Using CPAU for Admin Logins
Novell Cool Solutions: Tip
By Kirk Maule
Reader Rating 
from 1 ratings
|
Digg This -
Slashdot This
Posted: 4 Nov 2005 |
Problem
Secure Login 3.51 SP2/3 requires the administrator to log in after installation. There are ways around this using ZENworks. However, I found that RUNAS.EXE was difficult to use, because I had to pipe in the local administrator password with SANUR.EXE, which often failed.
Solution
There is a freeware program called CPAU.EXE that works well for this. You can find it at:
http://www.joeware.net/win/free/tools/cpau.htm
CPAU.EXE -u %COMPUTERNAME%\administrator -p-ex "C:\progra~1\novell\securelogin\slbroker.exe /regserver" -profile -wait
CPAU.EXE -u %COMPUTERNAME%\administrator -p-ex "regsvr32.exe /s C:\progra~1\novell\securelogin\iesso.dll" -profile -wait
CPAU.EXE -u %COMPUTERNAME%\administrator -p-ex "regsvr32.exe /s C:\progra~1\novell\securelogin\slvba.dll" -profile -wait
This next one is only needed if Internet Explorer is using Sun Java VM:
CPAU.EXE -u %COMPUTERNAME%\administrator -p-ex "rundll32.exe sljava.dll,Install" -profile -wait
A DOS box does reveal the admin password, but the commands can be encrypted by CPAU.EXE. The command to encrypt looks like this:
CPAU -u {%{COMPUTERNAME}%}\administrator -p -ex
"C:\progra~1\novell\securelogin\slbroker.exe /regserver" -file
c:\temp\cpauSlbroker.txt -enc
This allows the COMPUTERNAME variable to used inside the encrypted file. You then copy the encrypted command files down to the PC using NAL.
The following commands are placed in the NAL post-launch script (plus an sljava.dll command if required):
CPAU.EXE -file %TARGET_PATH%\cpauSlbroker.txt -dec -profile -wait CPAU.EXE -file %TARGET_PATH%\cpauIEsso.txt -dec -profile -wait CPAU.EXE -file %TARGET_PATH%\cpauSLVBA.txt -dec -profile -wait
Run the NAL as unsecure user, and associated to the user.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com