_view.ms_officehttps://view.officeapps.live.com/op/embed.aspx?src=%URL%
Sets the URL to the Microsoft Office Document Viewer API.  
Microsoft Office extensionsweb.inline_view.ms_office.extensions doc|docx|xls|xlsx|ppt|pptxPipe-separated list of extensions Controls which extensions will displayed inline by the Microsoft Office Document Viewer. 
Enable gallery viewerweb.inline_view.gallery true
  • true
  • false
Controls if pictures should be displayed in the gallery view or if they should be downloaded. 
ONLYOFFICE URLweb.inline_view.onlyoffice.urlhttps://docapi.powerfolder.com
URL to OnlyOffice server
ONLYOFFICE Extensionsweb.inline_view.onlyoffice.extensionspptx|xlsx|ppt|doc|odp|odt|xls|docx|odsPipe-separated list of extensionsExtensions to open with OnlyOffice
ONLYOFFICE Session Timeout (sec)web.inline_view.onlyoffice.session.timeout.seconds30 Every value > 0Timeout for OnlyOffice sessions

(Fehler) Setting not yet available via web

*Cannot *be changed with reload (requires restart)

web.inline_view.browser.whitelisttxt|png|jpg|jpeg|gif|pdfEvery File extensions that is save to open in web.Controlls if a file can get opened in web by adding ?inline to the URI. Prevents users to share malware via html for example and send a link that opens directly in browser.

Web Server configuration

(available with v. 11.6.708 and above)

(warning) (Please read the following article for more information: https://www.eclipse.org/jetty/documentation/9.3.x/high-load.html )

Web SettingConfig File ParameterConfig File Default ValueConfig File Possible ValuesDescription
n/aweb.threadpool.min0e.g. 50Web worker threadpool minimum size
n/aweb.threadpool.max254e.g. 500

Web worker threadpool maximum size
Thread Pool

Configure with goal of limiting memory usage maximum available. Typically this is >50 and <500

n/aweb.acceptors2e.g. 8

Number of acceptors and selectors:
Acceptors

The standard rule of thumb for the number of Accepters to configure is one per CPU on a given machine.

txt|png|jpg|jpeg|gif

  • Keine Stichwörter