; LOGIN.KIX
;
; Primary login script for all users on the NMRC LAN
;
; Author: Jens Meyer
; Date : 02-July-2001
;
; Revision : 3.0
; Revised at : 18-December-2001
; Platforms : Windows 9x, Windows NT 4.0, Windows 2000; start the script timer
global $STARTTIME
$STARTTIME=@TIME+'.'+@MSECS
; show the logon script window
$retcode=SETCONSOLE('SHOW')
$retcode=SETCONSOLE('FOREGROUND')
$retcode=SETOPTION('HideCursor','ON')
$retcode=SETOPTION('WrapAtEOL','ON')
$retcode=SETTITLE('Welcome to the NMRC-NT LAN - Running login script...')
BREAK ON
gosub MAIN
$retcode=runningtime()
$retcode=SETOPTION('HideCursor','OFF')
exit 0
;-----------------------------------------
; subroutine for main section of the login script
; calls multiple subroutines for diagnostic and mapping functions
;-----------------------------------------
:MAIN
; initialize global variables for the script
gosub INITIALIZE
; determine the users operating system and service pack
gosub OSDETECT
; determine the computer location (NMRC LAN, BU LAN, VPN, BU Dial-Up)
gosub LANDETECT
; display general login information
gosub GENERALINFO
; check harddisk space
gosub CHECKHDSPACE
select
case $NETWORKCONNECTION='LAN'
; the following routines are specific for computers connected to the NMRC-NT network through a LAN
; map drives based on user groups
gosub NETWORKED_DRIVES
; map drive to personal directory
gosub PERSONAL_DRIVE
; map network printers
gosub NETWORKED_PRINTERS
; clean up the temp directory
gosub CLEANTEMP
case $NETWORKCONNECTION='DIALUP'
; the following routines are specific for computers connected to the NMRC-NT network through dial-up
; map drives based on user groups
gosub NETWORKED_DRIVES
; map drive to personal directory
gosub PERSONAL_DRIVE
; map network printers
gosub NETWORKED_PRINTERS
; clean up the temp directory
gosub CLEANTEMP
case $NETWORKCONNECTION='VPN'
; the following routines are specific for computers connected to the NMRC-NT network through a VPN
; map drives based on user groups
gosub NETWORKED_DRIVES
; map drive to personal directory
gosub PERSONAL_DRIVE
; map network printers
gosub NETWORKED_PRINTERS
; clean up the temp directory
gosub CLEANTEMP
case $NETWORKCONNECTION='LOCAL'
; the following routines are specific for local computers directly connected to the NMRC-NT network
; update computer information in computer database
gosub COMPUTERINFO
; map drives based on user groups
gosub NETWORKED_DRIVES
; map drive to personal directory
gosub PERSONAL_DRIVE
; map network printers
gosub NETWORKED_PRINTERS
; update user registry settings
gosub USERREGISTRY
; set one-time registry settings
gosub ONETIMEREGISTRY
; update user-specific SPSS settings
gosub SPSS10
; clean up the temp directory
gosub CLEANTEMP
; disable autostarting of Microsoft Messenger
gosub MSMSGS
; check for update requests of programs
gosub CHECKUPDATEREQUESTS
; initialize maintenance scheduler
gosub INITMAINTENANCE
; display reboot warning if necessary
$retcode=nightlyreboot()
case 1
; undetermined connection type
$retcode=fatal('You are not allowed to connect to the NMRC-NT LAN from this computer!')
exit 65
endselect
return
;-------------------------------------
; subroutine to initialize global variables
;-------------------------------------
:INITIALIZE
global $SCRIPTVERSION, $SCRIPTDIRECTORY, $SCRIPTFUNCTIONS
global $SCRIPTINI, $SHARESINI, $PRINTERSINI, $USERREGINI, $ONETIMEREGINI, $NEWUSERSINI
global $ALERTSERVER, $LOGDIRECTORY, $ERRORLOG, $COMPUTERS, $MAINTENANCE
global $OUTPUTLINE, $OUTPUT, $SCROLLING
global $HKLM, $HKCU, $HKU, $HKCR
global $OS_LONG, $OS_SHORT, $OS_SP, $OS_ROLE
global $LOCALIPS, $VPNIPS, $DIALUPIPS, $LANIPS, $NETWORKCONNECTION
global $DISPWARNINGS, $DISPERRORS, $VERBOSE, $LOGGING, $LOGGINGFILE
global $GUESTACCESS
dim $retcode, $inivalue
cls
; set script information
$SCRIPTVERSION='3.0'
$SCRIPTDIRECTORY=@LSERVER+'\NETLOGON'
$SCRIPTFUNCTIONS=$SCRIPTDIRECTORY+'\functions.udf'
; define display parameters of the output target (screen, file)
$OUTPUTLINE=0
$OUTPUT=''
$SCROLLING=1
; define registry key constants
$HKLM='HKEY_LOCAL_MACHINE'
if @INWIN=1
$HKCU='HKEY_USERS\'+@SID
else
$HKCU='HKEY_CURRENT_USER'
endif
$HKU='HKEY_USERS\'+@SID
$HKCR='HKEY_CLASSES_ROOT'
; set global alert server variable to default value
$ALERTSERVER='REDPOINT'
; set global operating system variables
$OS_LONG=''
$OS_SHORT=''
$OS_ROLE=''
$OS_SP=''
$GUESTACCESS=1
; set initialization files
$SCRIPTINI=$SCRIPTDIRECTORY+'\login.ini'
$SHARESINI=$SCRIPTDIRECTORY+'\shares.ini'
$PRINTERSINI=$SCRIPTDIRECTORY+'\printers.ini'
$USERREGINI=$SCRIPTDIRECTORY+'\registry_user.ini'
$ONETIMEREGINI=$SCRIPTDIRECTORY+'\registry_onetime.ini'
; set log files
$LOGDIRECTORY='\\SENSEI\kixtart_maintenance$'
$ERRORLOG=$LOGDIRECTORY+'\log\errors.log'
$COMPUTERS=$LOGDIRECTORY+'\db\computers.db'
$MAINTENANCE=$LOGDIRECTORY+'\ini\maintenance_list.ini'
$NEWUSERSINI=$LOGDIRECTORY+'\ini\newusers.ini'
; set local and remote IP ranges
$LOCALIPS='128.197.181.0/24'
$VPNIPS=''
$DIALUPIPS=''
$LANIPS=''
$NETWORKCONNECTION=''
; set display options
$DISPWARNINGS=1
$DISPERRORS=1
$VERBOSE=1
$LOGGING=1
$LOGGINGFILE=lcase($LOGDIRECTORY+'log\'+@WKSTA+'_'+@USERID+'.log')
; initialize the Kixtart functions library
if exist($SCRIPTFUNCTIONS)=1
call $SCRIPTFUNCTIONS
else
? 'Cannot find Kixtart functions library '+$SCRIPTFUNCTIONS
exit 2
endif
; read initialization file
if exist($SCRIPTINI)=1
$ALERTSERVER=setinivalue($SCRIPTINI,'Domain Controller','ALERTSERVER',$ALERTSERVER)
; set initialization files
$SHARESINI=setinivalue($SCRIPTINI,'INIFiles','Shares',$SHARESINI)
$SHARESINI=fullfile($SCRIPTDIRECTORY, $SHARESINI)
$PRINTERSINI=setinivalue($SCRIPTINI,'INIFiles','Printers',$PRINTERSINI)
$PRINTERSINI=fullfile($SCRIPTDIRECTORY, $PRINTERSINI)
$USERREGINI=setinivalue($SCRIPTINI,'INIFiles','UserRegistry',$USERREGINI)
$USERREGINI=fullfile($SCRIPTDIRECTORY, $USERREGINI)
$ONETIMEREGINI=setinivalue($SCRIPTINI,'INIFiles','OneTimeRegistry',$ONETIMEREGINI)
$ONETIMEREGINI=fullfile($SCRIPTDIRECTORY, $ONETIMEREGINI)
; define log files
$LOGDIRECTORY=setinivalue($SCRIPTINI,'Logfiles','LogDirectory',$LOGDIRECTORY)
$ERRORLOG=setinivalue($SCRIPTINI,'Logfiles','Errors',$ERRORLOG)
$ERRORLOG=fullfile($LOGDIRECTORY,$ERRORLOG)
$COMPUTERS=setinivalue($SCRIPTINI,'Logfiles','Computers',$COMPUTERS)
$COMPUTERS=fullfile($LOGDIRECTORY,$COMPUTERS)
$MAINTENANCE=setinivalue($SCRIPTINI,'Logfiles','Maintenance',$MAINTENANCE)
$MAINTENANCE=fullfile($LOGDIRECTORY,$MAINTENANCE)
$NEWUSERS=setinivalue($SCRIPTINI,'Logfiles','NewUsers',$NEWUSERS)
$NEWUSERS=fullfile($LOGDIRECTORY,$NEWUSERS)
; define network IP settings
$LOCALIPS=setinivalue($SCRIPTINI,'IP Ranges','LocalIP',$LOCALIPS)
$LOCALIPS=atrim(split($LOCALIPS,','))
$VPNIPS=setinivalue($SCRIPTINI,'IP Ranges','VPNIP',$VPNIPS)
$VPNIPS=atrim(split($VPNIPS,','))
$LANIPS=setinivalue($SCRIPTINI,'IP Ranges','LANIP',$LANIPS)
$LANIPS=atrim(split($LANIPS,','))
$DIALUPIPS=setinivalue($SCRIPTINI,'IP Ranges','DialUpIP',$DIALUPIPS)
$DIALUPIPS=atrim(split($DIALUPIPS,','))
; define display settings
$DISPWARNINGS=val(setinivalue($SCRIPTINI,'Display Settings','Warning',$DISPWARNINGS))
$DISPERRORS=val(setinivalue($SCRIPTINI,'Display Settings','Error',$DISPERRORS))
$VERBOSE=val(setinivalue($SCRIPTINI,'Display Settings','Verbose',$VERBOSE))
$LOGGING=val(setinivalue($SCRIPTINI,'Display Settings','Logging',$LOGGING))
$SCROLLING=val(setinivalue($SCRIPTINI,'Display Settings','Scrolling',$SCROLLING))
else
$retcode=warning('Cannot find the login script initialization file '+$SCRIPTINI)
endif
if $LOGGING<>0
; initialize the log files
$LOGGINGFILE=lcase(fullfile($LOGDIRECTORY,'log\'+@WKSTA+'_'+@USERID+'.log'))
$retcode=redirectoutput($LOGGINGFILE,1)
$retcode=redirectoutput($OUTPUT)
if exist($LOGGINGFILE)=0
; disable logging if we cannot create the log file
$LOGGING=0
endif
endif
return
;-------------------------------------
; subroutine to map drives based on user groups
;
; Structure of the .INI file:
; [Drive letter]
; UNC = UNC name of the drive share
; GroupInclude = User groups to be included in the drive share
; CompExclude = Computers to be excluded from the drive share
; UserInclude = Users to be included in the drive share
; NetworkType = Type of network connection allowed for this share (LOCAL, LAN, VPN, DIALUP)
;-------------------------------------
:NETWORKED_DRIVES
Dim $driveletters, $drive, $unc, $persistence, $retcode, $server
Dim $GroupInclude, $CompExclude, $UserInclude, $inifile, $denyguestaccess
Dim $networktype
$inifile=$SHARESINI
if exist($inifile)
$retcode=displaytext('Connecting network shares')
$driveletters=readprofilestring($inifile,'','')
$driveletters=atrim(split($driveletters,chr(10)))
for each $drive in $driveletters
if len($drive)
$unc=readprofilestring($inifile,$drive,'UNC')
$denyguestaccess=val(readprofilestring($inifile,$drive,'DenyGuestAccess'))
if $GUESTACCESS=1 and $GUESTACCESS=$denyguestaccess
$retcode=displaytext('Guest access is not allowed to UNC '+$unc)
use $drive+':' /delete
else
$networktype=readprofilestring($inifile,$drive,'NetworkType')
$networktype=atrim(split($networktype,','))
if isinarray($NETWORKCONNECTION,$networktype)
if $VERBOSE
$retcode=displaytext('Network connection type '+$NETWORKCONNECTION+' authorized to map drive letter '+$drive)
endif
$GroupInclude=readprofilestring($inifile,$drive,'GroupInclude')
$GroupInclude=atrim(split($GroupInclude,','))
$CompExclude=readprofilestring($inifile,$drive,'CompExclude')
$CompExclude=atrim(split($CompExclude,','))
$UserInclude=readprofilestring($inifile,$drive,'UserInclude')
$UserInclude=atrim(split($UserInclude,','))
if isincluded($GroupInclude, $CompExclude, $UserInclude)
$persistence=0
$retcode=mapdrive($drive,$unc,$persistence)
endif
else
$retcode=displaytext('Network connection type '+$NETWORKCONNECTION+' not authorized to map drive letter '+$drive+' to '+$unc)
endif
endif
endif
next
else
$retcode=warning('Cannot open shares initialization file '+$SHARESINI)
endif
return
;-------------------------------------
; subroutine to map drive to personal directory
;-------------------------------------
:PERSONAL_DRIVE
Dim $drive, $unc, $retcode
$retcode=displaytext('Connecting personal share')
$drive='P'
$unc='\\SENSEI\'+@USERID+'$$'
$retcode=mapdrive($drive,$unc,0)
; check whether mapping was successful
if not exist($drive+':\')
$retcode=writeprofilestring($NEWUSERSINI,@USERID,'CreateUserDir',1)
endif
return
;-------------------------------------
; map drives based on user groups
;
; Structure of the .INI file:
; [Printer name]
; Printserver = Name of the printserver (might be comma-delimited for redundancy)
; GroupInclude = User groups to be included in the printer connection
; Model = Model of the printer
;-------------------------------------
:NETWORKED_PRINTERS
Dim $printerlist, $printername, $printserver, $printmodel
Dim $GroupInclude, $CompExclude, $UserInclude
if @INWIN=1
if exist($PRINTERSINI)=1
$retcode=displaytext('Connecting network printers')
$printerlist=readprofilestring($PRINTERSINI,'','')
$printerlist=atrim(split($printerlist,chr(10)))
for each $printername in $printerlist
if len($printername)
$GroupInclude=readprofilestring($PRINTERSINI,$printername,'GroupInclude')
$GroupInclude=atrim(split($GroupInclude,','))
$CompExclude=readprofilestring($PRINTERSINI,$printername,'CompExclude')
$CompExclude=atrim(split($CompExclude,','))
$UserInclude=readprofilestring($PRINTERSINI,$printername,'UserInclude')
$UserInclude=atrim(split($UserInclude,','))
if isincluded($GroupInclude, $CompExclude, $UserInclude)
$printserver=readprofilestring($PRINTERSINI,$printername,'Printserver')
$printserver=atrim(split($printserver,','))
$printmodel=readprofilestring($PRINTERSINI,$printername,'Model')
$retcode=mapprinter($printername,$printserver,$printmodel)
endif
endif
next
else
$retcode=warning('Cannot open printer initialization file '+$PRINTERSINI)
endif
else
$retcode=displaytext('Automatic printer installation is not supported under '+@PRODUCTTYPE)
endif
return
;-------------------------------------
; subroutine to update the user registry
;-------------------------------------
:USERREGISTRY
dim $userprofile
if @INWIN=1
$userprofile=readvalue($HKLM+'\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Profilelist\'+@SID,'ProfileimagePath')
$userprofile=fullfile(expandenvironmentvars($userprofile),'ntuser.dat')
if not exist($userprofile)
$retcode=displaytext('User profile for user '+@USERID+' does not exist')
return
endif
endif
$retcode=displaytext('Verifying mandatory user registry settings')
$retcode=processregini($USERREGINI)
return
;-------------------------------------
; subroutine to clean up the temp directory
;-------------------------------------
:CLEANTEMP
Dim $retcode, $fileage, $tempfolders[2], $folder, $filter[10], $inivalue, $filterlist, $inientry, $filtercount
; set default fileage
$fileage=7
; set default filters
$filter[0]='_*.*'
$filter[1]='*.tmp'
$filter[2]='~*.*'
$filter[3]='vbe'
$filter[4]='*.exd'
$filter[5]='Acrobat Distiller 5'
$filter[6]='*.log'
$filter[7]='{*}.*'
$filter[8]='*.tmp.gif'
$filter[9]='cddb'
$filter[10]='*.dir'
; set default temporary folders
$tempfolders[0]=expandenvironmentvars('%%TEMP%%')
$tempfolders[1]=fullfile(expandenvironmentvars('%%WINDIR%%'),'temp')
$tempfolders[2]='c:\temp'
; load specific settings from .INI file
if exist($SCRIPTINI)
$inivalue=readprofilestring($SCRIPTINI,'Tempfiles','Fileage')
if $inivalue<>''
$fileage=val($inivalue)
endif
$filterlist=readprofilestring($SCRIPTINI,'TempFiles','')
$filterlist=atrim(split($filterlist,chr(10)))
$filtercount=0
for each $inientry in $filterlist
if left($inientry,6)='Filter'
$inivalue=trim(readprofilestring($SCRIPTINI,'Tempfiles',$inientry))
redim preserve $filter[$filtercount]
$filter[$filtercount]=$inivalue
$filtercount=$filtercount+1
endif
next
endif
; get the temporary directory in user profile
if @INWIN=1
$folder=readvalue($HKLM+'\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\'+@SID,'ProfileImagePath')
$folder=fullfile(expandenvironmentvars($folder),'Local Settings\Temp')
if exist($folder)
redim preserve $tempfolders[ubound($tempfolders)+1]
$tempfolders[ubound($tempfolders)]=$folder
endif
endif
$retcode=displaytext('Cleaning up temporary directory')
$retcode=cleantempfiles($tempfolders,$filter,$fileage)
return
;-------------------------------------
; subroutine to remove the autostart of Microsoft Messenger service
;-------------------------------------
:MSMSGS
Dim $retcode, $regsubkey, $regentry, $regvalue
$regsubkey=$HKCU+'SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
$regentry='MSMSGS'
$regvalue=readvalue($regsubkey,$regentry)
if $regvalue<>''
$retcode=displaytext('Removing the Microsoft Messenger autostart option')
$retcode=delvalue($regsubkey,$regentry)
$retcode=err('Error deleting registry value '+regsubkey+'\'+$regvalue)
endif
return
;-------------------------------------
; subroutine to check for administrative update requests
;-------------------------------------
:CHECKUPDATEREQUESTS
Dim $retcode, $messagetext, $askforinstall
; schedule IE update in maintenance_server.ini file
if $VERBOSE
$retcode=displaytext('Check for Internet Explorer update request')
endif
$askforinstall=val(trim(readprofilestring($MAINTENANCE,@WKSTA,'RequestUpdateIE')))
if $askforinstall=1 and @ERROR=0
$retcode=requestinstall('Internet Explorer 5.5 Service Pack 2')
if $retcode
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'RequestUpdateIE','')
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'UpdateIE',1)
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'NightlyReboot',1)
if $VERBOSE
$retcode=displaytext('Internet Explorer update request granted')
endif
else
$retcode=warning('Internet Explorer update request declined')
endif
else
if $VERBOSE
$retcode=displaytext('Internet Explorer is up-to-date')
endif
endif
; schedule IE update in maintenance_server.ini file
if $VERBOSE
$retcode=displaytext('Check for Windows Installer update request')
endif
$askforinstall=val(trim(readprofilestring($MAINTENANCE,@WKSTA,'RequestInstallMSIExec')))
if $askforinstall=1 and @ERROR=0
$retcode=requestinstall('Windows Installer v2.0')
if $retcode
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'RequestInstallMSIExec','')
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'InstallMSIExec',1)
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'NightlyReboot',1)
if $VERBOSE
$retcode=displaytext('Windows Installer update request granted')
endif
else
$retcode=warning('Windows Installer update request declined')
endif
else
if $VERBOSE
$retcode=displaytext('Windows Installer is up-to-date')
endif
endif
; schedule NAV update in maintenance_server.ini file
if $VERBOSE
$retcode=displaytext('Check for Symantec Norton AntiVirus update request')
endif
$askforinstall=val(trim(readprofilestring($MAINTENANCE,@WKSTA,'RequestInstallNAV')))
if $askforinstall=1 and @ERROR=0
$retcode=requestinstall('Symantec Norton Antivirus 7.0')
if $retcode
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'RequestInstallNAV','')
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'InstallNAV',1)
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'NightlyReboot',1)
if $VERBOSE
$retcode=displaytext('Symantec Norton AntiVirus update request granted')
endif
else
$retcode=warning('Symantec Norton AntiVirus update request declined')
endif
else
if $VERBOSE
$retcode=displaytext('Symantec Norton AntiVirus is up-to-date')
endif
endif
if $VERBOSE
$retcode=displaytext('Check for Microsoft Office components update request')
endif
; schedule networked Microsoft Project components update in maintenance_list.ini file
$askforinstall=val(trim(readprofilestring($MAINTENANCE,@WKSTA,'RequestInstallProject')))
if $askforinstall=1 and @ERROR=0
$retcode=requestinstall('networked Microsoft Project 2000 components')
if $retcode
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'RequestInstallProject','')
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'InstallProject',1)
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'NightlyReboot',1)
if $VERBOSE
$retcode=displaytext('Networked Microsoft Project 2000 components update request granted')
endif
else
$retcode=warning('Networked Microsoft Project 2000 components update request declined')
endif
else
if $VERBOSE
$retcode=displaytext('Networked Microsoft Project 2000 components are up-to-date')
endif
endif
; schedule networked Microsoft Publisher components update in maintenance_list.ini file
$askforinstall=val(trim(readprofilestring($MAINTENANCE,@WKSTA,'RequestInstallPublisher')))
if $askforinstall=1 and @ERROR=0
$retcode=requestinstall('networked Microsoft Publisher 2000 components')
if $retcode
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'RequestInstallPublisher','')
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'InstallPublisher',1)
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'NightlyReboot',1)
if $VERBOSE
$retcode=displaytext('Networked Microsoft Publisher 2000 components update request granted')
endif
else
$retcode=warning('Networked Microsoft Publisher 2000 components update request declined')
endif
else
if $VERBOSE
$retcode=displaytext('Networked Microsoft Publisher 2000 components are up-to-date')
endif
endif
; schedule networked Microsoft Visio components update in maintenance_list.ini file
$askforinstall=val(trim(readprofilestring($MAINTENANCE,@WKSTA,'RequestInstallVisio')))
if $askforinstall=1 and @ERROR=0
$retcode=requestinstall('networked Microsoft Visio 2002 components')
if $retcode
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'RequestInstallVisio','')
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'InstallVisio',1)
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'NightlyReboot',1)
if $VERBOSE
$retcode=displaytext('Networked Microsoft Visio 2002 components update request granted')
endif
else
$retcode=warning('Networked Microsoft Visio 2002 components update request declined')
endif
else
if $VERBOSE
$retcode=displaytext('Networked Microsoft Visio 2002 components are up-to-date')
endif
endif
return
;-------------------------------------
; subroutine to update one-time registry settings
;-------------------------------------
:ONETIMEREGISTRY
Dim $retcode, $currentregvalue, $regvalue, $regsubkey, $regentry, $regtype, $userprofile
if not exist($ONETIMEREGINI)
$retcode=err('Cannot find file '+$ONETIMEREGINI)
return
endif
$regsubkey=$HKCU+'\Software\Kixtart'
$regentry='DefaultRegistrySettings'
$regvalue=getfiletime($ONETIMEREGINI)
$regtype='REG_SZ'
if not keyexist($regsubkey)
if $VERBOSE
$retcode=displaytext('Adding registry key '+$regsubkey)
endif
$retcode=addkey($regsubkey)
$retcode=err('Error creating registry key '+$regsubkey)
endif
$currentregvalue=readvalue($regsubkey, $regentry)
if $currentregvalue<>$regvalue
$userprofile=readvalue($HKLM+'\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Profilelist\'+@SID,'ProfileImagePath')
$userprofile=fullfile(expandenvironmentvars($userprofile),'ntuser.dat')
select
case @inwin=1 and (not exist($userprofile))
$retcode=displaytext('File '+$userprofile+' does not exist')
case 1
$retcode=displaytext('Verifying default user registry settings')
$retcode=processregini($ONETIMEREGINI)
if @ERROR
$retcode=err('Error processing one-time registry settings')
else
if $VERBOSE
$retcode=displaytext('Setting registry key '+$regsubkey+'\'+$regentry+' to '+$regvalue)
endif
$retcode=writevalue($regsubkey,$regentry,$regvalue,$regtype)
endif
endselect
else
if $VERBOSE
$retcode=displaytext('One-time registry settings are up-to-date')
endif
endif
return
;-------------------------------------
; subroutine to update user-specific SPSS10 settings
;-------------------------------------
:SPSS10
Dim $retcode, $regvalue, $regsubkey, $regentry, $regvaluecorrect, $spss10initfile
$regsubkey=$HKCU+'\Software\SPSS\SPSS for Windows\10.1\Setup'
$regentry='CustomerName'
$regvaluecorrect='NeuroMuscular Research Center'
$spss10initfile='w:\spss10.1\nmrcnewuser.bat'
$regvalue=readvalue($regsubkey, $regentry)
if $regvalue<>$regvaluecorrect or @ERROR
if exist($spss10initfile)
$retcode=displaytext('Updating user-specific SPSS 10.1 settings')
$retcode=runonce('SPSS10Setup',$spss10initfile)
endif
endif
return
;-------------------------------------
; subroutine to determine the computer location (NMRC LAN, BU LAN, VPN, WAN)
;-------------------------------------
:LANDETECT
Dim $compips[4], $compip, $accesslog
$compips[0]=@IPADDRESS0
$compips[1]=@IPADDRESS1
$compips[2]=@IPADDRESS2
$compips[3]=@IPADDRESS3
$accesslog=fullfile($LOGDIRECTORY,'access\'+substr(@date,1,4)+substr(@date,6,2)+substr(@date,9,2)+'.log')
for each $compip in $compips
if $compip<>''
select
case isiniprange($compip,$LOCALIPS)
$NETWORKCONNECTION='LOCAL'
$retcode=writeprofilestring($accesslog,$NETWORKCONNECTION,@TIME,@USERID+' from '+@WKSTA)
return
case isiniprange($compip,$DIALUPIPS)
$NETWORKCONNECTION='DIALUP'
$retcode=writeprofilestring($accesslog,$NETWORKCONNECTION,@TIME,@USERID+' from '+@WKSTA)
return
case isiniprange($compip,$LANIPS)
$NETWORKCONNECTION='LAN'
$retcode=writeprofilestring($accesslog,$NETWORKCONNECTION,@TIME,@USERID+' from '+@WKSTA)
return
case isvpnconnection($VPNIPS)
if ingroup('VPN Users')
$NETWORKCONNECTION='VPN'
$retcode=writeprofilestring($accesslog,$NETWORKCONNECTION,@TIME,@USERID+' from '+@WKSTA)
return
else
$retcode=messagebox('You are not authorized to access the NMRC-NT LAN through a VPN connection. Please contact the Systems Administrator for permission. Access attempt has been logged!','Unauthorized access to the NMRC-NT LAN',16,60)
$retcode=fatal()
exit 65
endif
endselect
endif
next
; a valid IP address could not be identified
$retcode=fatal()
exit 65
return
;-------------------------------------
; subroutine to initialize computer maintenance
;-------------------------------------
:INITMAINTENANCE
Dim $retcode, $schedulertype, $scheduler, $computerlist
Dim $regsubkey, $regentry, $regvalue, $regtype, $regstart
$retcode=displaytext('Initializing computer maintenance')
if exist($COMPUTERS)=0
$retcode=displaytext('NMRC computer database is offline')
return
endif
$computerlist=readprofilestring($COMPUTERS,'','')
$computerlist=atrim(split($computerlist,chr(10)))
if isinarray(@WKSTA,$computerlist)=0
; if computer not in database then don't schedule maintenance
return
endif
select
case $OS_SHORT='WinXP'
; not implemented yet
case $OS_SHORT='WinNT' or $OS_SHORT='Win2K'
; schedule the maintenance script through the task scheduler
$schedulertype=readprofilestring($MAINTENANCE,@WKSTA,'Scheduler')
$regsubkey='HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule'
$regentry='DisplayName'
$regstart='Start'
$scheduler=readvalue($regsubkey,$regentry)
$regstart=val(readvalue($regsubkey,$regstart))
if $scheduler<>$schedulertype or $scheduler=''
select
case $scheduler='Task Scheduler'
; running a correct version of the task scheduler
case $scheduler='Schedule'
; running a correct but old version of the task scheduler
$retcode=displaytext('Computer is running outdated scheduler service!')
$retcode=sendalert($ALERTSERVER,@WKSTA+' is running an outdated scheduler service.'+chr(10)+'Please install Microsoft Internet Explorer 5.5SP2!')
case $regstart=2
$scheduler='Schedule'
; running a correct but old version of the task scheduler
$retcode=displaytext('Computer is running outdated scheduler service!')
$retcode=sendalert($ALERTSERVER,@WKSTA+' is running an outdated scheduler service.'+chr(10)+'Please install Microsoft Internet Explorer 5.5SP2!')
case 1
; no approved scheduler present
$scheduler=''
$retcode=warning('The scheduler service cannot be found!')
$retcode=sendalert($ALERTSERVER,@WKSTA+' is not running an approved scheduler service.'+chr(10)+'Please install Microsoft Internet Explorer 5.5SP2!')
endselect
$retocde=displaytext('Updating scheduler type in maintenance list to '+$scheduler)
$retcode=writeprofilestring($MAINTENANCE,@WKSTA,'Scheduler',$scheduler)
endif
case $OS_SHORT='Win9x'
; run the maintenance script through the RUNONCE registry key
$regsubkey=$HKLM+'\Software\Kixtart'
$regentry='Kixtart Maintenance'
$regvalue=@DATE
$regtype='REG_SZ'
if readvalue($regsubkey,$regentry)<>$regvalue
$retcode=displaytext('Scheduling Kixtart maintenance script')
copy fullfile($LOGDIRECTORY,'maintenance_client.bat') expandenvironmentvars('%WINDIR%')
$retcode=updateregistry($regsubkey,$regentry,$regvalue,$regtype,0)
$regentry='Kixtart Maintenance'
$regvalue='maintenance_client.bat'
$retcode=runonce($regentry,$regvalue,1)
endif
endselect
return
;-------------------------------------
; subroutine to update the computer info database with the values for
; MAC adress, OS type, IP adress, diskspace
;-------------------------------------
:COMPUTERINFO
Dim $retcode, $section, $key, $value, $alert_message, $new_entry, $computerlist
Dim $mbmessage, $mbtitle
if exist($LOGDIRECTORY)
$retcode=displaytext('Checking NMRC computer database')
$section=@WKSTA
; check if database exists
if exist($COMPUTERS)=0
$retcode=displaytext('Initializing NMRC computer database')
$retcode=writeprofilestring($COMPUTERS,'NMRC Computer Database','Initialized',@DATE)
$retcode=err('Failed to initialize NMRC computer database')
endif
; check if computer exist in database
$new_entry=0;
$computerlist=readprofilestring($COMPUTERS,'','')
$computerlist=atrim(split($computerlist,chr(10)))
if isinarray($section,$computerlist)=0
$mbmessage='Would you like to fully integrate this computer into the NMRC-NT LAN?'+chr(10)+chr(10)
$mbmessage=$mbmessage+'If you answer "YES" security settings on this computer will be modified and '
$mbmessage=$mbmessage+'client components for network applications will be configured. Additionally, certain '
$mbmessage=$mbmessage+'applications like Symantec Norton AntiVirus will be installed on this computer.'+chr(10)+chr(10)
$mbmessage=$mbmessage+'If you answer "NO" your computer will not be modified and you will not be able '
$mbmessage=$mbmessage+'to run network applications.'
$mbtitle='Join the NMRC-NT local area network?'
$retcode=messagebox($mbmessage,$mbtitle,4+16+256,300)
if $retcode=6
; computer will be added to database
$alert_message='The computer '+$section+' has been added to the NMRC computer database'
$retcode=displaytext($alert_message)
$retcode=sendalert($ALERTSERVER,$alert_message)
$new_entry=1
else
$retcode=displaytext('Request to integrate '+@WKSTA+' into the domain has been declined.')
return
endif
endif
; disable guest access since computer is in database
$GUESTACCESS=0
; write/update the DNS name
$key='Hostname'
$value=@HOSTNAME
$retcode=checkdatabase($section, $key, $value, $new_entry)
; write/update the MAC address
$key='MAC Address'
$value=@ADDRESS
$retcode=checkdatabase($section, $key, $value, $new_entry)
; write/update the operating system kernel descriptor
$key='OS Kernel'
$value=$OS_SHORT
$retcode=checkdatabase($section, $key, $value, $new_entry)
; write/update the operating system descriptor
$key='Operating System'
$value=$OS_LONG
$retcode=checkdatabase($section, $key, $value, $new_entry)
; write/update primary IP address
$key='IP Address 0'
$value=@IPADDRESS0
$retcode=checkdatabase($section, $key, $value, $new_entry)
else
$retcode=warning('Cannot access the NMRC computer database file'+$COMPUTERS)
endif
return
;-------------------------------------
; subroutine to detect the operating system and service pack
;-------------------------------------
:OSDETECT
Dim $operatingsystem, $retcode, $sp_required
$operatingsystem=osid()
$OS_LONG=$operatingsystem[0]
$OS_SHORT=$operatingsystem[1]
$OS_ROLE=$operatingsystem[2]
$OS_SP=val($operatingsystem[3])
if $OS_SHORT='WinXP'
$retcode=sendalert($ALERTSERVER,'Computer '+@WKSTA+' is running an unapproved operating system!'+chr(10+chr(10)+'Operating system:'+$OS_LONG+chr(10)+'Username: '+@USERID)
$retcode=logoff(1)
endif
; check for correct service pack level
if exist($SCRIPTINI)
$sp_required=val(readprofilestring($SCRIPTINI,'Service Packs',$OS_SHORT))
$retcode=err('Error reading required service pack level for '+$OS_SHORT+' in file '+$SCRIPTINI)
if $sp_required
if $OS_SP<>$sp_required
$retcode=warning('Computer '+@WKSTA+' is running the outdated service pack '+$OS_SP+' on '+$OS_LONG)
$retcode=sendalert($ALERTSERVER,'Computer '+@WKSTA+' is running the outdated service pack '+$OS_SP+' instead of service pack '+$sp_required+' under '+$OS_SHORT)
endif
endif
else
$retcode=warning('Cannot find file '+$SCRIPTINI)
endif
return
;-------------------------------------
; subroutine to display general login information
;-------------------------------------
:GENERALINFO
Dim $retcode
; display the login window title
$retcode=SETTITLE('Welcome to the NMRC-NT LAN - Running login script...')
; display the LAN script version
$retcode=displaytext('NMRC LAN Script V'+$SCRIPTVERSION+' running under KixTart V'+@KIX,'w/r')
; display the complete OS information
$retcode=displaytext('Kernel Version : '+$OS_SHORT)
$retcode=displaytext(' OS Version : '+$OS_LONG)
$retcode=displaytext(' OS Role : '+$OS_ROLE)
if $OS_SP
$retcode=displaytext(' Service Pack : '+$OS_SP)
endif
; display the user information
$retcode=displaytext(' User ID : '+@USERID)
$retcode=displaytext(' Full Name : '+@FULLNAME)
$retcode=displaytext(' Privilege : '+@PRIV)
$retcode=displaytext(' Domain : '+@DOMAIN)
$retcode=displaytext(' Logon Server : '+@LSERVER)
$retcode=displaytext(' Network Type : '+$NETWORKCONNECTION)
; display additional script information
if $VERBOSE
$retcode=displaytext(' Login INI : '+$SCRIPTINI)
$retcode=displaytext(' Shares INI : '+$SHARESINI)
$retcode=displaytext(' Printers INI : '+$PRINTERSINI)
$retcode=displaytext(' User Reg INI : '+$USERREGINI)
$retcode=displaytext(' One-Time INI : '+$ONETIMEREGINI)
endif
return
;-------------------------------------
; subroutine to check harddisk space
;-------------------------------------
:CHECKHDSPACE
Dim $retcode, $hdspace, $warntitle, $warnmsg
$retcode=displaytext('Checking available harddisk space')
$hdspace=val(diskspace()/1000)
select
case $hdspace<50
$HDSPACEWARNING=1
$warnmsg='Diskspace on computer '+@WKSTA+' is critically low. Harddisk space dropped below '+$hdspace+'MB.'
$retcode=sendalert($ALERTSERVER,$warnmsg)
$warnmsg=$warnmsg+chr(10)
$warnmsg=$warnmsg+'This computer displayed a warning multiple times!'+chr(10)
$warnmsg=$warnmsg+'You will no longer be able to log into this computer!'+chr(10)
$warnmsg=$warnmsg+'Please notify the Systems Administrator!'
if @INWIN=1
$retcode=sendmessage(@WKSTA,$warnmsg)
;if @PRIV<>'ADMIN'
; $retcode=logoff(0)
;endif
else
$warntitle='Harddisk space dropped below '+$hdspace+'MB.'
$retcode=messagebox($warnmsg,$warntitle,16,0)
endif
case $hdspace<100
$HDSPACEWARNING=1
$warnmsg='Diskspace on computer '+@WKSTA+' is critically low. Harddisk space dropped below '+$hdspace+'MB.'
$retcode=sendalert($ALERTSERVER,$warnmsg)
$warnmsg=$warnmsg+chr(10)
$warnmsg=$warnmsg+'Proper functionality of this computer will be impaired.'+chr(10)
$warnmsg=$warnmsg+'The Systems Administrator has been notified!'
if @INWIN=1
$retcode=sendmessage(@WKSTA,$warnmsg)
else
$warntitle='Harddisk space dropped below '+$hdspace+'MB.'
$retcode=messagebox($warnmsg,$warntitle,16,0)
endif
case $hdspace<200
$HDSPACEWARNING=1
$warntitle='Harddisk space dropped below '+$hdspace+'MB.'
$warnmsg='Harddisk space dropped below '+$hdspace+'MB. Please clean up your files.'+chr(10)
$warnmsg=$warnmsg+'If you do not clean up, non-essential files will be deleted automatically!'
if @INWIN=1
$retcode=sendmessage(@WKSTA,$warnmsg)
else
$retcode=messagebox($warnmsg,$warntitle,16,0)
endif
endselect
return