Remote Command Executer

User contributed software
Post Reply
User avatar
syntax
Site Admin
Posts: 54
Joined: Tue Jan 06, 2009 9:25 pm

Remote Command Executer

Post by syntax » Tue Feb 24, 2009 5:11 pm

This is a multi-part program here. The purpose is for modifying user-restricted areas on remote computers as they logon. At my work we have A LOT of wireless laptop computers and teachers tend to turn their computers off at night (policy for saving energy). This has resulted in it being a real pain to make remote changes to computers. If it's a change that users have access to modify we just pop it in a logon script. Frequently though we have to make some changes to a file on the hard drive or to something under the "local machine" registry key which the users are locked out from.

So what this program does is makes modifcations to remote computers as they logon to the network. This allows me to quickly make changes to machines without having to worry about them being turned on.
  1. So the first part of this is the logon script which checks if modifications need to made and, if so, dumps a text file of the computer name onto a server. So we have a folder on a domain controller called "login" with a directory called "client_mon." The login folder is shared with everyone as read access and the client_mon folder everyone has modify access. Then under that is a "done" folder with read only for everyone (write for admins).

    Here is the logon script. We use kixtart logon scripts (http://www.kixtart.org) --

    Code: Select all

    $SERVER = "AJH1"
    $CheckFile="\\" + $SERVER + "\login\client_mon\" + @WKSTA + ".txt"
    $checkclient=0
    $fgcserver="none"
    IF UCASE(@DOMAIN) = "JUNIOR"
    
        IF KeyExist("HKEY_LOCAL_MACHINE\Software\Fortres Grand\AppManager")
            $fgcserver=ReadValue("HKEY_LOCAL_MACHINE\Software\Fortres Grand\AppManager", "ServerName")
            IF NOT $fgcserver = "616a68342e61646d696e2e6162696e67746f6e2e6b31322e70612e757300"
                $checkclient=1
            ENDIF
        ENDIF
    
        IF EXIST ("c:\Program Files\CA\eTrustITM\00000001.QSD")
            IF NOT EXIST ("c:\Program Files\CA\eTrustITM\00000001.OLD")
                $checkclient=1
            ENDIF
        ENDIF
    
    ENDIF
    
    IF $checkclient = 1
        OPEN (1, $CheckFile, 5)
        WRITELINE (1, "User: " + @USERID + @CRLF)
        WRITELINE (1, "FGC: " + $fgcserver + @CRLF)
        WRITELINE (1, "Domain: " + @DOMAIN + @CRLF)
        WRITELINE (1, "LDomain: " + @LDOMAIN + @CRLF)
        WRITELINE (1, "Hostname: " + @HOSTNAME + @CRLF)
        CLOSE (1)
    ENDIF
    What this does is first checks to make sure the machine being logged onto is joined to the right domain. If it's not then the domain controller (loged on as a domain admin) wont have access to make the changes to the client. The rest of it is checking for the current modification we are doing which is changing the server (stored as hex) for our fortres security program and renaming a job folder for our antivirus to clean it out. Finally, if it finds either of the two things need to be changed it dumps a text file with some debugging information.
    .
    .
  2. The next part is the application I wrote to monitor for these dumped files and act on them. This "client monitor" just sits open and running on the server--
    client_mon.JPG
    client_mon.JPG (32.86 KiB) Viewed 7350 times
    Whenever it sees a textfile dropped into the directory it's monitoring (it does a check every 20 seconds), it sends a shell command to execute the batch file with the computer name as the %1 variable (e.g. "c:\login\client_mon.bat OVHEALTH"). The window runs minimized and finishes out quickly (depending on the amount of stuff in your batch file). After it executes the batch file it logs a note in the status area, copies the textfile into the "done" directory, and then deletes the original file.

    If the computers logs on again and a file is logged a second time you'll see "(REDONE)" noted in the status area. Sometimes the changes may fail based on a variety of reasons such as a wireless connection dropping out or windows firewall being turned on on the client. If you see repeated "(REDONE)" errors, check the client.
    .
    .
  3. So the third part of this is the batch file. Here is the batch file used to make the changes we are currently doing.

    Code: Select all

    IF EXIST "\\%1\c$\Program Files\CA\eTrustITM\00000001.OLD" GOTO fgc
    IF NOT EXIST "\\%1\c$\Program Files\CA\eTrustITM\00000001.QSD" GOTO fgc
    
    MOVE "\\%1\c$\Program Files\CA\eTrustITM\00000001.QSD" "\\%1\c$\Program Files\CA\eTrustITM\00000001.OLD"
    dtreg -Quiet -Set REG_DWORD "\\%1\HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\eTrustITM\CurrentVersion\SystemSetting\RequestJobEnabled"=0
    ini "\\%1\c$\Program Files\CA\eTrustITM\ppcl.ini" write "Control" ScanAtBoot 0
    
    :fgc
    dtreg -Quiet -Set REG_BINARY "\\%1\HKLM\Software\Fortres Grand\AppManager\ServerName"=616a68342e61646d696e2e6162696e67746f6e2e6b31322e70612e757300
    
    :end
    dtreg is a program to make remote registry changes. ini is a program to make modifications to ini files. both are included in the attached zip as well as this batch file.
Download--
Client_Monitor_v1.0.26.zip
(52.49 KiB) Downloaded 619 times

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest