Tokens- user reinstalls ts3

[djnoob]

So my understanding about tokens and unqie id's is this

1) When a user installs TS, the client generates a unique id to go with that install.

2) Server admins create tokens with the set permission levels for each user.

3) When a user uses the token, the token is then attached to that unique id and can't be used again.


So brings me to a couple of different scenarios

1) what if a user re-installs TS3? (like they are doing a OS reinstall)

2) What if a user wants to join the server on lets say... a cyber cafe machine, or someone elses computer, or be able to log in on multiple computers?

I really hope that I don't A) have to get permissions again from every server I log into if I decide to reformat and B) as a server admin, I really hope that I don't have to be re-giving out permissions every time someone does a re-install.

I just don't see the point in this whole token thing in the first place. About the only benefit I see is that as I get my clan moved over from TS2 I can hand out tokens so users can get their permissions even if I'm not around. Other than that benefit I see not point. A simple username/password would have worked just fine. The only thing I saw wrong with the old system was that the user had no way to retrieve thier password so if they did a reinstall and forgot their password, I'd have to go in and reset it for them. That was a pain. So far, this token system doesn't seem much better.

Please, someone help me see the light on this whole thing.

[Birdie]

If you do not want to request a new token on each installation, you have to save your identity by using Settings -> Identities -> Export Identity and to re-import it on any pc that you want to use.

[Polli]

Go to Settings->Identity and then klick Export. An .ini-file will be created that can move to a second PC or to rebuild the Identity after reinstall. You can import it on an other machine or after reinstall.

EDIT: Birdie was a little bit faster

[djnoob]

Thanks for the response guys.

What's funny is that with TS2 I would always stress to guys to make sure they used a username and password they would remember so that I wouldn't have to go in and change their password should they reinstall and forget it. Well it used to happen all the time.

Now I'm expecting them to remember to export their identity before they reinstall. Hmm, that doesn't seem like much of an improvement here. I'd love for one fo the devs to explain why they went with a token system instead of just creating some way for users to simply recover their own username and password.

[Arterio]

What would be nice is if they incorporated passwords with UniqueID's, so that way if you lost your identity, or were using a machine elsewhere, you could recover your identity with the server by using your password.

I'm having problems with members in the clan I'm part of either logging in from multiple machines and generating multiple id's, and not getting the permissions their supposed to. Or they've uninstalled TS3 repeatedly, and deleted their identity. One of the members actually has 5 records in the database already, and they've only been on our TS server for 3 days!

What's going to happen with this system is the database is going to become bloated with useless client records because clients haven't backed up their ID's, or transported their ID's to the other machines they're going to use.

Seems like for the clients, it's easy... no password / username to remember, but for the server admin's it's a nightmare. Clients will constantly be losing privileges, and then they have to do through the effort of removing old records from the DB, and re-assigning clients to server groups. Trying to keep up with that on my server is almost a full time job, and I only have about 40 clients connecting.

The username / password system was much better in this respect. I can see the benefit to the unique_id system, and token system, but the plain fact is that the clients cannot recover their identity if they were to lose it / not have it on them.

As a temporary solution to this, I've created an Admin Storage channel. It's a passworded channel, with very tight permissions so only ServerQuery Admin's can get into it. I have given the channel a "needed_upload" of 50 to match the members of my clan's group permission. As they join the server for the first time, I try to catch them, and have them export their ID file and upload it to this storage channel. The permission on the channel only allows for uploading, not downloading. This way all their ID's are stored on the server. If they ever lose it, myself, or one of the other server admin's can download the file and give it to them, so they get their identity back. I guess you could call it a manual identity recovery system. But until something better comes along this will have to do.

[KiLLers NL]

As a temporary solution to this, I've created an Admin Storage channel. It's a passworded channel, with very tight permissions so only ServerQuery Admin's can get into it. I have given the channel a "needed_upload" of 50 to match the members of my clan's group permission. As they join the server for the first time, I try to catch them, and have them export their ID file and upload it to this storage channel. The permission on the channel only allows for uploading, not downloading. This way all their ID's are stored on the server. If they ever lose it, myself, or one of the other server admin's can download the file and give it to them, so they get their identity back. I guess you could call it a manual identity recovery system. But until something better comes along this will have to do.

This is a very good idea, an in my eyes even a permanent fix. This is only a bit trouble some the first time, as soon as you give them rights. Yet it will only continue for new users :P As for old users losing their identity, if you put a good tutorial on your forums with how to export an identity then you can even put a penalty on retrieving the identity from the ts3 server. So you are not bothered with it to much.

[jwevrsn]

Is an issue for us too.

To the point of annoying-ness where I've told them I'm re-setting up TS3 on Monday and if they connect with Multiple IDs again I'll just ban them until they can learn to use one.

[KiLLers NL]

you can also delete unused users :P

[djnoob]

Initially I thought Arterio's idea was a good one but I see some flaws in it.

1) If I'm not mistaken, the user identity not only captures the users permissions but it also has all the settings, contacts, etc in it. This way when you import your identity back you don't have to do anything. So if a user imports their identity and then lets say does a reinstall 6 months later, that original identity that the user saved is likely to be missing some information. Depending upon updates, that identity might not even work.

2) If the admin has to retrieve the identity then really, that's about the same amount of effort that it would be simply get the person in the server, drag and drop the person into the correct permission group (or just create another token for them) and simply delete the old identity in the db.

I think in general, the overall feeling is this whole token thing really isn't much of a help and that having some sort of recovery system would have been a better option.

I would still love the hear from the devs regarding the rational behind using unique ids/tokens.

[LucidAzores]

I have been testing, and the only thing that it export is the username...
But if you have any token that you wanna keep using when switch computer, just copy the folder config that is in C:\Program Files\TeamSpeak 3 Client\config
and paste in your new computer C:\Program Files\TeamSpeak 3 Client\config
and you will have the tokens

[tazman911]

I have been testing, and the only thing that it export is the username...
But if you have any token that you wanna keep using when switch computer, just copy the folder config that is in C:\Program Files\TeamSpeak 3 Client\config
and paste in your new computer C:\Program Files\TeamSpeak 3 Client\config
and you will have the tokens

I have used a SA token given by my provider, but I do not have such a folder in C:\Program Files\TeamsSpeak 2 Client. So what would someone in my case do if all the exporting does is the username and user id. You can only use an SA token once.

[Harry.Fox]

Hi,

as far as I understand the system, a token is used by a user to put themself into the servergroup or channelgroup the token was made for. Then the token is not longer needed and it makes no difference, wether a client was added to a group by a serveradmin or by using a token.
Further all rights and groupmemberships are stored in the database of the TS3-Server and not in the clients.
Therefor it is not nessesary/possible to export the permissions from the client-side. If you reinstall the client and import your identity, the server knows what you are (not) allowed to do. Otherwise the exportfile has to contain the hole permissionset of any server you ever connected and it would be easy to get permissions by export the identity to a file, manipulate the file an re-import it.

To solve the problem that users may lose id's or use multiple mashines I tell my users to export there identity and send the file themself as a PM in our forum. Doing this they can access the file from every internet-pc and noone else can do it. Important is to tell them that they must delete the identity after using a public workstation.
Perhaps this is a solution for some of you too.