Novell Documentation: Novell SecureLogin 3.0 - SecureLogin Scripting Language

SecureLogin Scripting Language

SecureLogin scripts use symbols and variables.

Symbols

The following symbols are often used in scripts. The symbols are not commands.

Symbol	Description
""	In a script, quotation marks are used around text that is separated by spaces. The quotation marks keep the text together as a group.
#	When placed at the beginning of a line of script, the hash (pound) symbol removes the line that the symbol appears in from the action of the script. The symbol accomplishes the following: Allows comments or explanations about what is occurring in the script. Allows a line to be temporarily removed without actually being deleted. Temporarily removing the line can help you troubleshoot the script. Designates the numbers that follow the # symbol as control IDs or class numbers.

Symbol

Description

In a script, quotation marks are used around text that is separated by spaces. The quotation marks keep the text together as a group.

When placed at the beginning of a line of script, the hash (pound) symbol removes the line that the symbol appears in from the action of the script. The symbol accomplishes the following:

Allows comments or explanations about what is occurring in the script.
Allows a line to be temporarily removed without actually being deleted. Temporarily removing the line can help you troubleshoot the script.
Designates the numbers that follow the # symbol as control IDs or class numbers.

Variables

For the purposes of the script language, a variable is any identifier preceded by one of the characters %, $, !, or ?. This identifier is called the variable prefix. The variable prefix determines the type of the value and the steps that the parser should take to determine the value.

At runtime, the script parser substitutes the variable identifiers with their values. For example, the identifiers %CN, $username, and !default are substituted by the values stored as CN, username, and default.

All variables, including runtime variables, are exclusive to the application that the variable was created to work with. To access these variables from another application, you can do either of the following:

Use the SetPlat command.
Specify the application name after the variable name.

For example, ?Username secrem.exe causes the script parser to use the value of the runtime variable ?Username. SecureLogin has saved ?Username with a script to be used with the program secrem.exe.

Variable	Function	Description
%	Directory attribute	The Directory attribute instructs the parser to read a value from the current user's object in the Directory. The attribute must be a string. The attribute is read each time that the script is run.
!	Pass ticket	The ! character specifies that a one-time password should be generated. To generate a pass ticket, a DES Key and Offset are required. At runtime, the parser looks for the variables DESKEY and DESOFFSET in the application specified as the rest of the variable identifier. For example, the variable !Novell looks for the variables DESKEY and DESOFFSET in the "Novell" application. The special identifier !default reads these variables from the current application. If either DESKEY or DESOFFSET are not found, then random values are generated and saved in the designated application. Each application script has an associated symbol table. A symbol table is referenced by its application name and contains a list of variables and values that can be used in the script.
?	Runtime	A variable prefixed with the question mark character (?) is classified as a runtime variable. The variable is only valid for the life of proto.exe, unless the variable is declared as a "local" variable.
$	Symbol table	A variable prefixed with the $ character is looked up in the current application entry. If the value that was substituted also has a $ character as its first character, it is also run through the substitution engine. This only occurs once. If the symbol is not found in the current application, the user is prompted to enter the variable's value. If the user enters a value, it is substituted immediately and the value is saved.

SecureLogin supports internal variables. The script language can use these variables to

Determine what operations can be performed
Extract machine system information or network information about the local user

Variable Name	Description
?SYSVERSION	The local SecureLogin Windows agent version. This variable can be used to determine if specific support is built into the product running on the user's workstation. The format of the variable is major.minor.build (for example, 2030008, which represents v2.3.0.8).
?BROWSERTYPE (system)	Contains either Internet Explorer or Netscape* and indicates which browser the script is running in.
?SYSUSER (system)	The name of the user that was last used in the GINA or Windows 9x login panel. This variable will only be available when the SecureLogin login extension is installed.
?SYSPASSWORD (system)	The password that matches the username presented in the GINA panel. This value can only be retrieved if the SecureLogin login extension is installed in the GINA or Windows 9x login panel.
?SYSCONTEXT (system)	Lists the Novell^® NDS^® or eDirectory^TM user context as entered in the GINA or Windows 9x login panel. This variable requires the login extension to be installed.
?SYSTREE (system)	The NDS or eDirectory tree name that the user entered. This variable requires the login extension to be installed.
?SYSSERVER (system)	The name of the server that was entered in the Login GINA or Windows 9x login panel. This variable requires the login extension to be installed.
?CurrTime	Tthe running time in seconds from January 1970 to the present. This variable is used for anything that requires a time measurement (for example, to force password changes every x days).