The following sections contain more information:
Changes made to shared policy components will affect all policies they are associated with. Prior to updating or otherwise changing a policy component, it is recommended that you run the Show Usage command to determine which policies will be affected by the change.
Right-click the component and select Show Usage
A pop-up window will display, showing each instance of this component in other policies (see Figure 6-35).
Figure 6-35 Show Usage Window
When the administrator attempts to save a policy with incomplete or incorrect data in a component, the Validation pane will display at the bottom of the Management console, highlighting each error. The errors MUST be corrected before the policy can be saved.
Double-click each validation row to navigate to the screen with the error. Errors are highlighted as shown in the figure below (see Figure 6-36).
Figure 6-36 Error Notification Pane
Custom User Messages allow the ZENworks Endpoint Security Management Administrator to create messages which directly answer security policy questions as the user encounters policy enforced security restrictions, or provide specific instructions to the user. User messages controls (see Figure 6-37) are available in various components of the policy.
Figure 6-37 Custom User Message with a Hyperlink
To create a custom user message, perform the following steps (Figure 6-38 for an example of the control):
Enter a title for the message. This displays on the top bar of the message box (see example in Figure 6-36 above)
Enter the message. The message is limited to 1000 characters
If a hyperlink is required, check the hyperlinks box and enter the necessary
Figure 6-38 Custom Message and Hyperlink Controls
NOTE:Changing the Message or Hyperlink in a shared component will change in all other instances of that component. Use the Show Usage command to view all other policies associated with this component.
An administrator can incorporate hyperlinks in custom messages to assist in explaining security policies or provide links to software updates to maintain integrity compliance. Hyperlinks are available in several policy components. A VPN hyperlink can be created which can point to either the VPN client executable, or to a batch file which can run and fully log the user in to the VPN (see VPN Enforcement for more details).
Figure 6-39 Custom User Message with a Hyperlink
To create a hyperlink, perform the following steps (see Figure 6-40 for an example of the control):
Enter a name for the link. This is the name that will display below the message (required for Advanced VPN hyperlinks as well).
Enter the hyperlink
Enter any switches or other parameters for the link (use for VPN enforcement)
Figure 6-40 Custom Message and Hyperlink Controls
NOTE:Changing the Message or Hyperlink in a shared component will change in all other instances of that component. Use the Show Usage command to view all other policies associated with this component.
The location icon provides a visual cue to the user which identifies their current location. The location icon displays on the taskbar in the notification area. Use the pull-down list to view and select from the available location icons:
Select an icon which will help the end-user easily identify their location at a glance.
This setting determines the frequency the Endpoint Security Client will check for a policy update when it enters this location. The frequency time is set in minutes, hours, or days. Unchecking this parameter means the Endpoint Security Client will NOT check for an update at this location.
User permissions within a location include:
Change Location - this permits the end-user to change to and out of this location. For non-managed locations (i.e., hot-spots, airports, hotels, etc.), this permission should be granted. In controlled environments, where the network parameters are known, this permission can be disabled. The user will NOT be able to switch to, or out of any locations when this permission is disabled, rather the Endpoint Security Client will rely on the network environment parameters entered for this location
Change Firewall Settings - this allows the user to change their firewall settings
Save Network Environment - this allows the user to save the network environment to this location, to permit automatic switching to the location when the user returns. Recommended for any locations the user will need to switch to. Multiple network environments may be saved for a single location. For example, if a Location defined as Airport is part of the current policy, each airport visited by the user can be saved as a network environment for this location. This way, a mobile user can return to a saved airport environment, and the Endpoint Security Client will automatically switch to the Airport location, and apply the defined security settings. A user may, of course, change to a location and not save the environment.
Show Location in Client Menu - this setting allows the location to display in the client menu. If this is unchecked, the location will not display at any time.
This setting allows an optional Custom User Message to display when the Endpoint Security Client switches to this location. This message can provide instructions for the end-user, details about policy restrictions under this location, or include a Hyperlink to more information.
If the network parameters (Gateway server(s), DNS server(s), DHCP server(s), WINS server(s), available access points, and/or specific adapter connections) are known for a location, the service details (IP and/or MAC), which identify the network, can be entered into the policy to provide immediate location switching without requiring the user having to save the environment as a location.
To access this control, open the Locations tab and click the Network Environments folder in the policy tree on the left.
Figure 6-41 Network Environments
The lists provided allow the administrator to define which network services are present in the environment. Each network service may contain multiple addresses. The administrator determines how many of the addresses are required to match in the environment to activate the location switch.
It is required that 2 or more location parameters be used in each network environment definition.
To define a network environment, perform the following steps:
Select Network Environments in the components tree and click the New Component button
Name the network environment and provide a description
Select which adapter type is permitted to access this Network Environment from the drop-down list
Enter the following information for each service:
The IP address(es) - Limited to 15 characters, and only containing the numbers 0-9 and periods (example: 123.45.6.789)
MAC address(es) (Optional) - Limited to 12 characters, and only containing the numbers 0-9 and the letters A-F (upper and lower case); separated by colons example: 00:01:02:34:05:B6
Check whether identification of this service is required to define the network environment
The Dialup Connections, and Adapters tabs have the following requirements:
For Dialup Connections, the RAS Entry name from the phone book or the dialed number may be entered. Phone book entries MUST contain alpha characters and cannot contain only special characters (@, #, $,%, -, etc.) or numeric characters (1-9). Entries that only contain special and numeric characters are assumed to be dialed numbers.
Adapters can be entered to restrict exactly which adapters, specifically, are permitted access to this network environment (see Step 3 regarding setting adapter limitations). Enter the SSID for each allowed adapter. If no SSIDs are entered, all adapters of the permitted type are granted access
Each Network Environment has a minimum number of addresses the Endpoint Security Client uses to identify it. The number set in Minimum Match must not exceed the total number of network addresses identified as being required in the tabbed lists. Enter the minimum number of network services required to identify this network environment
To associate an existing Network Environment to this location:
Select Network Environments in the components tree and click the Associate Component button
Select the network environment from the list
The environment parameters may be re-defined. However, changing the settings in a shared component will affect all other instances of this same component. Use the Show Usage command to view all other policies associated with this component.
Click Save
You can associate additional Network Environments to the location if desired. If you have multiple locations in the same security policy, be aware that associating a single network environment to two or more locations within in the same security policy will cause unpredictable results and is not recommended.
Firewall Settings control the connectivity of all networking ports, Access Control lists, network packets (ICMP, ARP, etc.), and which applications are permitted to get a socket out or function, when the firewall setting is applied.
NOTE:This feature is only available in the ZENworks Endpoint Security Management installation, and cannot be used for UWS security policies.
To access this control, open the Locations tab and click the Firewall Settings icon in the policy tree on the left.
Each component of a firewall setting is configured separately, with only the default behavior of the TCP/UDP ports required to be set. This setting affects all TCP /UDP ports when this firewall setting is used. Individual or grouped ports may be created with a different setting.
Figure 6-42 Firewall Settings
To create a new firewall setting:
Select Firewall Settings in the components tree and click the New Component button
Name the firewall setting and provide a description
Select the default behavior for all TCP/UDP ports
Additional ports and lists may be added to the firewall settings, and given unique behaviors which will override the default setting.
Example: The default behavior for all ports is set as All Stateful. The ports lists for Streaming Media and Web Browsing are added to the firewall setting. The Streaming Media port behavior is set as Closed, and the Web Browsing port behavior is set as Open. Network traffic through TCP Ports 7070, 554, 1755, and 8000 would be blocked. Network traffic through ports 80 and 443 would be open and visible on the network. All other ports would operate in Stateful mode, requiring the traffic through them be solicited first.
Select whether to display this firewall in the Endpoint Security Client menu (if unchecked, the user will not see this firewall setting)
Click Save. Repeat the above steps to create another firewall setting
To associate an existing firewall setting:
Select Firewall Settings in the components tree and click the Associate Component button
Select the desired firewall setting(s) from the list
The default behavior setting may be re-defined. However, cChanging the settings in a shared component will affect all other instances of this same component. Use the Show Usage command to view all other policies associated with this component.
Click Save
Multiple firewall settings can be included within a single location. One is defined as the default setting, with the remaining settings available as options for the user to switch to. Having multiple settings are useful when a user may normally need certain security restrictions within a network environment and occasionally needs those restrictions either lifted or increased for a short period of time, for specific types of networking (i.e., ICMP Broadcasts).
Three firewall settings are included at installation, they are:
All Adaptive - This firewall setting sets all networking ports as stateful (all unsolicited inbound network traffic is blocked. All outbound network traffic is allowed), ARP and 802.1x packets are permitted, and all network applications are permitted a network connection, all.
All Open - This firewall setting sets all networking ports as open (all network traffic is allowed), all packet types are permitted. All network applications are permitted a network connection
All Closed - This firewall setting closes all networking ports, and restricts all packet types.
A new location will have the single firewall setting, All Open, set as the default. To set a different firewall setting as the default, right click the desired Firewall Setting and choose Set as Default.
Endpoint data is primarily secured by controlling TCP/UDP port activity. This feature allows you to create a list of TCP/UDP ports which will be uniquely handled in this firewall setting. The lists contain a collection of ports and port ranges, together with their transport type, which defines the function of the range.
NOTE:This feature is only available in the ZENworks Endpoint Security Management installation, and cannot be used for UWS security policies.
To access this control, open the Locations tab, click the “+” symbol next to Firewall Settings, click the “+” symbol next to the desired Firewall, and click the TCP/UDP Ports icon in the policy tree on the left.
Figure 6-43 TCP/UDP Ports Settings
New TCP/UDP port lists can be defined with individual ports or as a range (1-100) per each line of the list.
To create a new TCP/UDP port setting:
Select TCP/UDP Ports from the components tree and click the Add New button
Name the port list and provide a description
Select the port behavior from the drop-down list. The optional behaviors are:
Open - All network inbound and outbound traffic is allowed. Because all network traffic is allowed your computer identity is visible for this port or port range.
Closed - All inbound and outbound network traffic is blocked. Because all network identification requests are blocked your computer identity is concealed for this port or port range.
Stateful - All unsolicited inbound network traffic is blocked. All outbound network traffic is allowed over this port or port range.
Enter the transport type:
All (all port types listed below)
Ether
IP
TCP
UDP
Enter Ports and Port Ranges as either:
Single ports
A range of ports with the first port number, followed by a dash, and the last port number
Example: 1-100 would add all ports between 1 and 100
Please visit the Internet Assigned Numbers Authority pages for a complete Ports and transport types list.
Click Save. Repeat the above steps to create a new setting
To associate an existing TCP/UDP port to this firewall setting:
Select TCP/UDP Ports from the component tree and click the Associate Component button
Select the desired port(s) from the list
The default behavior setting may be re-defined. However, changing the settings in a shared component will affect ALL OTHER instances of this same component. Use the Show Usage command to view all other policies associated with this component.
Click Save
Several TCP/UDP port groups have been bundled and are available at installation:
There may be some addresses which require unsolicited traffic be passed regardless of the current port behavior (i.e., enterprise back-up server, exchange server, etc.). In instances where unsolicited traffic needs to be passed to and from trusted servers, an Access Control List (ACL) can be created to resolve this issue.
NOTE:This feature is only available in the ZENworks Endpoint Security Management installation, and cannot be used for UWS security policies.
To access this control, open the Locations tab, click the “+” symbol next to Firewall Settings, click the “+” symbol next to the desired Firewall, and click the Access Control Lists icon in the policy tree on the left.
Figure 6-44 Access Control Lists Settings
To create a new ACL setting:
Select Access Control List from the components tree and click the Add New button
Name the ACL and provide a description
Enter the ACL address or Macro
Enter the ACL type:
IP - This type limits the address to 15 characters, and only containing the numbers 0-9 and periods (example: 123.45.6.189). IP addresses may also be entered as a range (example: 123.0.0.0 - 123.0.0.255)
MAC - This type limits the address to 12 characters, and only containing the numbers 0-9 and the letters A-F (upper and lower case); separated by colons (example: 00:01:02:34:05:B6)
Select the ACL Behavior drop-down box and determine whether the ACLs listed should be Trusted (allow it always even if all TCP/UDP ports are closed) or Non-Trusted (block access)
If Trusted, select the Optional Trusted Ports (TCP/UDP) this ACL will use. These ports will permit all ACL traffic, while other TCP/UDP ports will maintain their current settings. Selecting ‹None› means any port may be used by this ACL
Click Save. Repeat the above steps to create a new setting
To associate an existing ACL/Macro to this firewall setting:
Select Access Control List from the component tree and click the Associate Component button
Select the ACL(s)/Macro(s) from the list
The ACL behavior settings may be re-defined. However, changing the settings in a shared component will affect ALL OTHER instances of this same component. Use the Show Usage command to view all other policies associated with this component.
Click Save
The following is a list of special Access Control macros. These can be associated individually as part of an ACL in a firewall setting.
Table 6-1 Network Address Macros
This feature allows the administrator to block applications either from gaining network access, or from simply executing at all.
NOTE:This feature is only available in the ZENworks Endpoint Security Management installation, and cannot be used for UWS security policies.
To access this control, open the Locations tab, click the “+” symbol next to Firewall Settings, click the “+” symbol next to the desired Firewall, and click the Applications Controls icon in the policy tree on the left.
Figure 6-45 Application Control Settings
To create a new application control setting:
Select Application Controls in the components tree and click the Add New button
Name the application control list and provide a description
Select an execution behavior. This behavior will be applied to all applications listed. If multiple behaviors are required (example: some networking applications are denied network access, while all file sharing applications are denied execution), multiple application controls will need to be defined. Select one of the following:
All Allowed - all applications listed will be permitted to execute and have network access
No Execution - all applications listed will not be permitted to execute
No Network Access - all applications listed will be denied network access. Applications (such as web-browsers) launched from an application will also be denied network access
NOTE:Blocking network access for an application does not affect saving files to mapped network drives. Users will be permitted to save to all network drives available to them.
Enter each application to block. One application must be entered per row
WARNING:Blocking execution of critical applications could have an adverse affect on system operation. Blocked Microsoft Office applications will attempt to run their installation program.
Click Save. Repeat the above steps to create a new setting
To associate an existing application control list to this firewall setting:
Select Application Controls in the components tree and click the Associate Component button
Select an application set from the list
The applications and the level of restriction may be re-defined
NOTE:Changing the settings in a shared component will affect ALL OTHER instances of this same component. Use the Show Usage command to view all other policies associated with this component.
Click Save
The available application controls are identified below, the default execution behavior is No Network Access:
Table 6-2 Application Controls
If the same application is added to two different application controls in the same firewall setting (i.e., kazaa.exe is blocked from executing in one application control, and blocked from gaining network access in another defined application control under the same firewall setting), the most stringent control for the given executable will be applied (i.e., kazaa would be blocked from executing)
The ZENworks Endpoint Security Management (ZENworks Endpoint Security Management) supports standard Jscript and VBScript coding methods readily available, with the following exceptions:
WScript.Echo - Not supported - (displaying return values back to a parent window are not support (since the parent window is unavailable)). Use the Action.Message ZENworks Endpoint Security Management API instead.
Access to Shell Objects - Use the following modified nomenclature/call:
[JScript] Use: var WshShell = new ActiveXObject("WScript.Shell"); Instead of: var WshShell = WScript.CreateObject ("WScript.Shell"); [VBScript] Use: Dim WshShell Set WshShell = CreateObject("WScript.Shell") Instead of: Dim WshShell Set WshShell = WScript.CreateObject("WScript.Shell")
All scripts are executed in the "system context" unless the following comment is added to the top of the script:
[Jscript] //@ImpersonateLoggedOnUser [VBScript] '@ImpersonateLoggedOnUser
A rule consists of two parts. The first part is the Trigger Events which determine when to execute the rule. The second part is the scripting code which contains the logic of the rule. The Endpoint Security Client provides three namespaces and five interfaces for the script, which allows the script to control or access the client.
The namespaces are as follows:
Query. This namespace provides methods to get the current state of the client. For example, information about the adapters, shield states and location.
Action. This namespace provides methods that get the client to do something. For example, a call that puts the client into a quarantined shield state.
Storage. This namespace provides a mechanism for the script to store variables for the session or permanently. These could be used to tell the script if the rule had failed the last time it was run. It could be used to store when this rule last ran.
The interfaces are as follows:
IClientAdapter. This interface describes an adapter in the client network environment.
IClientEnvData. This interface returns environment data about a Server or Wireless Access Point.
IClientNetEnv. Provides Network Environment Information.
IClientWAP. Provides information about a Wireless Access Point.
IClientAdapterList. A list of adapters in the client network environment.
Triggers are events that cause the Endpoint Security Client to determine when and if a rule should be executed. These events can either be internal to the client or some external event monitored by the client.
AdapterArrival
Desc: Adapter arrival has occurred.
Parameters: None.
AdapterRemoval
Desc: Adapter had been removed.
Parameters: None.
DownloadFailed
Desc: This event is triggered in response to Action.DownloadAsync if the file was not successfully downloaded.
Parameters: None.
DownloadSuccess
Desc: This event is triggered in response to Action.DownloadAsync if the file was successfully downloaded
Parameters: None.
LocationChange
Desc: Run the rule when entering or leaving a particular location or all locations.
Parameters:
MediaConnect
Desc: Adapter has connection.
Parameters: None.
MediaDisconnect
Desc: Adapter has lost its connection.
Parameters: None.
PolicyUpdated
Desc: Called when client is first started and whenever a new policy is applied.
Parameters: None.
ProcessChange
Desc: Trigger whenever a process is created or deleted.
Parameters: None.
Startup
Desc: Run the rule when the engine is started.
Parameters: None.
TimeOfDay
Desc: Run the rule at a particular time or times of day. Or at least once a day. This will store the last time this was triggered.
Parameters:
Timer
Desc: Run the rule every n milliseconds.
Parameters:
UserChangeShield
Desc: The user had manually changed the shield state.
Parameters: None.
WithinTime
Desc: Run the rule every n minutes starting from the last time the rule was executed. If the computer has been turned off it will execute the rule if the specified time has past since the last time the rule was executed.
Parameters:
EAccessState eApplyGlobalSetting = -1 eDisableAccess = 0 eAllowAccess = 1 EAdapterType eWIRED eWIRELESS eDIALUPCONN EComparison eEQUAL eLESS eGREATER eEQUALORLESS eEQUALORGREATER? ESTDisplayMsg eONLYONCE eEVERYTIME eSECONDS eNOMSG EHardwareDeviceController eIrDA = 0 e1394 eBlueTooth eSerialPort eParrallelPort ELogLevel eALARM eWARN eINFO EMATCHTYPE eUNDEFINED eLOCALIP eGATEWAY eDNS eDHCP eWINS eWAP eDIALUP eUNKNOWN eDOMAIN eRULE eUSERSELECTED EMinimumWiFiSecurityState eNoEncryptionRequired = 0 eWEP64 eWEP128 eWPA ERegKey eCLASSES_ROOT eCURRENT_USER eLOCAL_MACHINE eUSERS eCURRENT_CONFIG ERegType eSTRING eDWORD eBINARY eMULTI_SZ eEXPAND_SZ EServiceState eRUN eSTOP ePAUSE ePENDING eNOTREG EVariableScope ePolicyChange = 0 // reset on a policy update eLocationChange = 1 // reset on a location change TRIGGEREVENT eTIMER eSTARTUP eLOCATIONCHANGE eTIMEOFDAY eADAPTERARRIVAL eADAPTERREMOVAL eMEDIACONNECT eMEDIADISCONNECT ePOLICYUPDATED eUSERCHANGEDSHIELD ePROCESSCHANGE eWITHINTIME eRUNNOW eDOWNLOADFAILED eDOWNLOADSUCCESS
Table 6-3 Shell Folder Names
JScript:
Action.CheckForUpdate();
VBScript:
Action.CheckForUpdate()
NOTE:When setting the ShieldState (firewall) by name, the name specified MUST EXACTLY match the firewall specified in the policy. Three firewall settings are always available regardless of the policy ("All Closed", "All Adaptive", and "All Open").
JScript:
Action.SetShieldStateByName("Closed",true); Action.Trace("Start 20 second sleep"); Action.Sleep(20000); var ret = Action.ClearFixedShieldState(); if(ret == true) Action.Trace("ret = true"); else Action.Trace("ret = false");
VBScript:
Action.SetShieldStateByName "Closed",true Action.Trace("Start 20 second sleep") Action.Sleep(20000) dim ret ret = Action.ClearFixedShieldState() if(ret = true) then Action.Trace("ret = true") else Action.Trace("ret = false") end if
NOTE:When setting the Location by name, the name specified MUST EXACTLY match the location specified in the policy.
JScript:
Action.SwitchLocationByName("Base"); Action.Stamp(); Action.Trace("Begin 20 second sleep"); Action.Sleep(20000); Action.SwitchLocationByName("Base"); Action.ClearStamp();
VBScript:
Action.SwitchLocationByName("Base") Action.Stamp() Action.Trace("Begin 20 second sleep") Action.Sleep(20000) Action.SwitchLocationByName("Base") Action.ClearStamp()
Example 6-1 Details:
Base must be the name of a valid location which can be stamped. This script will then switch to location Base, then stamp it, sleep for 20 seconds, make sure we didn't spin out of the location by switching back to base and then clear the stamp. This script performed all actions as expected.
JScript:
var ret = Action.CreateRegistryKey(eLOCAL_MACHINE,"Software\\Novell","Tester"); if(ret == true) Action.Trace("Create Key is Successful"); else Action.Trace("Create Key did not work");
VBScript:
dim ret ret = Action.CreateRegistryKey(eLOCAL_MACHINE,"Software\\Novell","Tester") if(ret = true) then Action.Trace("Create Key is Successful") else Action.Trace("Create Key did not work") end if
JScript:
var ret = Action.DeleteRegistryKey(eLOCAL_MACHINE,"Software\\Novell\\Tester"); if(ret == true) Action.Trace("Delete Key is Successful"); else Action.Trace("Delete Key did not work");
VBScript:
dim ret ret = Action.DeleteRegistryKey(eLOCAL_MACHINE,"Software\\Novell\\Tester") if(ret = true) then Action.Trace("Delete Key is Successful") else Action.Trace("Delete Key did not work") end if
JScript:
Action.DeleteRegistryValue(eLOCAL_MACHINE,"Software\\Novell\\Tester","val1"); Action.DeleteRegistryValue(eLOCAL_MACHINE,"Software\\Novell\\Tester","val2");
VBScript:
Action.DeleteRegistryValue eLOCAL_MACHINE,"Software\\Novell\\Tester","val1" Action.DeleteRegistryValue eLOCAL_MACHINE,"Software\\Novell\\Tester","val2"
NOTE:The first parameter of the DisplayMessage call is a unique integer identifier for each action. When calling the Message by name, the name specified MUST EXACTLY match the DisplayMessage specified in the policy.
JScript:
Action.DisplayMessage("40","Message40", "Message Here", "question", ""); Action.Sleep(10000); Action.DisplayMessageByName("Message40");
VBScript:
Action.DisplayMessage "40","Message40", "Message Here", "question", "" Action.Sleep(10000) Action.DisplayMessageByName "Message40"
Example 6-2 Details:
This script will create a Message Box with all parameters and then wait 10 seconds, (during which the tester should click Ok to end box display) and then it will be displayed by the ID and wait 10 seconds, (again, the tester should click Ok to end box display) and then it will display the Message Box by
JScript:
Action.EnableAdapterType(false, eWIRELESS); Action.EnableAdapterType(true, eWIRELESS); Action.EnableAdapterType(false, eWIRED); Action.EnableAdapterType(true, eWIRED); Action.EnableAdapterType(false, eDIALUPCONN); Action.EnableAdapterType(true, eDIALUPCONN);
VBScript:
Action.EnableAdapterType false, eWIRELESS Action.EnableAdapterType true, eWIRELESS Action.EnableAdapterType false, eWIRED Action.EnableAdapterType true, eWIRED Action.EnableAdapterType false, eDIALUPCONN Action.EnableAdapterType true, eDIALUPCONN
NOTE:The first parameter of the Launch call is a unique integer identifier for each action.
JScript:
Action.Launch("50","C:\calco.exe","");
VBScript:
Action.Launch "51","C:\calco.exe",""
JScript:
Action.LaunchAsSystem("C:\calco.exe"," sParameters ", "sWorkingDir",true);
VBScript:
Action.LaunchAsSystem "C:\calco.exe"," sParameters"," sWorkingDir",true
This launches in the user context and returns the exit code of the application launched.
JScript:
Action.LaunchAsUserWithCode(appToLaunch, "sParameters", "sWorkingDir", bShow, bWait, nExitCode);
VBScript:
Action.LaunchAsUserWithCode appToLaunch, "sParameters", "sWorkingDir", bShow, bWait, nExitCode
Example 6-3 Details:
Preliminary setup required creating a policy which included a new Integrity rule with a custom message. The custom message included a launch link which was added to the SCC menu bar.
NOTE:When setting the LaunchLink by name, the name specified MUST EXACTLY match the launch link specified in the policy.
JScript:
Action.LaunchLinkByName("MyLink");
VBScript:
Action.LaunchLinkByName "MyLink"
JScript:
Action.LogEvent("MyEvent", eALARM, "This is a log test message");
VBScript:
Action.LogEvent "MyEvent", eALARM, "This is a vb log test message"
Example 6-4 Details:
Pre-requisite is that logging needs to be enabled.
Asynchronous Message (displayed and script continues):
JScript:
Action.Message("Display sync message");
VBScript:
Action.Message "Display sync message"
Synchronous Message (displayed and waits for user respond before the script continues):
NOTE:nTimeoutSeconds values of -1 or 0 will NEVER timeout
nMessageType (buttons shown):
Ok/Cancel
Abort/Retry/Ignore
Yes/No/Cancel
Currently, the return value which of these buttons pressed by the user is NOT returned, so it is NOT helpful for conditional logic control.
Action.Message("Message Title Bar", nMessageType, nTimeoutSeconds);
VBScript:
Action.Message "Message Title Bar", nMessageType, nTimeoutSeconds
JScript:
Action.PauseService("lanmanworkstation");
VBScript:
Action.PauseService "lanmanworkstation"
Example 6-5 Details:
Make sure you use the actual service name, not the display name.
This API creates dialog boxes and user interfaces. It will be covered in a future revision given the complexity and need for examples.
JScript:
Action.StartService("lanmanworkstation","");
VBScript:
Action.StartService "lanmanworkstation",""
Example 6-6 Details:
Make sure you use the actual service name, not the display name.
JScript:
Action.StopService("lanmanworkstation");
VBScript:
Action.StopService "lanmanworkstation"
Example 6-7 Details:
Make sure you use the actual service name, not the display name.
JScript:
var ret = Action.CreateRegistryKey(eLOCAL_MACHINE,"Software\\Novell","Tester"); if(ret == true) Action.Trace("Create Key is Successful"); else Action.Trace("Create Key did not work"); Action.WriteRegistryDWORD(eLOCAL_MACHINE,"Software\\Novell\\Tester","val1",24); Action.WriteRegistryString(eLOCAL_MACHINE,"Software\\Novell\\Tester","val2","Novell");
VBScript:
dim ret ret = Action.CreateRegistryKey(eLOCAL_MACHINE,"Software\\Novell","Tester") if(ret = true) then Action.Trace("Create Key is Successful") else Action.Trace("Create Key did not work") end if Action.WriteRegistryDWORD eLOCAL_MACHINE,"Software\\Novell\\Tester","val1",24 Action.WriteRegistryString eLOCAL_MACHINE,"Software\\Novell\\Tester","val2","Novell"
JScript:
var ret; ret = Query.FileExistsVersion("C:","ocalco.exe",eEQUAL,"5","1","2600","0"); if(ret == 1) Action.Trace("File is Equal"); else Action.Trace("File is Not Equal");
VBScript:
dim ret ret = Query.FileExistsVersion("C:\","ocalco.exe",eEQUAL,"5","1","2600","0") if(ret = true) then Action.Trace("File is Equal") else Action.Trace("File is Not Equal") end if
NOTE:Not all files have file version information.
Script as above performed correctly.
JScript:
var adplist; var adplength; var adp; adplist = Query.GetAdapters(); adplength = adplist.Length; Action.Trace("adplength = " + adplength); if(adplength > 0) { adp = adplist.Item(0); Action.Trace("DeviceID = " + adp.DeviceID); Action.Trace("Enabled = " + adp.Enabled); Action.Trace("IP = " + adp.IP); Action.Trace("MAC = " + adp.MAC); Action.Trace("MaxSpeed = " + adp.MaxSpeed); Action.Trace("Name = " + adp.Name); Action.Trace("SubNetMask = " + adp.SubNetMask); Action.Trace("Type = " + adp.Type); }
VBScript:
dim adplist dim adplength dim adp set adplist = Query.GetAdapters() adplength = CInt(adplist.Length) Action.Trace("adplength = " & adplength) if(adplength > 0) then set adp = adplist.Item(0) Action.Trace("DeviceID = " & adp.DeviceID) Action.Trace("Enabled = " & adp.Enabled) Action.Trace("IP = " & adp.IP) Action.Trace("MAC = " & adp.MAC) Action.Trace("MaxSpeed = " & CLng(adp.MaxSpeed)) Action.Trace("Name = " & adp.Name) Action.Trace("SubNetMask = " & adp.SubNetMask) Action.Trace("Type = " & adp.Type) end if
Example 6-8 Details:
This script will get a list of adapters, the length of the list (number of adapters) and enumerate the properties of the first index in the list.
JScript:
var ret; ret = Query.GetCheckinTime(); Action.Trace("LastCheckIn = " + ret);
VBScript:
dim ret ret = Query.GetCheckinTime() Action.Trace("LastCheckIn = " & ret)
JScript:
var envdata; var envdatalength; envdatalength = Query.LocationMatchCount; Action.Trace("MatchCount = " + envdatalength); if(envdatalength > 0) { envdata = Query.GetLocationMatchData(0); Action.Trace("IP = " + envdata.IP); Action.Trace("MAC = " + envdata.MAC); Action.Trace("SSID = " + envdata.SSID); Action.Trace("Type = " + envdata.Type); }
VBScript:
dim envdata dim envdatalength envdatalength = Query.LocationMatchCount Action.Trace("MatchCount = " & envdatalength) if(envdatalength > 0) then set envdata = Query.GetLocationMatchData(0) Action.Trace("IP = " & envdata.IP) Action.Trace("MAC = " & envdata.MAC) Action.Trace("SSID = " & envdata.SSID) Action.Trace("Type = " & envdata.Type) end if
Example 6-9 Details:
This script requires an environment to be defined for a location in the policy in order to provide useful data. This script will then get the Location Match Count and if it is greater than 0, then it will enumerate the attributes for the first Location Match Data.
JScript:
var ret; ret = Query.IsAdapterTypeConnected(eWIRED); Action.Trace("IsWiredConnected = " + ret); ret = Query.IsAdapterTypeConnected(eWIRELESS); Action.Trace("IsWirelessConnected = " + ret); ret = Query.IsAdapterTypeConnected(eDIALUPCONN); Action.Trace("IsModemConnected = " + ret);
VBScript:
dim ret ret = Query.IsAdapterTypeConnected(eWIRED) Action.Trace("IsWiredConnected = " & ret) ret = Query.IsAdapterTypeConnected(eWIRELESS) Action.Trace("IsWirelessConnected = " & ret) ret = Query.IsAdapterTypeConnected(eDIALUPCONN) Action.Trace("IsModemConnected = " & ret)
JScript:
var ret = Query.IsAuthenticated(); Action.Trace("Is authenticated = " + ret);
VBScript:
dim ret ret = Query.IsAuthenticated() Action.Trace("Is authenticated = " & ret)
JScript:
var ret = Query.IsWindowsXP(); Action.Trace("Is XP = " + ret);
VBScript:
dim ret ret = Query.IsWindowsXP() Action.Trace("Is XP = " & ret)
JScript:
var ret = Query.IsWindows2000(); Action.Trace("Is Win2000 = " + ret);
VBScript:
dim ret ret = Query.IsWindows2000() Action.Trace("Is Win2000 = " & ret)
JScript:
var ret = Query.ProcessIsRunning("STEngine.exe",eEQUAL,"","","",""); Action.Trace("Is Running = " + ret);
VBScript:
dim ret ret = Query.ProcessIsRunning("STEngine.exe",eEQUAL,"","","","") Action.Trace("Is Win2000 = " & ret)
JScript:
var ret; ret = Query.RegistryKeyExists(eLOCAL_MACHINE,"Software\\Novell"); Action.Trace("Reg Key Exists = " + ret);
VBScript:
dim ret ret = Query.RegistryKeyExists(eLOCAL_MACHINE,"Software\\Novell") Action.Trace("Reg Key Exists = " & ret)
JScript:
var ret; ret = Query.RegistryKeyExists(eLOCAL_MACHINE,"Software\\Novell\\Logging"); Action.Trace("Reg Key Exists = " + ret); ret = Query.RegistryValueDWORD(eLOCAL_MACHINE,"Software\\Novell\\Logging","Enabled"); Action.Trace("Reg Value = " + ret);
VBScript:
dim ret ret = Query.RegistryKeyExists(eLOCAL_MACHINE,"Software\Novell\Logging") Action.Trace("Reg Key Exists = " & ret) ret = Query.RegistryValueDWORD(eLOCAL_MACHINE,"Software\Novell\Logging","Enabled") Action.Trace("Reg Value = " & CLng(ret))
JScript:
var ret; ret = Query.RegistryKeyExists(eLOCAL_MACHINE,"Software\\Novell\\Logging"); Action.Trace("Reg Key Exists = " + ret); ret = Query.RegistryValueExists(eLOCAL_MACHINE,"Software\\Novell\\Logging","Enabled",eDWORD); Action.Trace("Reg Value Exists = " + ret);
VBScript:
dim ret ret = Query.RegistryKeyExists(eLOCAL_MACHINE,"Software\\Novell\\Logging") Action.Trace("Reg Key Exists = " & ret) ret = Query.RegistryValueExists(eLOCAL_MACHINE,"Software\\Novell\\Logging","Enabled",eDWORD) Action.Trace("Reg Value Exists = " & ret)
JScript:
var ret; ret = Query.RegistryKeyExists(eLOCAL_MACHINE,"Software\\Novell\\Logging"); Action.Trace("Reg Key Exists = " + ret); ret = Query.RegistryValueString(eLOCAL_MACHINE,"Software\\Novell\\Logging","test"); Action.Trace("Reg Value Is = " + ret);
VBScript:
dim ret ret = Query.RegistryKeyExists(eLOCAL_MACHINE,"Software\\Novell\\Logging") Action.Trace("Reg Key Exists = " & ret) ret = Query.RegistryValueString(eLOCAL_MACHINE,"Software\\Novell\\Logging","test") Action.Trace("Reg Value Is = " & ret)
JScript:
var ret; ret = Query.LocationName; Action.Trace("Location Name = " + ret); ret = Query.LocationUuid; Action.Trace("Location Uuid = " + ret); ret = Query.MaxConnectionSpeed; Action.Trace("MaxConnectionSpeed = " + ret); ret = Query.OSServicePack; Action.Trace("OSServicePack = " + ret); ret = Query.PolicyName; Action.Trace("PolicyName = " + ret); ret = Query.PolicyTime; Action.Trace("PolicyTime = " + ret); ret = Query.PolicyUuid; Action.Trace("PolicyUuid = " + ret); ret = Query.LocationIsStamped; Action.Trace("LocationIsStamped = " + ret); ret = Query.TriggerEvent; Action.Trace("TriggerEvent = " + ret); ret = Query.TriggerEventParameter; Action.Trace("TriggerEventParameter = " + ret);
VBScript:
dim ret ret = Query.LocationName Action.Trace("Location Name = " & ret) ret = Query.LocationUuid Action.Trace("Location Uuid = " & ret) ret = Query.MaxConnectionSpeed Action.Trace("MaxConnectionSpeed = " & CLng(ret)) ret = Query.OSServicePack Action.Trace("OSServicePack = " & ret) ret = Query.PolicyName Action.Trace("PolicyName = " & ret) ret = Query.PolicyTime Action.Trace("PolicyTime = " & ret) ret = Query.PolicyUuid Action.Trace("PolicyUuid = " & ret) ret = Query.LocationIsStamped Action.Trace("LocationIsStamped = " & ret) ret = Query.TriggerEvent Action.Trace("TriggerEvent = " & ret) ret = Query.TriggerEventParameter Action.Trace("TriggerEventParameter = " & ret)
JScript:
var ret; Action.Trace("Reset Policy Change"); ret = Action.RemovableMediaState(-1, ePolicyChange); Action.Trace("RemovableMediaState = " + ret); ret = Action.CDMediaState(-1, ePolicyChange); Action.Trace("CDMediaState = " + ret); ret = Action.HDCState(eApplyGlobalSetting, eIrDA, ePolicyChange); Action.Trace("\nHDCState(eApplyGlobalSetting, eIrDA) = " + ret); ret = Action.HDCState(eApplyGlobalSetting, e1394, ePolicyChange); Action.Trace("HDCState(eApplyGlobalSetting, e1394) = " + ret); ret = Action.HDCState(eApplyGlobalSetting, eBlueTooth, ePolicyChange); Action.Trace("HDCState(eApplyGlobalSetting, eBlueTooth) = " + ret); ret = Action.HDCState(eApplyGlobalSetting, eSerialPort, ePolicyChange); Action.Trace("HDCState(eApplyGlobalSetting, eSerialPort) = " + ret); ret = Action.HDCState(eApplyGlobalSetting, eParrallelPort, ePolicyChange); Action.Trace("HDCState(eApplyGlobalSetting, eParrallelPort) = " + ret); ret = Action.WiFiDisabledState(eApplyGlobalSetting, ePolicyChange); Action.Trace("\n WiFiDisabledState = " + ret); ret = Action.WiFiDisabledWhenWiredState(eApplyGlobalSetting, ePolicyChange); Action.Trace("WiFiDisabledWhenWiredState = " + ret); ret = Action.AdHocDisabledState(eApplyGlobalSetting, ePolicyChange); Action.Trace("AdHocDisabledState = " + ret); ret = Action.AdapterBridgeDisabledState(eApplyGlobalSetting, ePolicyChange); Action.Trace("AdapterBridgeDisabledState = " + ret); ret = Action.MinimumWiFiSecurityState(eGlobalSetting, ePolicyChange); Action.Trace("MinimumWiFiSecurityState = " + ret); ret = Action.WiredDisabledState(eGlobalSetting, ePolicyChange); Action.Trace("WiredDisabledState = " + ret); ret = Action.DialupDisabledState(eGlobalSetting, ePolicyChange); Action.Trace("DialupDisabledState = " + ret); Action.Trace("Reset Location Change state"); ret = Action.RemovableMediaState(-1, eLocationChange); Action.Trace("RemovableMediaState = " + ret); ret = Action.CDMediaState(-1, eLocationChange); Action.Trace("CDMediaState = " + ret); ret = Action.HDCState(eApplyGlobalSetting, eIrDA, eLocationChange); Action.Trace("\n HDCState(eApplyGlobalSetting, eIrDA) = " + ret); ret = Action.HDCState(eApplyGlobalSetting, e1394, eLocationChange); Action.Trace("HDCState(eApplyGlobalSetting, e1394) = " + ret); ret = Action.HDCState(eApplyGlobalSetting, eBlueTooth, eLocationChange); Action.Trace("HDCState(eApplyGlobalSetting, eBlueTooth) = " + ret); ret = Action.HDCState(eApplyGlobalSetting, eSerialPort, eLocationChange); Action.Trace("HDCState(eApplyGlobalSetting, eSerialPort) = " + ret); ret = Action.HDCState(eApplyGlobalSetting, eParrallelPort, eLocationChange); Action.Trace("HDCState(eApplyGlobalSetting, eParrallelPort) = " + ret); ret = Action.WiFiDisabledState(eApplyGlobalSetting, eLocationChange); Action.Trace("\n WiFiDisabledState = " + ret); ret = Action.WiFiDisabledWhenWiredState(eApplyGlobalSetting, eLocationChange); Action.Trace("WiFiDisabledWhenWiredState = " + ret); ret = Action.AdHocDisabledState(eApplyGlobalSetting, eLocationChange); Action.Trace("AdHocDisabledState = " + ret); ret = Action.AdapterBridgeDisabledState(eApplyGlobalSetting, eLocationChange); Action.Trace("AdapterBridgeDisabledState = " + ret); ret = Action.MinimumWiFiSecurityState(eGlobalSetting, eLocationChange); Action.Trace("MinimumWiFiSecurityState = " + ret); ret = Action.WiredDisabledState(eGlobalSetting, eLocationChange); Action.Trace("WiredDisabledState = " + ret); ret = Action.DialupDisabledState(eGlobalSetting, eLocationChange); Action.Trace("DialupDisabledState = " + ret);
VBScript:
dim ret; Action.Trace("Reset Policy Change") ret = Action.RemovableMediaState(-1, ePolicyChange) Action.Trace("RemovableMediaState = " & ret) ret = Action.CDMediaState(-1, ePolicyChange) Action.Trace("CDMediaState = " & ret) ret = Action.HDCState(eApplyGlobalSetting, eIrDA, ePolicyChange) Action.Trace("\n HDCState(eApplyGlobalSetting, eIrDA) = " & ret) ret = Action.HDCState(eApplyGlobalSetting, e1394, ePolicyChange) Action.Trace("HDCState(eApplyGlobalSetting, e1394) = " & ret) ret = Action.HDCState(eApplyGlobalSetting, eBlueTooth, ePolicyChange) Action.Trace("HDCState(eApplyGlobalSetting, eBlueTooth) = " & ret) ret = Action.HDCState(eApplyGlobalSetting, eSerialPort, ePolicyChange) Action.Trace("HDCState(eApplyGlobalSetting, eSerialPort) = " & ret) ret = Action.HDCState(eApplyGlobalSetting, eParrallelPort, ePolicyChange) Action.Trace("HDCState(eApplyGlobalSetting, eParrallelPort) = " & ret) ret = Action.WiFiDisabledState(eApplyGlobalSetting, ePolicyChange) Action.Trace("\nWiFiDisabledState = " & ret) ret = Action.WiFiDisabledWhenWiredState(eApplyGlobalSetting, ePolicyChange) Action.Trace("WiFiDisabledWhenWiredState = " & ret) ret = Action.AdHocDisabledState(eApplyGlobalSetting, ePolicyChange) Action.Trace("AdHocDisabledState = " & ret) ret = Action.AdapterBridgeDisabledState(eApplyGlobalSetting, ePolicyChange) Action.Trace("AdapterBridgeDisabledState = " & ret) ret = Action.MinimumWiFiSecurityState(eGlobalSetting, ePolicyChange) Action.Trace("MinimumWiFiSecurityState = " & ret) ret = Action.WiredDisabledState(eGlobalSetting, ePolicyChange) Action.Trace("WiredDisabledState = " & ret) ret = Action.DialupDisabledState(eGlobalSetting, ePolicyChange) Action.Trace("DialupDisabledState = " & ret) Action.Trace("Reset Location Change state") ret = Action.RemovableMediaState(-1, eLocationChange) Action.Trace("RemovableMediaState = " & ret) ret = Action.CDMediaState(-1, eLocationChange) Action.Trace("CDMediaState = " & ret) ret = Action.HDCState(eApplyGlobalSetting, eIrDA, eLocationChange) Action.Trace("\nHDCState(eApplyGlobalSetting, eIrDA) = " & ret) ret = Action.HDCState(eApplyGlobalSetting, e1394, eLocationChange) Action.Trace("HDCState(eApplyGlobalSetting, e1394) = " & ret) ret = Action.HDCState(eApplyGlobalSetting, eBlueTooth, eLocationChange) Action.Trace("HDCState(eApplyGlobalSetting, eBlueTooth) = " & ret) ret = Action.HDCState(eApplyGlobalSetting, eSerialPort, eLocationChange) Action.Trace("HDCState(eApplyGlobalSetting, eSerialPort) = " & ret) ret = Action.HDCState(eApplyGlobalSetting, eParrallelPort, eLocationChange) Action.Trace("HDCState(eApplyGlobalSetting, eParrallelPort) = " & ret) ret = Action.WiFiDisabledState(eApplyGlobalSetting, eLocationChange) Action.Trace("\nWiFiDisabledState = " & ret) ret = Action.WiFiDisabledWhenWiredState(eApplyGlobalSetting, eLocationChange) Action.Trace("WiFiDisabledWhenWiredState = " & ret) ret = Action.AdHocDisabledState(eApplyGlobalSetting, eLocationChange) Action.Trace("AdHocDisabledState = " & ret) ret = Action.AdapterBridgeDisabledState(eApplyGlobalSetting, eLocationChange) Action.Trace("AdapterBridgeDisabledState = " & ret) ret = Action.MinimumWiFiSecurityState(eGlobalSetting, eLocationChange) Action.Trace("MinimumWiFiSecurityState = " & ret) ret = Action.WiredDisabledState(eGlobalSetting, eLocationChange) Action.Trace("WiredDisabledState = " & ret) ret = Action.DialupDisabledState(eGlobalSetting, eLocationChange) Action.Trace("DialupDisabledState = " & ret)
JScript:
var ret; Action.Trace("Status"); ret = Query.RemovableMediaState(); Action.Trace( "RemovableMediaState = " + ret); ret = Query.CDMediaState(); Action.Trace( "CDMediaState = " + ret); ret = Query.HDCState(eIrDA); Action.Trace("\n HDCState(eIrDA) = " + ret); ret = Query.HDCState(e1394); Action.Trace( "HDCState(e1394) = " + ret); ret = Query.HDCState(eBlueTooth); Action.Trace( "HDCState(eBlueTooth) = " + ret); ret = Query.HDCState(eSerialPort); Action.Trace( "HDCState(eSerialPort) = " + ret); ret = Query.HDCState(eParrallelPort); Action.Trace( "HDCState(eParrallelPort) = " + ret); ret = Query.IsWiFiDisabled(); Action.Trace("\n IsWiFiDisabled = " + ret); ret = Query.IsWiFiDisabledWhenWired(); Action.Trace( "IsWiFiDisabledWhenWired = " + ret); ret = Query.IsAdHocDisabled(); Action.Trace( "IsAdHocDisabled = " + ret); ret = Query.IsAdapterBridgeDisabled(); Action.Trace( "IsAdapterBridgeDisabled = " + ret); ret = Query.MinimumWiFiSecurityState(); Action.Trace( "MinimumWiFiSecurityState = " + ret); ret = Query.IsWiredDisabled(); Action.Trace( "IsWiredDisabled = " + ret); ret = Query.IsDialupDisabled(); Action.Trace( "IsDialupDisabled = " + ret);
VBScript:
dim ret; Action.Trace("Status") ret = Query.RemovableMediaState() Action.Trace( "RemovableMediaState = " & ret) ret = Query.CDMediaState() Action.Trace( "CDMediaState = " & ret) ret = Query.HDCState(eIrDA) Action.Trace("\n HDCState(eIrDA) = " & ret) ret = Query.HDCState(e1394) Action.Trace( "HDCState(e1394) = " & ret) ret = Query.HDCState(eBlueTooth) Action.Trace( "HDCState(eBlueTooth) = " & ret) ret = Query.HDCState(eSerialPort) Action.Trace( "HDCState(eSerialPort) = " & ret) ret = Query.HDCState(eParrallelPort) Action.Trace( "HDCState(eParrallelPort) = " & ret) ret = Query.IsWiFiDisabled() Action.Trace("\n IsWiFiDisabled = " & ret) ret = Query.IsWiFiDisabledWhenWired() Action.Trace( "IsWiFiDisabledWhenWired = " & ret) ret = Query.IsAdHocDisabled() Action.Trace( "IsAdHocDisabled = " & ret) ret = Query.IsAdapterBridgeDisabled() Action.Trace( "IsAdapterBridgeDisabled = " & ret) ret = Query.MinimumWiFiSecurityState() Action.Trace( "MinimumWiFiSecurityState = " & ret) ret = Query.IsWiredDisabled() Action.Trace( "IsWiredDisabled = " & ret) ret = Query.IsDialupDisabled() Action.Trace( "IsDialupDisabled = " & ret)
There are two kinds of storage in the Endpoint Security Client storage space. Persistent storage remains between sessions of the client, while transient storage exists only for the duration of the client. Transient values can be accessed in each rule script invocation. Also, persistent storage can only store and retrieve string values, while transient storage store and retrieve those values that a VARIANT can hold.
NOTE:Each script variable stored in the "secure store" is preceded by a "rule id" (one for each script). Variables that need to be shared between scripts MUST have a forward slash BEFORE the variable name in EACH "persist" function accessing them to make that variable global, or accessible, to each script:
Example - "global" variable between scripts: "boolWarnedOnPreviousLoop"
Storage.PersistValueExists("/boolWarnedOnPreviousLoop");
JScript:
var ret; Storage.SetNameValue("testval",5); ret = Storage.NameValueExists("testval"); Action.Trace("NameValueExists = " + ret); ret = Storage.GetNameValue("testval"); Action.Trace("GetNameValue = " + ret);
VBScript:
dim ret Storage.SetNameValue "testval",5 ret = Storage.NameValueExists("testval") Action.Trace("NameValueExists = " & ret) ret = Storage.GetNameValue("testval") Action.Trace("GetNameValue = " & ret)
JScript:
var ret; Storage.SetPersistString("teststr","pstring"); ret = Storage.PersistValueExists("teststr"); Action.Trace("PersistValueExists = " + ret); ret = Storage.GetPersistString("teststr"); Action.Trace("GetPersistString = " + ret);
VBScript:
dim ret Storage.SetPersistString "teststr", "pstring" ret = Storage.PersistValueExists("teststr") Action.Trace("PersistValueExists = " & ret) ret = Storage.GetPersistString("teststr") Action.Trace("GetPersistString = " & ret)
JScript:
Storage.RuleState = true; var ret = Storage.RuleState; Action.Trace("RuleState = " + ret);
VBScript:
dim ret Storage.RuleState = true ret = Storage.RuleState Action.Trace("RuleState = " & ret)
JScript:
var ret; Storage.RetrySeconds = 30; ret = Storage.RetrySeconds; Action.Trace("RetrySeconds = " + ret);
VBScript:
dim ret Storage.RetrySeconds = 30 ret = Storage.RetrySeconds Action.Trace("RetrySeconds = " & ret)
These interfaces are returned by one of the methods of the namespaces described in section 3 or by one of the methods or properties of the following interfaces.
This interface returns information about an adapter.
JScript:
var adplist; var adplength; var adp; var env; var ret; adplist = Query.GetAdapters(); adplength = adplist.Length; Action.Trace("adplength = " + adplength); if(adplength > 0) { adp = adplist.Item(0); env = adp.GetNetworkEnvironment(); ret = env.DHCPCount; Action.Trace("DHCPCount = " + ret); ret = env.DNSCount; Action.Trace("DNSCount = " + ret); ret = env.GatewayCount; Action.Trace("GatewayCount = " + ret); ret = env.WINSCount; Action.Trace("WINSCount = " + ret); }
VBScript:
dim adplist dim adplength dim adp dim env dim ret set adplist = Query.GetAdapters() adplength = adplist.Length Action.Trace("adplength = " & CInt(adplength)) if(CInt(adplength) > 0) then set adp = adplist.Item(0) set env = adp.GetNetworkEnvironment() ret = env.DHCPCount Action.Trace("DHCPCount = " & ret) ret = env.DNSCount Action.Trace("DNSCount = " & ret) ret = env.GatewayCount Action.Trace("GatewayCount = " & ret) ret = env.WINSCount Action.Trace("WINSCount = " & ret) end if
See Query Namespace - GetAdapters
See Query Namespace - GetAdapters
See Query Namespace - GetAdapters
See Query Namespace - GetAdapters
See Query Namespace - GetAdapters
See Query Namespace - GetAdapters
See Query Namespace - GetAdapters
See Query Namespace - GetAdapters
This interface returns environment data about a Server or Wireless Access Point.
See Query Namespace - GetLocationMatchData
See Query Namespace - GetLocationMatchData
See Query Namespace - GetLocationMatchData
See Query Namespace - GetLocationMatchData
This interface provides Network Environment Information.
JScript:
var adplist; var adplength; var adp; var env; var ret; var item; adplist = Query.GetAdapters(); adplength = adplist.Length; Action.Trace("adplength = " + adplength); if(adplength > 0) { adp = adplist.Item(0); env = adp.GetNetworkEnvironment(); ret = env.DHCPCount; Action.Trace("DHCPCount = " + ret); if(ret > 0) { item = env.GetDHCPItem(0); ret = item.IP; Action.Trace("IP = " + ret); } }
VBScript:
dim adplist dim adplength dim adp dim env dim ret dim item set adplist = Query.GetAdapters() adplength = adplist.Length Action.Trace("adplength = " & CInt(adplength)) if(CInt(adplength) > 0) then set adp = adplist.Item(0) set env = adp.GetNetworkEnvironment() ret = env.DHCPCount Action.Trace("DHCPCount = " & ret) if(ret > 0) then set item = env.GetDHCPItem(0) ret = item.IP Action.Trace("IP = " & ret) end if end if
JScript:
var adplist; var adplength; var adp; var env; var ret; var item; adplist = Query.GetAdapters(); adplength = adplist.Length; Action.Trace("adplength = " + adplength); if(adplength > 0) { adp = adplist.Item(0); env = adp.GetNetworkEnvironment(); ret = env.DNSCount; Action.Trace("DNSCount = " + ret); if(ret > 0) { item = env.GetDNSItem(0); ret = item.IP; Action.Trace("IP = " + ret); } }
VBScript:
dim adplist dim adplength dim adp dim env dim ret dim item set adplist = Query.GetAdapters() adplength = adplist.Length Action.Trace("adplength = " & CInt(adplength)) if(CInt(adplength) > 0) then set adp = adplist.Item(0) set env = adp.GetNetworkEnvironment() ret = env.DNSCount Action.Trace("DNSCount = " & ret) if(ret > 0) then set item = env.GetDNSItem(0) ret = item.IP Action.Trace("IP = " & ret) end if end if
JScript:
var adplist; var adplength; var adp; var env; var ret; var item; adplist = Query.GetAdapters(); adplength = adplist.Length; Action.Trace("adplength = " + adplength); if(adplength > 0) { adp = adplist.Item(0); env = adp.GetNetworkEnvironment(); ret = env.GatewayCount; Action.Trace("GatewayCount = " + ret); if(ret > 0) { item = env.GetGatewayItem(0); ret = item.IP; Action.Trace("IP = " + ret); } }
VBScript:
dim adplist dim adplength dim adp dim env dim ret dim item set adplist = Query.GetAdapters() adplength = adplist.Length Action.Trace("adplength = " & CInt(adplength)) if(CInt(adplength) > 0) then set adp = adplist.Item(0) set env = adp.GetNetworkEnvironment() ret = env.GatewayCount Action.Trace("GatewayCount = " & ret) if(ret > 0) then set item = env.GetGatewayItem(0) ret = item.IP Action.Trace("IP = " & ret) end if end if
JScript:
var adplist; var adplength; var adp; var env; var ret; var item; adplist = Query.GetAdapters(); adplength = adplist.Length; Action.Trace("adplength = " + adplength); if(adplength > 0) { adp = adplist.Item(0); env = adp.GetNetworkEnvironment(); ret = env.WINSCount; Action.Trace("WINSCount = " + ret); if(ret > 0) { item = env.GetWINSItem(0); ret = item.IP; Action.Trace("IP = " + ret); } }
VBScript:
dim adplist dim adplength dim adp dim env dim ret dim item set adplist = Query.GetAdapters() adplength = adplist.Length Action.Trace("adplength = " & CInt(adplength)) if(CInt(adplength) > 0) then set adp = adplist.Item(0) set env = adp.GetNetworkEnvironment() ret = env.WINSCount Action.Trace("WINSCount = " & ret) if(ret > 0) then set item = env.GetWINSItem(0) ret = item.IP Action.Trace("IP = " & ret) end if end if
JScript:
var adplist; var adplength; var adp; var env; var apitem; var adptype; var adpname; var apcount; var i; adplist = Query.GetAdapters(); adplength = adplist.Length; Action.Trace("adplength = " + adplength); if(adplength > 0) { for(i=0;i < adplength;i++) { adp = adplist.Item(i); adptype = adp.Type; if(adptype == eWIRELESS) { Action.Trace("Wireless index = " + i); adpname = adp.Name; Action.Trace("adp = " + adpname); env = adp.GetNetworkEnvironment(); apcount = env.WirelessAPCount; Action.Trace("WirelessAPCount = " + apcount); if(apcount > 0) { apitem = env.GetWirelessAPItem(0); Action.Trace("apitem.SSID = " + apitem.SSID); } } } }
VBScript:
dim adplist dim adplength dim adp dim env dim apitem dim adptype dim adpname dim apcount dim i set adplist = Query.GetAdapters() adplength = adplist.Length Action.Trace("adplength = " & CInt(adplength)) if(CInt(adplength) > 0) then For i = 0 To (CInt(adplength) - 1) set adp = adplist.Item(i) adptype = adp.Type if(adptype = eWIRELESS) then Action.Trace("Wireless index = " & i) adpname = adp.Name Action.Trace("adp = " & adpname) set env = adp.GetNetworkEnvironment() apcount = env.WirelessAPCount Action.Trace("WirelessAPCount = " & apcount) if(apcount > 0) then set apitem = env.GetWirelessAPItem(0) Action.Trace("apitem.SSID = " & apitem.SSID) end if end if Next end if
See ICLIENTADAPTER Interface - GetNetworkEnvironment
See ICLIENTADAPTER Interface - GetNetworkEnvironment
See ICLIENTADAPTER Interface - GetNetworkEnvironment
See ICLIENTADAPTER Interface - GetNetworkEnvironment
See ICLIENTADAPTER Interface - GetNetworkEnvironment
This interface provides information about a Wireless Access Point.
See IClientNetEnv Interface - GetWirelessAPItem
See IClientNetEnv Interface - GetWirelessAPItem
See IClientNetEnv Interface - GetWirelessAPItem
See IClientNetEnv Interface - GetWirelessAPItem
See IClientNetEnv Interface - GetWirelessAPItem
See IClientNetEnv Interface - GetWirelessAPItem
This interface is a list of adapters in the network environment.
See Query Namespace - GetAdapters