OPSI DokuWiki

User Tools

Site Tools

Trace:
userspace:winst32_preproc.exe

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
userspace:winst32_preproc.exe [2019/10/25 16:18]
pandel [Files] 		userspace:winst32_preproc.exe [2021/08/23 08:37] (current)
Line 5: Line 5:
 At the moment it is capable of: At the moment it is capable of:
   * Checking registry values before starting WINST as a action precondition   * Checking registry values before starting WINST as a action precondition
 +  * Checking list of running processes before starting WINST as a action precondition
   * Setting registry values before and/or after starting WINST   * Setting registry values before and/or after starting WINST
   * Logging current product configuration of the client and the action request(s) being processed   * Logging current product configuration of the client and the action request(s) being processed
  
-[[winst32_preproc.exe#Example|Example configuration and description]]+**But beware:**
  
-__**BUT BEWARE - DONT' BREAK YOUR ENVIRONMENT:**__ +__**It is ABSOLUTELY NOT meant as a complete replacement for the allmighty winst32.exe that everybody knows or as a new installing mechanism!**__
- +
-__**THIS is ABSOLUTELY NO replacement for the allmighty winst32.exe!**__+
  
 __**THIS IS NOT FOR THE FAINT-HEARTED AND YOU SHOULD BE ABSOLUTELY SURE OF WHAT YOU ARE DOING! I WILL NOT GIVE ANY IN-DEPTH EXPLANATION FOR THE NEWBY USERS!**__ __**THIS IS NOT FOR THE FAINT-HEARTED AND YOU SHOULD BE ABSOLUTELY SURE OF WHAT YOU ARE DOING! I WILL NOT GIVE ANY IN-DEPTH EXPLANATION FOR THE NEWBY USERS!**__
Line 28: Line 27:
 v1.0, Tested with Windows 10 x64 1809 Enterprise v1.0, Tested with Windows 10 x64 1809 Enterprise
  --- //[[holger.pandel@googlemail.com|pandel]] 2019/10/25 13:52//  --- //[[holger.pandel@googlemail.com|pandel]] 2019/10/25 13:52//
 +
 +v1.1, Tested with Windows 10 x64 1809 Enterprise
 + --- //[[holger.pandel@googlemail.com|pandel]] 2019/10/28 15:00//
  
 ==== Motivation ==== ==== Motivation ====
Line 41: Line 43:
 The preprocssor is run instead of the original winst32.exe via opsiclientd and takes control over the execution of winst32.exe based on registry checks itself. It acts as a wrapper to winst32.exe. The preprocssor is run instead of the original winst32.exe via opsiclientd and takes control over the execution of winst32.exe based on registry checks itself. It acts as a wrapper to winst32.exe.
 Everything is controlled via a single configuration file. Everything is controlled via a single configuration file.
 +
 +You can create an example configuration file in the same directory by running winst32_preproc.exe without any command line parameter.
  
 === Where to install === === Where to install ===
Line 71: Line 75:
 <code text> <code text>
 ------------------------------------------------------------------------------------------------------------------ ------------------------------------------------------------------------------------------------------------------
-winst32_preproc (MIT licensed) v1.0.0.0 Command Line+winst32_preproc (MIT licensed) v1.1.0.0 Command Line
  
 Available command line options: Available command line options:
Line 97: Line 101:
   * opsi config service url: https://192.168.10.10:4447/rpc   * opsi config service url: https://192.168.10.10:4447/rpc
  
-Now execute a test run and get detailed information on the console like so: 
 <code text> <code text>
 winst32_preproc.exe -d -t -f="C:\Program Files (x86)\opsi.org\opsi-client-agent\\opsi-winst\\winst32.exe" -s=https://192.168.10.10:4447/rpc -c=testclient.opsinet.local -u=testclient.opsinet.local -p=5f5efffffa26fe90473a734f1da68fed winst32_preproc.exe -d -t -f="C:\Program Files (x86)\opsi.org\opsi-client-agent\\opsi-winst\\winst32.exe" -s=https://192.168.10.10:4447/rpc -c=testclient.opsinet.local -u=testclient.opsinet.local -p=5f5efffffa26fe90473a734f1da68fed
 </code> </code>
  
-**NOTE: the path to winst32.exe must be correct, otherwise the programm will not do anything.**+**NOTE: the path to winst32.exe must be the right one, otherwise he programm will not do anything.**
  
  
 ==== The configuration: winst32_preproc.ini ==== ==== The configuration: winst32_preproc.ini ====
  
-The structure of the configuration file is rather simple. It consists of three blocks:+The structure of the configuration file is rather simple. It consists of five blocks: 
 +  * general - logging configuration and version information
   * registry_check - registry value(s) that should be checked to decide if winst32.exe is being executed   * registry_check - registry value(s) that should be checked to decide if winst32.exe is being executed
   * registry_pre - registry value(s) that should be set BEFORE winst32.exe is being executed   * registry_pre - registry value(s) that should be set BEFORE winst32.exe is being executed
   * registry_post - registry value(s) that should be set AFTER winst32.exe is being executed   * registry_post - registry value(s) that should be set AFTER winst32.exe is being executed
 +  * process_check - list of processes that should be checked to decide if winst32.exe is being executed
  
 === How the blocks work === === How the blocks work ===
Line 117: Line 122:
  
 The keys and values you specify here will be checked for their existance AND values. They a treated as ONE single result, that means, if you specify multiple values to check for and one (ore more) values cannot be read or found, this check is considered "failed" and winst32.exe execution will be prevented. The keys and values you specify here will be checked for their existance AND values. They a treated as ONE single result, that means, if you specify multiple values to check for and one (ore more) values cannot be read or found, this check is considered "failed" and winst32.exe execution will be prevented.
 +
 +== process_check ==
 +
 +The process names you specify here will be checked if they are running. They a treated as ONE single result, that means, if you specify multiple process names to check for and one (ore more) will found, this check is considered "failed" and winst32.exe execution will be prevented.
  
 == registry_pre / registry_post == == registry_pre / registry_post ==
Line 123: Line 132:
  
 == Configuration values == == Configuration values ==
 +
 +__Registry checks__
  
 A configuration entry like  A configuration entry like 
Line 161: Line 172:
   * REG_DWORD   * REG_DWORD
   * (REG_MULTI_SZ can be specified, but you are only able to read or set the first element, so it is not very useful here.)   * (REG_MULTI_SZ can be specified, but you are only able to read or set the first element, so it is not very useful here.)
 +
 +__Process checks__
 +
 +Process checks are much simpler:
 +
 +A line like
 +<code text>proc1=winword.exe</code>
 +will check, if winword.exe is found in the list of active processes.
    
  === Example ===  === Example ===
Line 166: Line 185:
 <file ini winst32_preproc.ini> <file ini winst32_preproc.ini>
 [general] [general]
 +version=1.1.0.0
 logInstalled=1 logInstalled=1
 logActions=1 logActions=1
Line 183: Line 203:
 reg2=HKLM|64|SOFTWARE\opsi.org\Winst|Active|0|REG_SZ reg2=HKLM|64|SOFTWARE\opsi.org\Winst|Active|0|REG_SZ
 reg3=HKLM|32|SOFTWARE\Somewhere\Else|SomeOtherValue|50|REG_DWORD reg3=HKLM|32|SOFTWARE\Somewhere\Else|SomeOtherValue|50|REG_DWORD
 +
 +[process_check]
 +count=1
 +proc1=svchost.exe
 </file> </file>
  
Line 189: Line 213:
 //DON'T delete a block to disable it!// //DON'T delete a block to disable it!//
  
-__What this example will do (in pseudo-lingo):__+What this example will do (in pseudo-lingo):
  
 <code text> <code text>
-if "FSVActive" under "HKEY_LOCAL_MACHINE\SOFTWARE\RZ\FSV" is "0" then+if ("FSVActive" under "HKEY_LOCAL_MACHINE\SOFTWARE\RZ\FSV" is "0") AND ("svchost.exe" is NOT in the list of active processes) then
  log currently installed products on client  log currently installed products on client
  log current action requests  log current action requests
Line 220: Line 244:
 <file ini winst32_preproc.ini> <file ini winst32_preproc.ini>
 [general] [general]
 +version=1.1.0.0
 logInstalled=1 logInstalled=1
 logActions=1 logActions=1
Line 237: Line 262:
 reg2=HKLM|64|SOFTWARE\opsi.org\Winst|Active|0|REG_SZ reg2=HKLM|64|SOFTWARE\opsi.org\Winst|Active|0|REG_SZ
 reg3=HKLM|32|SOFTWARE\Somewhere\Else|SomeOtherValue|50|REG_DWORD reg3=HKLM|32|SOFTWARE\Somewhere\Else|SomeOtherValue|50|REG_DWORD
 +
 +[process_check]
 +count=1
 +proc1=svchost.exe
 </file> </file>
  
Line 259: Line 288:
 #include <array.au3> #include <array.au3>
 #include <Constants.au3> #include <Constants.au3>
-#include "AssoArrays.au3" +#include "UDFs\AssoArrays.au3" 
-#include "GetOpt.au3" +#include "UDFs\GetOpt.au3" 
-#include "json.au3"+#include "UDFs\json.au3"
  
 Global Const $HTTP_STATUS_OK = 200 Global Const $HTTP_STATUS_OK = 200
Line 268: Line 297:
 ; appplication title and version ; appplication title and version
 Global $header = "winst32_preproc (MIT licensed)" Global $header = "winst32_preproc (MIT licensed)"
-Global $version = "1.0.0.0"+Global $version = "1.1.0.0"
 Global $logdir = @TempDir & "\winst32_preproc" Global $logdir = @TempDir & "\winst32_preproc"
 Global $log_mode = True ; write log file = true Global $log_mode = True ; write log file = true
Line 286: Line 315:
 Global $test = True Global $test = True
  
 +Local $msg = '------------------------------------------------------------------------------------------------------------------' & @CRLF ; start line
 +$msg &= $header & ' v' & $version & ' Command Line' & @CRLF & @CRLF ; Message.
 +
 +; Load ini data
 Global $iniName = "winst32_preproc" Global $iniName = "winst32_preproc"
 +_getIniValues($iniName)
  
 ; let's have a look at the CmdLine ; let's have a look at the CmdLine
 If $CmdLine[0] = 0 Then If $CmdLine[0] = 0 Then
- Local $msg = '------------------------------------------------------------------------------------------------------------------' & @CRLF ; start line 
- $msg &= $header & ' v' & $version & ' Command Line' & @CRLF & @CRLF ; Message. 
  $msg &= "No arguments passed. See -h for help or use -d for a test run. Exiting."  & @CRLF & @CRLF  $msg &= "No arguments passed. See -h for help or use -d for a test run. Exiting."  & @CRLF & @CRLF
  ConsoleWrite($msg)  ConsoleWrite($msg)
  Exit 0  Exit 0
 +Else 
 + _debug($msg)
 EndIf EndIf
  
Line 308: Line 342:
 _debug("Profile dir    : " & @UserProfileDir) _debug("Profile dir    : " & @UserProfileDir)
 _debug("Log file       : " & $log_file) _debug("Log file       : " & $log_file)
- 
-; Load ini data 
-_getIniValues($iniName) 
  
 ; for debugging purpose ; for debugging purpose
Line 320: Line 351:
 ; ---- MAIN --------- ; ---- MAIN ---------
  
-; run registry tests 
 If x($iniName & ".registry_check.count") > 0 Then If x($iniName & ".registry_check.count") > 0 Then
- $isRegOk = _runRegistryCheck()+ Local $isRegOk = _runRegistryCheck()
  If $isRegOk Then   If $isRegOk Then 
  _debug("All registry checks passed successfully.")  _debug("All registry checks passed successfully.")
Line 331: Line 361:
 EndIf EndIf
  
-; test ?+If x($iniName & ".process_check.count") > 0 Then 
 + Local $isProcOk = _runProcessCheck() 
 + If $isProcOk Then  
 + _debug("All process checks passed successfully."
 + Else 
 + _debug("One or more process checks where unsuccsessful."
 + _exit(0) 
 + EndIf 
 +EndIf 
 + 
 if $test Then if $test Then
 + ; test run
  $Cmdout = '"' & $opsi_command & '" /opsiservice "' & $opsi_url & '" /clientid ' & $opsi_client & ' /username ' & $opsi_user & ' /password ***(confidential)***'  $Cmdout = '"' & $opsi_command & '" /opsiservice "' & $opsi_url & '" /clientid ' & $opsi_client & ' /username ' & $opsi_user & ' /password ***(confidential)***'
  _debug("")  _debug("")
Line 358: Line 399:
  _exit(0)  _exit(0)
 Else Else
 + ; production run
  If x($iniName & ".general.logInstalled") = 1 Then _opsi_showInstalledProducts($opsi_url, $opsi_client, $opsi_user, $opsi_pass)  If x($iniName & ".general.logInstalled") = 1 Then _opsi_showInstalledProducts($opsi_url, $opsi_client, $opsi_user, $opsi_pass)
  If x($iniName & ".general.logActions") = 1 Then _opsi_showActionRequests($opsi_url, $opsi_client, $opsi_user, $opsi_pass)  If x($iniName & ".general.logActions") = 1 Then _opsi_showActionRequests($opsi_url, $opsi_client, $opsi_user, $opsi_pass)
Line 373: Line 415:
 Func _runRegistryCheck() Func _runRegistryCheck()
  Local $rc =  False  Local $rc =  False
- _debug("Running registry tests...")+ _debug("Running registry checkss...")
   
  If x($iniName & ".registry_check.count") = 0 Then  If x($iniName & ".registry_check.count") = 0 Then
Line 407: Line 449:
   
  return $rc  return $rc
 +EndFunc
 +
 +; check if specified process exist
 +Func _runProcessCheck()
 + Local $rc = False
 + _debug("Running process checks...")
 +
 + If x($iniName & ".process_check.count") = 0 Then
 + _debug("--> nothing to check")
 + return True
 + EndIf
 +
 + ; Example entry: proc1=winword.exe
 + For $i = 1 To x($iniName & ".process_check.count")
 + Local $a = x($iniName & ".process_check.proc" & $i)
 + _debug("Test if not running " & $i & ": " & $a)
 + Local $pid = ProcessExists($a)
 + If $pid > 0 Then
 + $rc =  False
 + _debug("--> rc=" & $rc)
 + _debug("--> PID=" & $pid)
 + return $rc
 + Else
 + $rc = True
 + _debug("--> rc=" & $rc)
 + return $rc
 + EndIf
 + Next
 EndFunc EndFunc
  
Line 633: Line 703:
   
  Else ;--- INI not existing, creating new one in script directory  Else ;--- INI not existing, creating new one in script directory
- $msg = "INI file not found: " & $iniFile + $msg = "INI file not found: " & $iniFile & @CRLF & _ 
- _debug($msg) + "A new INI file with example values will be created in the script directory." & @CRLF & _ 
- _exit(1)+ "Please customize the INI file before using it." & @CRLF & @CRLF 
 + ConsoleWrite($msg) 
 + _createIni($appPath & $iniName) 
  EndIf  EndIf
   
Line 658: Line 731:
  If (@error) Then Return SetError(2, 0, "Error on send")  If (@error) Then Return SetError(2, 0, "Error on send")
  
- If ($REST.Status <> $HTTP_STATUS_OK) Then Return SetError(3, 0, "Error on request")+ If ($REST.Status <> $HTTP_STATUS_OK) Then Return SetError(3, 0, "Error on request - HTTP status & $REST.Status)
   
  return $REST.ResponseText  return $REST.ResponseText
Line 735: Line 808:
  Exit $rc  Exit $rc
 EndFunc EndFunc
 +
 +; create default example ini file
 +Func _createIni($ini)
 +
 + x($ini & ".general.version", $version)
 + x($ini & ".general.logInstalled", 1)
 + x($ini & ".general.logActions", 1)
 +
 + x($ini & ".registry_check.count", 1)
 +
 + Local $a = ["HKLM", "64", "SOFTWARE\RZ\FSV", "FSVActive", "0"]
 + x($ini & ".registry_check.reg1", $a)
 +
 + x($ini & ".registry_pre.count", 2)
 +
 + Local $a = ["HKLM", "64", "SOFTWARE\RZ\FSV", "FSVActive", "1", "REG_SZ"]
 + x($ini & ".registry_pre.reg1", $a)
 + Local $a = ["HKLM", "64", "SOFTWARE\opsi.org\Winst", "Active", "1", "REG_SZ"]
 + x($ini & ".registry_pre.reg2", $a)
 +
 + x($ini & ".registry_post.count", 3)
 +
 + Local $a = ["HKLM", "64", "SOFTWARE\RZ\FSV", "FSVActive", "0", "REG_SZ"]
 + x($ini & ".registry_post.reg1", $a)
 + Local $a = ["HKLM", "64", "SOFTWARE\opsi.org\Winst", "Active", "0", "REG_SZ"]
 + x($ini & ".registry_post.reg2", $a)
 + Local $a = ["HKLM", "32", "SOFTWARE\Somewhere\Else|SomeOtherValue", "50", "REG_DWORD"]
 + x($ini & ".registry_post.reg3", $a)
 +
 + x($ini & ".process_check.count", 1)
 +
 + Local $a = ["svchost.exe"]
 + x($ini & ".process_check.proc1", $a)
 +
 + _WriteAssocToIni($ini)
 +EndFunc
 +
 ; --------------------------------------------------------------------------------------------------------------------- ; ---------------------------------------------------------------------------------------------------------------------
 ; ---- TOOLS --------- ; ---- TOOLS ---------
userspace/winst32_preproc.exe.1572020331.txt.gz · Last modified: 2021/08/23 08:37 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki