Jump to content
Sign in to follow this  
CaoD

Running Script on Locked Down Machines - Only part of it works

Recommended Posts

CaoD

Hi there,

I recently developed a script for my workplace that will create users in SAP based on a pre-filled excel sheet. I work on a locked down machine (can't even change my screen resolution...), and very likely to also be a locked down user.

The "user creation" part of the script works just as it should : all the data is picked up, fed into SAP (credits to the SAP UDF available on this forum), users are created, and my "report" files come out in .txt in the MyDocs folder just as I wanted to.

My problem comes into play with the latest addition I made to the script, a UDF I found on this forum that allows you to send an email by using the "CDO.Message" method. The function is _INetSmtpMailCom - I applied it so I could automatically send a report whenever this script was used and/or went into error. Basically, I wanted a way to monitor the script usage from outside.

On my own machine, everything works as a charm, but on the locked down machine, even though it IS connected to the internet, the _INetSmtpMailCom function returns the error that points towards "no internet access".

At first, I thought it could be some block on the Gmail SMTP port, or something like that... so I looked for simpler ways to "check internet state" through the following scripts (that I also found on the forum).

$ping = Ping("www.google.com")

If Not @error Then
Else
MsgBox(16, "Error", "No Internet Connection")
Exit
EndIf
Func _IsInternetConnected()
    Local $aReturn = DllCall('connect.dll', 'long', 'IsInternetConnected')
    If @error Then
        Return SetError(1, 0, False)
    EndIf
    Return $aReturn[0] = 0
EndFunc   ;==>_IsInternetConnected

MsgBox(0, "", "Internet Is Connected" & " = " & _IsInternetConnected() & @CRLF)
; #FUNCTION# ====================================================================================================================
; Name ..........: _CheckConnection
; Description ...: Will tell if your internet down, or just DNS
; Syntax ........: _CheckConnection()
; Parameters ....:
; Return values .: 0, 1, 2 INT
; 0 = Everything fine, internet/DNS up.
; 1 = DNS is down, but IP ping worked.
; 2 = Internet is down entirely.
; Author ........: BinaryBrother
; ===============================================================================================================================
Func _CheckConnection()
    Local $PingDNS1, $PingDNS2, $PingDNS3, $PingDNS4, $Ret
    TCPStartup()
    $PingDNS1 = Ping("google.com")
    $PingDNS2 = Ping("computerhope.com")
    $PingDNS3 = Ping("yahoo.com")
    $PingDNS4 = Ping("download.com")
    If $PingDNS1 <= 1 And $PingDNS2 <= 1 And $PingDNS3 <= 1 And $PingDNS4 <= 1 Then
        $Ret = 1
        ;DNS is possibly down, check internet next.
        $PingDNS1 = Ping("74.125.93.106")
        $PingDNS2 = Ping("69.72.169.241")
        $PingDNS3 = Ping("67.195.160.76")
        $PingDNS4 = Ping("64.30.224.118")
        If $PingDNS1 <= 1 And $PingDNS2 <= 1 And $PingDNS3 <= 1 And $PingDNS4 <= 1 Then
            $Ret = 2 ;Internet Down
        EndIf
        Return $Ret
    Else
        Return 0 ;DNS and Internet are up
    EndIf
EndFunc   ;==>_CheckConnection


$Ret1 = _CheckConnection()

MsgBox(0, "", $Ret1)

Now, I know these scripts work just fine because on my own machine the results are correct: If I switch my internet off, I get the "right" errors and if I switch it back on I do get the positive confirmations I should be getting.

When I run these on the locked down machine,  I can't even ping Google or any of the other sites that the third UDF uses. I am pretty sure that the problem is that I'm running this on a locked down machine AND as a locked down user.

I'm NOT asking for a script to unlock the machine. I would just like to know if this is the sort of issue that could be "easily" solved by being a local admin on the machine or if it's a lost cause in a major corporate network environment... furthermore, I would like to understand what is the exact reason behind it. Is it purely the fact that I'm on a locked down machine ? Is it because some particular policy is applied ? (I mean, I suppose that if the user can't start the command prompt, he's not allowed to use any of those related commands...)

 

I will probably ask to be a local admin just for the sake of making the test and find out by myself but again, I would like to understand where the block is and what it is.

 

Thanks in advance.

Share this post


Link to post
Share on other sites
CaoD

The script runs as a .exe file that was compiled on my own machine. When it comes to credentials, they are my own... I might ask one of the IT support guys to try a RunAs with his own admin credentials but that would not be handy if we have to get him in every time we need to run the script.

I used to worked in an IT Department where I was admin of my machine... now I'm on the other end of the spectrum... sales, locked down... so sad :(

Share this post


Link to post
Share on other sites
Jos

So, how do you shell the compiled script when the machine is locked down? Scheduler or do you manually shell it before Locking the machine down?

Jos


Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
CaoD

I think I  understand what you mean but I'm afraid that is a bit too technical for me to answer given my current level of programming knowledge and will look into it to expand it ;-)

I'm not shelling it, I'm running it myself manually.

That being said,  I think I didn't express my self too well... my fault.. When I say "locked down machine" I don't mean Ctrl+Alt+Del. I mean like in "locked down user and access privileges" - as I told, I can't change screen resolution, the "Run" is not even in the start menu.... When I say "Locked down user", as opposed to "Power User" in Active Directory - I mean I can't do thing like install programs or start the "Run" by doing WinKey + R and this would lead me to believe I can't do ping commands or use some particular scripting functions...

Edited by CaoD

Share this post


Link to post
Share on other sites
Jos

I think I  understand what you mean but I'm afraid that is a bit too technical for me to answer given my current level of programming knowledge and will look into it to expand it ;-)

I'm not shelling it, I'm running it myself manually.

That being said,  I think I didn't express my self too well... my fault.. When I say "locked down machine" I don't mean Ctrl+Alt+Del. I mean like in "locked down user and access privileges" - as I told, I can't change screen resolution, the "Run" is not even in the start menu.... When I say "Locked down user", as opposed to "Power User" in Active Directory - I mean I can't do thing like install programs or start the "Run" by doing WinKey + R and this would lead me to believe I can't do ping commands or use some particular scripting functions...

 

Ok.. understand now. :)

I wouldn't be surprised when that access to the Internet is also filtered or making use of a proxy which would mean that direct access to the internet isn't possible for software.

Any idea what the setup is for accessing the internet?

Jos


Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
CaoD

I know for sure there is a proxy server.... In Internet explorer, if you don't set it up manually after rebooting (logon script not doing his job properly) you can't even browse the internet... but under Firefox,  you can set it to "No proxy" and you are still able to browse the internet.

If I know the address and the port of the proxy (the data I put in IE), can I pass that to the script somehow ?

What other things should I find out about the network set up to get this to work ? Any ideas?

Share this post


Link to post
Share on other sites
Jos

When FF works without an proxy setting, then this would indicate that you can use the internet directly.

It is still very likely that you pass a Firewall which will not allow ICMP (Ping) and SMTP port 25 outbound from each workstation.

It probably would be best to talk to your IT colleagues to see what is allowed and possible to stop the guessing game. :)


Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites
CaoD

That's indeed the best option. I was just curious as to whereas it was something obvious :-)

I'll pick it up with the IT department and see what they'll tell me.

I'll come back and let you know what happens.

 

Thanks for the quick replies :D

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×