Summary

 

Below are a host of registry settings that can be used to customize Cloud Drive Mapper 


All keys are Reg_SZ and should be place in one of the following locations dependent on the key

  • HKCU\Software\IAM Cloud\CloudDriveMapper
  • HKLM\Software\IAM Cloud\CloudDriveMapper


  •  ADAttribute = mail / UserPrincipalName 
    • Used in cases where the user logon isn’t the same as the O365 UPN which CDM uses to auth.

       ( Used in conjunction with CredentialCacheOverride = true )
    • Location ( HKCU )
  • CredentialCacheOverride = true
    • ( Used in conjunction with ADAtrribute )
    • Location ( HKCU )
  • Domainoverride = emaildomain.com
    • Used when the O365 email domain is different to what the user logs in with. Also allows user to enter only the pre-fix (mail alias) and will auto append the value of the key
    • Location ( HKCU )
  • UserAgentOverride = Mozilla/5.0 (Windows NT 6.2; Trident/7.0)
    • By default CDM thinks it's using IE11

    • Location ( HKCU )

  • Verbose = true
    • Used for advanced event logging, best used in conjunction with WriteLogToFile
    • Location ( HKCU )
  • WriteLogToFile = <your-path>\cdmlog.txt
    • Outputs a logfile to the path above, best used with Verbose ( NB: whilst enabled CDM will continue to log )
    • Location ( HKCU 
  • WritePerformanceLogs = true
    • This can be used to write to a text file many more logs to isolate and find performance areas of improvement. 
    • This should not be used in production but must be used in conjunction with WriteLogToFile and the verbose key to true. 
    • It is recommended to have WriteLogToEventLog set to false too
    • Location ( HKCU )
  • WriteLogToEventLog = false

    • True by default. Setting as false stops CDM from producing large numbers of event logs.
    • Location ( HKCU )
  • MultipleInstanceOverride = true
    • Used to allow multiple instances of CDM app to run, used primarily on RDP servers
    • Location ( HKLM )
  • AdfsHRD  ( V1.7.2.0 onwards )

    • Please note though:

      If you are wanting to automatically sign into the default AD Authority, you must run the following powershell:

      (get-adfsproperties).Identifier.OriginalString and configure the AdfsHRD key in the registry to that


      If you would like to use a different Claim Provider that is not the default AD Authority then you must use the identifier for that claim provider.


      Eg:-    http://adfs.yourname.org/adfs/services/trust

    • Location ( HKCU )

  • UseADAL = true ( Retired v2.2.3.18 onwards )
    • Can be used in either HKCU or HKLM

      Allows client to choose ADAL, required for alternative IDP / MFA / AAD

      Although can still read the username from cred manager it will NOT use the pwd stored.
  • DisableSSO = true
    • If set to true (V2.1.8.3 onwards) will NOT store creds in cred manager or pwd file. Stops CDM from trying to auth via SSO when ADFS is present but SSO has been disabled.
    • Location ( HKCU )
  • SilentAuthTimeout  = integer ( eg 20 ) - default value = 12secs
    • Increases time before CDM shows logon ( web window ) , increase this time depending on how long SSO auth takes.
    • Environments without SSO set this as 1
    • Location ( HKCU )
  • AzureEnvironment - ( Default = 0 )
    • Production = 0
    • PPE = 1
    • China = 2
    • Germany = 3
    • USGovernment = 4
    • Not normally used except the following :- 2/3/4 ( if no key exists CDM will default to "0" )
    • Changes logon endpoint within CDM app to suit the environments below, it also changes the graph api call.
    • Location ( HKCU )
  • DisableCredentialSave = true
    • Stops anything going to cred manager ( even username ) in a NON SSO env this will prompt for full creds when token expires
    • Location ( HKCU )
  • PreClear Keys
    • PreClearDown( retired v2.7.3.x )
      • Used on CDM start-up to clear down both auth .dat files and cache files from the users appdata profile path ( normally %localappdata% )
    • PreAuthClearDown  ( New v2.7.3.x )
      • Used on CDM start-up to clear down secure auth files used by CDM, found in users appdata profile path ( normally %localappdata% ) - recommended in SSO environments
    • PreCacheClearDown  ( New v2.7.3.x )
      •  Used on CDM start-up to clear down CDM cache files found in users appdata profile path ( normally %localappdata% ) - used only when folder view appears incorrect / incomplete not recommended for permanent use as this will extend the users logon  / mapping time whilst cache is rebuilt. ( Cache is designed to speed-up mapping each session )




Below are some further explanations for the keys above


Domainoverride 


If the user’s email is not what they enter when logging into office 365 or samaccountname is used when logging into the client use this scenario. 


Cloud Drive Mapper uses Microsoft’s HRD to determine where to authenticate the user. This process does not support samaccountname so with this key populated it will append ‘@‘ to the end of what the user enters during login. If the user does enter an ‘@’ symbol then it will replace everything after the @ with the value from this key. For example - if the key is populated with “mytestdomain.com” and the user enters “testuser” during login then it will automatically make it “testuser@mytestdomain.com”. If the user enters “testuser@myseconddomain.com” the it will make it “testuser@mytestdomain.com”.

A registry key has been made available which will allow you to always overwrite or append a domain name to what the user enters. This scenario is applicable when the user’s email is not what they enter when logging into office 365 or when using samaccountname only when logging into the client.