Rogue process management is enabled and configured through the Windows registry. The following sections explain how to manually modify the registry on Windows 98 and Windows 2000/XP workstations and how to create an Application object to distribute the registry changes through Application Launcher:
Use regedit.exe to open the Windows registry.
Locate the following key:
HKEY_CURRENT_USER\Software\NetWare\NAL\1.0
Add a Process Management key under the 1.0 key:
HKEY_CURRENT_USER\Software\NetWare\NAL\1.0\Process Management
Add a Default Action value to the Process Management key using the following information:
Value type: DWORD
Value name: Default Action
Value data: To have Application Launcher ignore all rogue processes, enter 0. To have Application Launcher terminate all rogue processes, enter 1.
NOTE:If you build an exception list, as in Step 8 below, the meaning of this value data changes. See the information in that step for more information.
Add a Report Terminated value to the Process Management key using the following information:
Value type: DWORD
Value name: Report Terminated
Value data: To disable reporting of rogue processes that Application Launcher terminates, enter 0. To enable reporting of terminated rogue processes, enter 1.
Add a Report Ignored value to the Process Management key using the following information:
Value type: DWORD
Value name: Report Ignored
Value data: To disable reporting of rogue processes that Application Launcher ignores, enter 0. To enable reporting of ignored rogue processes, enter 1.
If you enabled reporting by adding a or value, you need to determine where you want the reports sent. To do so:
Add a Reporting targets key to the Process management key:
HKEY_CURRENT_USER\Software\NetWare\NAL\1.0\Process Management\Reporting Targets
To configure database reporting, add a value to the Reporting targets key using the following information:
Value type: DWORD
Value name: Database
Value data: To disable reporting to a database, enter 0. To enable reporting to a database, enter 1. When this option is enabled, Application Launcher writes to the database determined by the Service Location Policy package associated with the user. For more information, see Enabling the ZENworks Database Policy.
For information about queries you can use to generate reports from the database, see Section 44.6, Generating Reports from a Database.
To configure SNMP reporting, add an value to the Reporting targets key using the following information:
Value type: DWORD
Value name: SNMP
Value data: To disable SNMP reporting, enter 0. To enable SNMP reporting, enter 1. When this option is enabled, Application Launcher sends to the SNMP trap targets determined by the Service Location Policy package associated with the user. For more information, see Enabling the SNMP Trap Targets Policy.
To configure XML reporting, add an value to the Reporting Targets key using the following information:
Value type: DWORD
Value name: XML
Value data: To disable XML reporting, enter 0. To enable XML reporting, enter 1. When this option is enabled, Application Launcher sends to the XML targets determined by the Service Location Policy package associated with the user. For more information, see Enabling the SNMP Trap Targets Policy.
If the XML reports are being processed into a database, see Section 44.6, Generating Reports from a Database for information about queries you can use to generate reports from the database.
To configure log file reporting, add a value to the Reporting targets key using the following information:
Value type: String
Value name: File
Value data: Specify the full path and filename to be used for the log file. This can be a mapped drive or a UNC path to a local or network drive. For example, \\server1\vol1\process\rogue.txt. If you do not enter a value, log file reporting is disabled.
For information about understanding the information written to the log file, see Section 44.7, Understanding Log File Reports.
(Optional) Use an exception list.To configure the list for Rogue Process Management:
Create an Exception list key under the following Process management key:
HKEY_CURRENT_USER\Software\NetWare\NAL\1.0\Process Management\Exception List
Treat the Default Action setting (Step 4 above) as a flag to determine the behavior of Rogue Process Management when exceptions are granted:
|
Value Data |
Behavior |
|---|---|
|
0 |
Blacklists the applications in the exception list and assumes they are rogues unless they are launched from Novell Application Launcher. Any processes not in the exception list are allowed to run normally. |
|
1 |
Whitelists the applications listed in the exception list and assumes they are approved. Any other processes not included in the exception list are not allowed to run, unless they are launched from Novell Application Launcher. |
Add a DWORD value to the Exception list key for each process you want added to the list.
Value type: DWORD
Value name: Specify the process internal filename. If the process has an internal filename, it is listed on the tab of the executable's Properties dialog box (right-click the executable file > click > click ). For example, sol.exe has an internal filename of sol.exe, so you would name this application sol.exe on the exception list. If an application has no internal filename, use its standard filename or its name without the file extension. Do not provide a path for the file; specify only the filename.
Value data: Do not specify anything in this field.
Save the registry changes.
In ConsoleOne®, create a simple Application object (see Section 28.0, Distribution: Simple Applications if necessary), using the following information:
Object name: Specify a unique name for the eDirectory object (for example, Rogue Process Management).
Path to file: Do not specify anything in this field.
Distribution rules: If you want to enforce specific rules before the registry changes are distributed to a workstation, define the rules. You can also do this at a later time.
Associations: Select the users or workstations you want the changes distributed to. You can also do this at a later time.
After you've created the Application object, right-click the object, then click to display the object's property pages.
Click , then click to display the Registry page.
Create the following registry key:
HKEY_CURRENT_USER\Software\NetWare\NAL\1.0\Process Management
To create the key:
Add a Default Action value to the Process Management key. To do so:
Select the Process Management key, click , click to display the Edit DWORD Value dialog box, then fill in the fields as follows:
Value name: Default Action
Value data: To have Application Launcher ignore all rogue processes, enter 0. To have Application Launcher terminate all rogue processes, enter 1.
NOTE:If you build an exception list, as in Step 9 below, the meaning of this value data changes. See the information in that step for more information.
Click to add the value to the Process management key.
Add a value to the Process management key. To do so:
Select the Process management key, click , click to display the Edit DWORD Value dialog box, then fill in the fields as follows:
Value name: Report Terminated
Value data: To disable reporting of rogue processes that Application Launcher terminates, enter 0. To enable reporting of terminated rogue processes, enter 1.
Click to add the Report Terminated value to the Process management key.
Add a value to the Process management key. To do so:
Select the Process management key, click , click to display the Edit DWORD Value dialog box, then fill in the fields as follows:
Value name: Report Ignored
Value data: To disable reporting of rogue processes that Application Launcher ignores, enter 0. To enable reporting of ignored rogue processes, enter 1.
Click to add the value to the Process management key.
If you enabled reporting by adding a or value, you need to determine where you want the reports sent. To do so:
Add a Reporting targets key to the Process management key:
HKEY_CURRENT_USER\Software\NetWare\NAL\1.0\Process Management\Reporting Targets
To configure database reporting, add a value to the Reporting targets key using the following information:
Value type: DWORD
Value name: Database
Value data: To disable reporting to a database, enter 0. To enable reporting to a database, enter 1. When this option is enabled, Application Launcher writes to the database determined by the Service Location Policy package associated with the user. For more information, see Enabling the ZENworks Database Policy.
For information about queries you can use to generate reports from the database, see Section 44.6, Generating Reports from a Database.
To configure SNMP reporting, add an value to the Reporting targets key using the following information:
Value type: DWORD
Value name: SNMP
Value data: To disable SNMP reporting, enter 0. To enable SNMP reporting, enter 1. When this option is enabled, Application Launcher sends to the SNMP trap targets determined by the Service Location Policy package associated with the user. For more information, see Enabling the SNMP Trap Targets Policy.
To configure XML reporting, add an value to the Reporting targets key using the following information:
Value type: DWORD
Value name: XML
Value data: To disable XML reporting, enter 0. To enable XML reporting, enter 1. When this option is enabled, Application Launcher sends to the XML targets determined by the Service Location Policy package associated with the user. For more information, see Enabling the SNMP Trap Targets Policy.
If the XML reports are being processed into a database, see Section 44.6, Generating Reports from a Database for information about queries you can use to generate reports from the database.
To configure log file reporting, add a value to the Reporting targets key using the following information:
Value type: String
Value name: File
Value data: Specify the full path and filename to be used for the log file. This can be a mapped drive or a UNC path to a local or network drive. For example, \\server1\vol1\process\rogue.txt. If you do not enter a value, log file reporting is disabled.
For information about understanding the information written to the log file, see Section 44.7, Understanding Log File Reports.
(Conditional) Use an exception list. To configure the list for Rogue Process Management:
Create an Exception list key under the Process management key:
HKEY_CURRENT_USER\Software\NetWare\NAL\1.0\Process Management\Exception List
Treat the Default Action setting (Step 5 above) as a flag to determine the behavior of Rogue Process Management when exceptions are granted:
|
Value Data |
Behavior |
|---|---|
|
0 |
Blacklist the applications in the exception list: assume all are rogues except those that were launched from Novell Application Launcher. Any other processes not included in the exception list are allowed to run normally. |
|
1 |
Whitelist the applications listed in the exception list: assume all are approved, but terminate those that were not launched from Novell Application Launcher. Any other processes not included in the exception list are not allowed to run. |
Add a DWORD value to the Exception list key for each process you want added to the list.
Value type: DWORD
Value name: Enter the process internal filename. If the process has an “internal” filename, it is listed on the tab of the executable's Properties dialog box (right-click the executable file > click > click ). For example, sol.exe has an internal filename of sol.exe, so on the exception list you would name this application sol.exe. If an application has no internal filename, use its standard filename. Do not enter a path for the file, only the filename.
Value data: Do not enter anything in this field.
Add a string value to the key for each process you want added to the list. To do so:
Select the Exception list key, click ., click to display the Edit DWORD Value dialog box, then fill in the fields as follows:
Value name: Enter the process filename. You can enter either the displayed executable name or the original filename. If the process has an original filename, it is listed on the Version tab of the executable's Properties dialog box (right-click the executable file, click Properties, then click Version). Do not enter a path for the file, only the filename.
Value data: Do not enter anything in this field.
Click to add the value to the Exception list key.
Click the tab to display the Associations page.
Add the users and workstation you want to distribute the changes to. To make sure the changes are made without requiring any user intervention, enable the option on each association.
Click to save the changes to the Application object.
The registry modifications are distributed to associated users the next time Application Launcher refreshes and to associated workstations the next time Application Launcher Workstation Helper refreshes.