|
|
|||||||
Hi everyone. I've been trying for a couple of days to figure this one out and I'm stumped. I want to run BMC Track-It's audit.exe with the /Q parameter if a user logs into a desktop or laptop computer. I do not want it to run if they log into a terminal server. Right now this is not working, it runs no matter what they log into. So far I've used this: Code: ; - check if logon to Wintendo or WinNT ; @InWin - 1 = Windows NT; 2 = Windows 9x ; - check if logon to Server or Workstation ; PRODUCTTYPE - WinNT = Workstation, ServerNT = Member Server, LanmanNT = Domain Controller ; IF @InWin = 1 ;Not Wintendo $PRODUCTTYPE = READVALUE("HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\PRODUCTOPTIONS","PRODUCTTYPE") ; if not Workstation, just exit without notice if $PRODUCTTYPE <> "WinNT" Exit 1 ENDIF ENDIF which I got from Citrix and/or Terminal Server Client Collection If I log into a PC it works as it should, meaning that the audit occurs. If I log into a server, however, the server ends up being audited and that is not what I want. For testing I'm using 2 scripts. The first is a batch file that is placed in the logon script field of the Profile tab in the test user's Active Directory (AD) object. That script is named tiaudit.bat and it runs these commands: Code: ************************************************************************************* if not exist %systemroot%\system32\kix32.exe copy \\Netfiles5\update$\utils\kix32.exe %systemroot%\system32\kix32.exe >nul if not exist %systemroot%\system32\wkix32.exe copy \\Netfiles5\update$\utils\wkix32.exe %systemroot%\system32\wkix32.exe >nul %systemroot%\system32\kix32.exe \\woodruffcenter.org\NETLOGON\tiaudit.kix ************************************************************************************* The tiaudit.kix script looks like this: Code: ************************************************************************************* IF @InWin = 1 ;Not Wintendo $PRODUCTTYPE = READVALUE("HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\PRODUCTOPTIONS","PRODUCTTYPE") ; if not Workstation, just exit without notice if $PRODUCTTYPE <> "WinNT" Exit 1 ENDIF ENDIF run "\\servername\sharename\audit.exe /Q" ************************************************************************************* What am I missing or doing wrong? I can't figure this out... 8( |
||||||||
|
|
|||||||
I use Code: ; Con=Direct Console, RDP=Terminal Server, or ICA=Citrix $ConnType = Left(%SESSIONNAME%, 3) Glenn PS - use CODE tags!! |
||||||||
|
|
|||||||
Pretty much the same code as what Glenn posted, but in a UDF. SessionType() - http://www.kixtart.org/forums/ubbthreads.php?ubb=showflat&Number=195471 How to use UDFs - http://www.kixtart.org/forums/ubbthreads.php?ubb=showflat&Number=81943#Post81943 The rest of the UDFs are here - http://www.kixtart.org/forums/ubbthreads.php?ubb=postlist&Board=7&page=1 |
||||||||
|
|
|||||||
Thank you both for the information. I'll give it a try and report back. |
||||||||
|
|
|||||||
Glenn, would you mind explaining how your 2 lines of code work? What they actually do? I'm having a hard time understanding it. Should it work if I just put this in my tiaudit.kix script: ; Con=Direct Console, RDP=Terminal Server, or ICA=Citrix $ConnType = Left(%SESSIONNAME%, 3) run "\\helpdesk\TrackIt8\audit.exe /Q" I don't understand how the Con code ends up being the determining factor in deciding whether or not the run command below it is executed. That's where I'm lost. Sorry for the confusion. I'm not a coder... 8) |
||||||||
|
|
|||||||
Glenn, I just took a look at this: http://www.kixtart.org/forums/ubbthreads.php?ubb=showflat&Number=195460 which is what, I believe, Allan referenced in his post as it was the post at the link above that caused him to create the UDF "stuff" for everyone's use. The real problem is that I'd say this stuff is above me. I don't understand it. Here's a snippet from your post in the link above: Code: ; Determine login type - direct, Terminal Server, or Citrix ; Con=Direct Console, RDP=Terminal Server, or ICA=Citrix $ConnType = Left(%SESSIONNAME%, 3) ; Get list of connection types allowed to run login scripts $Tag = ReadProfileString($INIFILE, 'COMMON', 'ConnType') ; If Connection Type Allow list is defined, current ConnType must be in list If $Tag ; defined If Not InStr($Tag, $ConnType) ; if not in list DbgMsg('Invalid connection type - exiting.') Exit 0 ; exit script EndIf EndIf I just can't grasp what this is doing, not entirely anyway. I don't know what in this needs to be changed for my own environment, assuming something needs to be changed/added. Sorry for the confusion and lack of knowledge in this area. Any help you can offer would be great. |
||||||||
|
|
|||||||
You don't change UDFs, that's the beauty of them. Make sure to read the second link I provided "How to use UDFs". Basically it should come down to a if statement... Code: If SessionType="RDP" ;Do RDP Stuff Endif ;Copy UDF at bottom of your script or if using Glenn's example Code: ; Con=Direct Console, RDP=Terminal Server, or ICA=Citrix $ConnType = Left(%SESSIONNAME%, 3) if $ConnType="RDP" ;do RDP Stuff endif |
||||||||
|
|
|||||||
Allen, thanks for some more information. Here's what I have in my current test script: Code: If SessionType="RDP" ;Do RDP Stuff Endif run "\\helpdesk\TrackIt8\audit.exe /Q" Function SessionType() Dim $sessionname, $session $sessionname = ExpandEnvironmentVars(%sessionname%) $session = Left($sessionname, 3) Select Case $Session = "Con" $sessiontype = "Console session" Case $session = "RDP" $sessiontype = "Remote desktop session" Case $session = "ICA" $sessiontype = "Citrix ICA session" Case 1 $sessiontype = "Unknown session type" EndSelect EndFunction Is there something I need to add/edit in order for this to work properly? As it is now the audit.exe runs no matter what I log into. I don't doubt there's something missing, but since I'm not a coder or much of a script writer I don't know what to put where. EDIT: I guess what I need to know is how do I tell the kix script not to execute the line that runs audit.exe EDIT: I just changed the first part of the script to the following: Code: If SessionType="RDP" Exit Endif I was hoping it would exit the script and not execute the line that runs the audit.exe file, but it didn't work. I thought for sure that would do it... |
||||||||
|
|
|||||||
Try Code: If SessionType="RDP" Exit 0 Endif Or possibly Code: if SessionType="Con" ;add your code here endif |
||||||||
|
|
|||||||
Okay Allen, this is weird. If I use the following it doesn't run on a local PC or a RDP session into a server: Code: If SessionType="Con" run "\\helpdesk\TrackIt8\audit.exe /Q" Endif Function SessionType() Dim $sessionname, $session $sessionname = ExpandEnvironmentVars(%sessionname%) $session = Left($sessionname, 3) Select Case $Session = "Con" $sessiontype = "Console session" Case $session = "RDP" $sessiontype = "Remote desktop session" Case $session = "ICA" $sessiontype = "Citrix ICA session" Case 1 $sessiontype = "Unknown session type" EndSelect EndFunction If I use the following code, slightly changed from the code above, it runs when I log into a local PC and when I log into a server via RDP. Code: If SessionType="RDP" Exit 0 Endif run "\\helpdesk\TrackIt8\audit.exe /Q" Function SessionType() Dim $sessionname, $session $sessionname = ExpandEnvironmentVars(%sessionname%) $session = Left($sessionname, 3) Select Case $Session = "Con" $sessiontype = "Console session" Case $session = "RDP" $sessiontype = "Remote desktop session" Case $session = "ICA" $sessiontype = "Citrix ICA session" Case 1 $sessiontype = "Unknown session type" EndSelect EndFunction I'm a bit confused. It's almost like it's doing things backwards from how I imagine it will while at the same time it either runs on everything or it runs on nothing. Very strange behavior. |
||||||||
|
|
|||||||
Yikes! When I first presented my example a long time back, it was suggested to convert it to a UDF.. Kind of pointless, I said, because it's just ONE LINE. My example returns the following: "CON" - a login at the workstation (or server) console "RDP" - a login using RDP protocol "ICA" - a login using Citrix ICA protocol So - if you want to run a command only on the console login (not RDS or ICA), you do the following: Code: $ConnType = Left(%SESSIONNAME%, 3) If $ConnType = "CON" ; do stuff... EndIf Let's look at a different example - you want to run only if on an RDS or ICA remote terminal session but not a workstation login: Code: $ConnType = Left(%SESSIONNAME%, 3) If InStr('ICARDP', $ConnType) ; do stuff... EndIf Just replace the "Do stuff..." line with your code. Glenn |
||||||||
|
|
|||||||
I see why now... run this code to see why. Code: ? "SessionType=" + SessionType() Warning, Spoiler: |
||||||||
|
|
|||||||
I don't see why a one line function would be treated any differently than a multi line function, but for the most part everything we do around here centers around putting things in a UDF, so its easily deployed, documented, and if for no other reason easier makes the code easier to read. |
||||||||
|
|
|||||||
Well, $Val = Code vs $Val - Func() saves nothing and actually increases the amount of code, even if just the function, endfunction, and exit statements are considered. I guess what bothered me was that my original code from 4/2009 (original post) returned a unique, short identifier from a text string. The function, which used my code and purported to do the same thing actually takes the simple logic that identifies the connection string and adds a fair amount of code to return an even longer string, which must then be parsed using additional code. While this function might be good to display a message about the connection type, it doesn't provide the simple connection identification that the original code statement did. I actually could have returned a single char for identification, but 3 chars allowed use of the standards "CON", "RDP", and "ICA" that were easily identified visually and were also simply parsed, as I illustrated above. As you've seen here, using that function resulted in additional confusion due to the verbose messages returned. As for UDF and documentation, I hear you - my code generally has a 1.3:1 or better comment to code ratio, between many individual comments and the detailed function headers. This, however, was documented in one line in my original response in this thread - the value assigned will have one of three 3-character terms. Finally, I'm not against a "one line" function, but to be practical, it should be something that's complex or possibly obscure logic so that you don't have to try to reinvent a wheel or research how to get it done each time you need it. This is a simple Left() command of a standard variable - would you convert all such simple statements to functions? I wouldn't.. I also wouldn't approve this in a code review of my team's projects. This would not be called multiple times, does not represent a complex construct, and its use does not clarify the process being performed. Of course, this is my opinion, and has been for some time on this topic. Glenn |
||||||||
|
|
|||||||
Just to make clear I'm not upset or trying to attack... all the respect to you Glenn, we have been friends for a long time. One thing I will say about the UDFs is, if you don't take ownership of it, this is the kind of thing that happens. I was EXPECTING the UDF to do exactly what your code did, and had to stop and look at how it was changed to see the difference. |
||||||||
|
|
|||||||
Glenn, that short snippet of code seems to have done the trick. I've tested it multiple times and it's working just as I need it to - the audit.exe runs only when someone logs into a system at the console and doesn't run at all if you log into a system via RDP. Thanks for your help with this. |
||||||||
|
|
|||||||
Thrasonic - glad it worked, & thanks for the feedback! Allen - no offense taken or attack perceived - or provoked.. just putting my thoughts out there. You know I'm usually pretty flexible, but I've discussed this in the past, before Mart created his UDF, and my feeling about this being a UDF vs a code snippet haven't changed. Glenn |
||||||||
|
|
|||||||
Big difference Glenn. If you don't know how to do it. Don't know what you're looking for exactly then having a UDF is easily found. :-) Have to do a lot of searching to find your code vs looking in the UDF section. LOL , but I hear ya. |
||||||||
|
|
|||||||
Easily found.... when it is stored here. |