Feature Article

Challenge

We needed to develop a script for an application called BAS. Users have a unique username and password for each department in the BAS application. Each user on average access about 20 departments i.e. they have 20 different usernames and passwords for the BAS application.

Novell SecureLogin was a clear solution and the SetPlat command was used extensively.

The challenge was that the login screen and the change password screen where to separate executables. This posed a problem as we needed to know which department the user had logged into when the change password screen was displayed.

Solution

We decided to use an INI file to store the information about which department a user had logged into. Because a user can only be logged into one department at a time we knew this solution would work.

Using ZENworks we deployed the following batch file to each workstation:

@ECHO OFF 
MKDIR C:\TEMP 
ECHO [DEP] > C:\TEMP\DEP.INI 
ECHO DEP=%1 >> C:\TEMP\DEP.INI

The Following lines where added to the application script for BAS to allow for the capturing of which department the user had logged into:

   ReadText #100 ?Location
   Run "C:\SetDep.bat" \" ?Location \"
   SetPlat ?Location
   
   

Another script was developed for the change password screen which looked as follows:

Dialog
   Class #32770
   Title "Password Maintenance"   
EndDialog

   GetIni "C:\Temp\Dep.ini" "DEP" "DEP" ?Var
   SetPlat ?Var
        
   Delay 300
   Type -Raw $Password 
   Type -Raw "\T"
   Delay 300

   RestrictVariable ?NewPassword BASPwdPolicy
   ChangePassword ?NewPassword Random

   Type -Raw ?NewPassword
   Type -Raw "\T"
   Delay 300
   Type -Raw ?NewPassword
   Type -Raw "\T"   
   Type -Raw "\N"
   
   Set $OldPassword $Password
   Set $Password ?NewPassword
   Set $Runcounter "0"
   
   AuditEvent "Random password set for user."
   
   

This solution provided a good solution to our problem.