#119918 - 2004-05-20 11:51 PM
GRC.DAT Norton
|
Butter
Lurker
Registered: 2004-05-20
Posts: 1
|
Very new to Kix and wondering if someone could look over this simple script to see if I am heading in the right direction. Some of the variables are pre-determined by our scripting solution (ScriptLogic)
;**** Created with KiXscripts Editor | http://KiXscripts.com ****
;**** Last Modified on 5/20/2004 at 10:43:39 AM by pbarcla ****
;
Dim $GRCDataFile, $XPPath, $2000Path, $NTPath, $W95Path
;
;
$XPPath='c:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5'
$2000Path='c:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5'
$NTPath='c:\WinNT\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5'
$W95Path='c:\Program Files\Symantec_Client_Security\Symantec AntiVirus'
;
;
$GRCDataFile='\\%logonserver%\vphome\GRC.DAT'
; Location of GRC.DAT file for Norton
; %logonserver% = Domain Controller
;
;
; **************************************************************************************
; * Norton Script for pushing GRC.DAT files *
; ******************* Do not modify code below this line *******************************
;
;
If @INWIN=1 ; NT-family clients only
If $ConnType='LAN' AND $NTtype<>'Server'
Select
Case $OS='XP'
Copy $GRCDataFile $XPPath /y /h
Case $OS='2000'
Copy $GRCDataFile $2000Path /y /h
Case $OS='NT'
Copy $GRCDataFile $NTPath /y /h
EndSelect
EndIf
EndIf
If $OS='95'
Copy $GRCDataFile $W95Path /y /h
EndIf
Return
Thanks for your help...
Paul
|
|
Top
|
|
|
|
#119921 - 2004-05-21 12:57 AM
Re: GRC.DAT Norton
|
NTDOC
Administrator
Registered: 2000-07-28
Posts: 11631
Loc: CA
|
Hello Butter and welcome to the board.
In general you should never hard code any paths unless you have no other way to get around it.
I would not recommend setting up Symantec NAV Servers on Domain Controllers, but hey if you're strapped for cash or resources I guess you have to do what you can.
Here is an example script that should allow you to copy the correct GRC to the correct client type regardless of the version being 7.x, 8.x, 9.x however the script ( DOES NOT SUPPORT Windows 9x )
You can review this code and modify for Windows 9x or see what is going on and modify your code to something similar.
Also note that users MUST have local admin rights in order to copy the GRC.DAT file with this method during logon, or you would need to modify the ACL on that folder to allow non Admins to copy files there which is a much more difficult task.
This script can also function as an Admin script to allow you to select a remote client and push a GRC.DAT file to them.
Code:
Break On
Dim $SO
$SO=SetOption('Explicit','On')
$SO=SetOption('NoVarsInStrings','On')
SetNAVParent()
Function SetNAVParent(optional $System)
Dim $_,$Remote,$AVKey,$HKLMSMWCV,$ReadClientType,$NavParent,$CP,$SP,$OSVer,$CommonAppData,$WinDir,$DestPath
Dim $ClientParent,$DomainCheck,$HKLMSMWNTCV,$Server,$Source
If $System <> ""
$Remote = $System
$Remote = Join(Split($Remote, '\'), '', 3)
$Remote = IIf($Remote <> '', '\\' + $Remote + '\', $Remote)
Else
$Remote = ""
EndIf
$HKLMSMWCV = 'HKLM\Software\Microsoft\Windows\CurrentVersion'
$HKLMSMWNTCV = 'HKLM\Software\Microsoft\Windows NT\CurrentVersion'
$AVKey = 'HKLM\SOFTWARE\Intel\LANDesk\VirusProtect6\CurrentVersion'
$CommonAppData = ReadValue($Remote+$HKLMSMWCV + '\Explorer\Shell Folders','Common AppData')
$ReadClientType = ReadValue($Remote+$AVKey,'ClientType')
If $ReadClientType = 4 Exit 10 EndIf
$NavParent = ReadValue($Remote + $AVKey,'Parent')
$OSVer = ReadValue($Remote + $HKLMSMWNTCV, 'CurrentVersion')
$WinDir = ReadValue($Remote + $HKLMSMWNTCV,'SystemRoot')
$DomainCheck = ReadValue($Remote + $HKLMSMWNTCV + '\Winlogon','DefaultDomainName')
$Server = ReadValue($Remote + 'HKLM\SYSTEM\CurrentControlSet\Control\ProductOptions', 'ProductType')
If $Server<>'WinNT'
$CP = 'name of Nav Parent for Servers'
Else
Select
Case $DomainCheck = 'DOMAIN1'
$CP = 'name of Nav Parent for Clients in DOMAIN1'
Case $DomainCheck = 'DOMAIN2'
$CP = 'name of Nav Parent for Clients in DOMAIN2'
Case $DomainCheck = 'DOMAIN3'
$CP = 'name of Nav Parent for Clients in DOMAIN3'
Case 1
$CP = 'name of Nav Parent for Clients in DOMAINx'
EndSelect
EndIf
If InStr($Remote,'\\')
$CommonAppData = $Remote+SubStr($WinDir,1,1)+ '$' + Right($CommonAppData,-2)
$WinDir = $Remote+SubStr($WinDir,1,1)+ '$' + Right($WinDir,-2)
EndIf
If $OSVer = '4.0'
$DestPath = $WinDir+'\Profiles\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5'
Else
$DestPath = $CommonAppData+'\Symantec\Norton AntiVirus Corporate Edition\7.5'
EndIf
Select
Case $ReadClientType = 1 $ClientParent = $CP
Case $ReadClientType = 2 $ClientParent = $CP
Case $ReadClientType = 4 Exit 10
EndSelect
$Source = '\\' + $CP + '\VPHOME\GRC.DAT'
Copy $Source $DestPath
EndFunction
The following keys control the Client vs Server relationship
HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\ClientType
1 = Connected Client
2 = Stand-alone Client
4 = Server
If it is a Server, then look under the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion\Parent
If it is blank, then it is a Primary Server
|
|
Top
|
|
|
|
|
#119922 - 2004-05-21 01:01 AM
Re: GRC.DAT Norton
|
ShaneEP
MM club member
Registered: 2002-11-29
Posts: 2127
Loc: Tulsa, OK
|
Quote:
We call them backslashes or hacks
Yea we usually call them whacks (whack whack servername whack...). But I meant front slashes as in the two in the front of the line. Not as in forward slash or back slash.
|
|
Top
|
|
|
|
|
#119924 - 2004-05-21 01:11 AM
Re: GRC.DAT Norton
|
NTDOC
Administrator
Registered: 2000-07-28
Posts: 11631
Loc: CA
|
Not to drive TOO far off topic (since we have answered the question already)
WHACK THIS
|
|
Top
|
|
|
|
#119925 - 2004-05-21 08:23 AM
Re: GRC.DAT Norton
|
ShaneEP
MM club member
Registered: 2002-11-29
Posts: 2127
Loc: Tulsa, OK
|
whack...slash....whatever. Sounds like some kind of horror movie now... 
|
|
Top
|
|
|
|
|
#119927 - 2004-05-24 01:46 PM
Re: GRC.DAT Norton
|
The Chef
Fresh Scripter
Registered: 2003-01-08
Posts: 23
Loc: New Jersey
|
Here's another version for using Active Directory and multiple Norton Servers. If you want to re-arrange which clients are managed under which servers by their location in Active Directory, then modify the Select case for organization and server. This should be compatible with NT, 2k, and XP, and Norton 7.03+. It will also log Norton versions across the enterprise by creating null textfiles in a directory structure you specify. Visit the listing at Chef Tech. Tweak before using..
Code:
;===================================
;**** Created with KiXscripts Editor | http://KiXscripts.com ****
;**** Last Modified on 5/19/2004 at 5:08:51 PM by Benjamin Coddington ****
;===================================
;========================NAV=====================================
; This will check for appropriate versions of norton AV and list for me
; everyone on base that does not have the right versions of Norton Installed.
; ~~ 2 June 2002, added additional logging for computers by naming convention.
; -- 7 July 2002, added conversion by AD OU.
Break on
SetConsole("show")
$NavDate = "030225"
$AppDataPath = ReadValue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders","Common AppData")
$SymantecPath = "\Symantec\Norton AntiVirus Corporate Edition\7.5"
$SysType = "Unknown"
$Logged = 0
$KeyThere = Exist($AppDataPath + $SymantecPath + "\" + $NavDate + ".dte")
$Managed = ReadValue("HKEY_LOCAL_MACHINE\SOFTWARE\INTEL\LANDesk\VirusProtect6\CurrentVersion", "RemoteHomeDirectory")
$Domain = ReadValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters","Domain")
Select
Case $Domain <> "org.domain.com"
? "You are not on the domain!!"
Exit
Case $KeyThere AND $Managed
? "This computer has been converted."
Open(2,"\\MainServer\navlog\Converted\" + @HOSTNAME, 1)
Close(2)
Exit
EndSelect
If @INWIN = 1
$SysType = ReadValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions","ProductType")
If $SysType = "LanmanNT" OR $SysType = "ServerNT"
$SysType = "Server"
Exit
EndIf
EndIf
If KeyExist("HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\InstalledApps")
$NPath = ReadValue("HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\InstalledApps","NAVNT")
$NVer = GetFileVersion ($NPath + "\vpc32.exe")
$Norton = 1
$NVer4 = SubStr("$NVer",1,4)
Else
$Norton = 0
$NVer4 = 0
EndIf
If $NVer4 < "7.03" ; <- check for NAV 7.03 and if not, display msg
MessageBox (" ***NOTICE***" + Chr(10) + Chr(10) +
"Your Norton Antivirus Program needs to be upgraded to at least Version 7.03!" + Chr(10) +
" Contact your Workgroup Admin to install Norton 7.03" + Chr(10) +
" Your workstation and username will be logged."," AntiVirus Status",4112,0)
Open(1,"\\MainServer\navlog\UncompliantVersions\" + @HOSTNAME + " User=" + @USERID + " Nver=" + $NVer4, 1)
Close(1)
$Logged = "true"
;After grace period activate these next 2 lines
;LOGOFF(1)
;EXIT
EndIf
;Start grc.dat filecopy for users with a compliant version of Norton
If NOT $Logged AND NOT $KeyThere
$ComputerName = ReadValue("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName","ComputerName")
$LDAPpath = GetLDAPpath($ComputerName)
Select
Case InStr($LDAPpath,"Org_A")
$ParentServer = "Server_A"
Case InStr($LDAPpath,"Org_B")
$ParentServer = "Server_B"
Case InStr($LDAPpath,"Org_C")
$ParentServer = "Server_C"
Case InStr($LDAPpath,"Org_D")
$ParentServer = "Server_D"
Case InStr($LDAPpath,"Org_E")
$ParentServer = "Server_E"
Case InStr($LDAPpath,"Org_F")
$ParentServer = "Server_F"
Case 1
$ParentServer = "MainServer"
EndSelect
Select
Case $NVer4 >= "7.10"
Copy "\\$ParentServer\VPLOGON\grc.dat" $AppDataPath + $SymantecPath + "\grc.dat"
$Errortext = @SERROR
Case $NVer4 < "7.10"
$ProgramPath = ReadValue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion","ProgramFilesDir")
If Exist($ProgramPath)
Copy "\\$ParentServer\VPLOGON\grc.dat" $ProgramPath + "\NAVNT\grc.dat"
Else
Copy "\\$ParentServer\VPLOGON\grc.dat" "C:\Program Files\NAVNT\grc.dat"
EndIf
$Errortext = @SERROR
Case 1
$Errortext = "The script cannot determine grc.dat file copy location."
EndSelect
If $ErrorText = "The operation completed successfully."
Del $AppDataPath + $SymantecPath + "\*.dte"
Open(1,$AppDataPath + $SymantecPath + "\" + $NavDate + ".dte",1)
Close(1)
Open(2,"\\MainServer\navlog\" + $ParentServer + "\Managed\" + @HOSTNAME, 1)
Close(2)
$Logged = "true"
Else
Open(1,"\\MainServer\navlog\" + $ParentServer + "\Errors\" + @HOSTNAME + ".txt", 5)
WriteLine(1,"User=" + @USERID + " Nver=" + $NVer4 + " " + $Errortext + ", The Copy path is " + $ProgramPath + "for 7.03 clients and " + $AppDataPath + $SymantecPath + " for 7.6x clients" + Chr(13) + Chr(10))
WriteLine(1,@DAte + " " + @Time + Chr(13) + Chr(10) + Chr(13) + Chr(10))
Close(1)
$Logged = "true"
EndIf
EndIf
;=============================================================================
Function GetLDAPpath($ComputerName)
;Returns the full LDAP path of a computer object on the org.domain.com domain
If NOT $NTO
$NTO = CreateObject("NameTranslate")
EndIf
$NTO.Init (1,"org.domain.com")
$NTO.Set (3,"ORG-Domain\"+ $ComputerName + "$")
$LDAPname = $NTO.Get (1)
$GetLDAPpath = $LDAPname
EndFunction
|
|
Top
|
|
|
|
Moderator: Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart
|
0 registered
and 837 anonymous users online.
|
|
|
