Sign in to follow this  
Followers 0
rudi

Terminal Server: Howto distinguish Local / TSC logon?

11 posts in this topic

Hello,

for an Autoit3 Script to be placed in AUTORUN folder I need to tell, if the login is done at the local console or connecting with MSTSC.EXE

There are 2 env vars, that look quite promising :

CLIENTNAME and

SESSIONNAME

Unfortuantely these are useless: Logging in at the local console they present me values corresponding to a TSC session I used yesterday (same user was used for TSC and local logon)

How to recognize either "this is a local console logon", or "this is a TSC logon"?

Thanks, Rudi.


Earth is flat, pigs can fly, and Nuclear Power is SAFE!

Share this post


Link to post
Share on other sites



Hello,

for an Autoit3 Script to be placed in AUTORUN folder I need to tell, if the login is done at the local console or connecting with MSTSC.EXE

There are 2 env vars, that look quite promising :

CLIENTNAME and

SESSIONNAME

Unfortuantely these are useless: Logging in at the local console they present me values corresponding to a TSC session I used yesterday (same user was used for TSC and local logon)

How to recognize either "this is a local console logon", or "this is a TSC logon"?

Thanks, Rudi.

Using Auto3Lib:

#include <A3LWinAPI.au3>

if _API_GetSystemMetrics($SM_REMOTESESSION) then
  MsgBox(0, "", "Running Under TS" & @CR)
else
  MsgBox(0, "", "Local Console" & @CR)
endif

Auto3Lib: A library of over 1200 functions for AutoIt

Share this post


Link to post
Share on other sites

Hello PaulIA :whistle:

Using Auto3Lib:

#include <A3LWinAPI.au3>

if _API_GetSystemMetrics($SM_REMOTESESSION) then
  MsgBox(0, "", "Running Under TS" & @CR)
else
  MsgBox(0, "", "Local Console" & @CR)
endif
Thanks for your reply. :P

On my way to get Auto3Lib, as it looks to me, as if it's not included in the regular installer, right?

:D This will help me out! :lmao:

Regards, Rudi.


Earth is flat, pigs can fly, and Nuclear Power is SAFE!

Share this post


Link to post
Share on other sites

Hello again,

I cannot get it run :whistle: using the latest (non beta) version of Autoit3 downloaded today.

I get this error:

C:\Programme\AutoIt3\Include\A3LWinAPI.au3 (290) : ==> "Case" statement with no matching "Select" statement.: 
case 0

This error shows up several times down this A3LWinAPI.au3, when I comment out the affected functions one by one.

I believe I miss something very basic? :P

Here I tried to copy-paste your function to the main program, it always tells "running under TS" when used this way.

dim $dummy

if _API_GetSystemMetrics($dummy) then
  MsgBox(0, "", "Running Under TS" & @CR)
else
  MsgBox(0, "", "Local Console" & @CR)
endif


; #FUNCTION# ==========================================================
; Description ...: Retrieves the specified system metric or system configuration setting
; Parameters ....: $iIndex      - The system metric or configuration setting to be retrieved
; Return values .: Success      - The requested system metric
;                  Failure      - 0
; Author ........: Paul Campbell (PaulIA)
; Remarks .......:
; Related .......:
; ====================================================================
Func _API_GetSystemMetrics($dummy)
  Local $aResult

  $aResult = DllCall("User32.dll", "int", "GetSystemMetrics", "int", $dummy)
  Return $aResult[0]
EndFunc

May I ask you for further help, pls? I would be happy just to get the TS thing working.

Regards, Rudi.


Earth is flat, pigs can fly, and Nuclear Power is SAFE!

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

Hello again,

I cannot get it run :whistle: using the latest (non beta) version of Autoit3 downloaded today.

I get this error:

C:\Programme\AutoIt3\Include\A3LWinAPI.au3 (290) : ==> "Case" statement with no matching "Select" statement.: 
case 0

This error shows up several times down this A3LWinAPI.au3, when I comment out the affected functions one by one.

I believe I miss something very basic? :P

You don't have the latest version of AutoIt installed or you didn't uninstall the last version before installing the new one. I had another user report this and it was the same problem. If you're still having problems, drop me a line in the Auto3Lib thread in the Examples forum. Edited by PaulIA

Auto3Lib: A library of over 1200 functions for AutoIt

Share this post


Link to post
Share on other sites

Here I tried to copy-paste your function to the main program, it always tells "running under TS" when used this way.

dim $dummy

if _API_GetSystemMetrics($dummy) then
  MsgBox(0, "", "Running Under TS" & @CR)
else
  MsgBox(0, "", "Local Console" & @CR)
endif
; #FUNCTION# ==========================================================
; Description ...: Retrieves the specified system metric or system configuration setting
; Parameters ....: $iIndex      - The system metric or configuration setting to be retrieved
; Return values .: Success      - The requested system metric
;                  Failure      - 0
; Author ........: Paul Campbell (PaulIA)
; Remarks .......:
; Related .......:
; ====================================================================
Func _API_GetSystemMetrics($dummy)
  Local $aResult

  $aResult = DllCall("User32.dll", "int", "GetSystemMetrics", "int", $dummy)
  Return $aResult[0]
EndFunc
And why would you pass an empty variable called $dummy where I passed a valid constant? The constant that you need is in A3LConstants.au3.

Auto3Lib: A library of over 1200 functions for AutoIt

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

And why would you pass an empty variable called $dummy where I passed a valid constant?

Stupid newbee error, so sorry! ;)

After installing the latest Autoit3 version with deinstalling the previous one, it's working fine now. With one problem remaining:

With "MSTSC /CONSOLE" it's possible to login to the 'real' console. When doing so, these lines

#include <A3LWinAPI.au3>

if _API_GetSystemMetrics($SM_REMOTESESSION) then
  MsgBox(0, "", "Running Under TS" & @CR)
else
  MsgBox(0, "", "Local Console" & @CR)
endif

do report "Running Unter TS" for this remotely taken local console login. Is it possible to destinguish between "MSTSC" and "MSTSC /CONSOLE" sessions? :) That would be the solution for my problem :)

But perhaps it's better to describe, what I need:

There is an application that has to run at the local console, exactly one instance, while a local login is active at this Win2003 R2 Server. (This is because the SW vendor isn't able to code the program to login to eDirectory when running as a windows service)

So I do a local console autolog.exe login to eDir + Win2003, from Startup folder I launch for user "Administrator" my AI3 script to check, if it's logged in locally. If so, then startup that Application if not already running, then wait for initialization, mimimizing, then lock the console.

When logging out locally, the autolog immediately loggs in again, starts the App + locks the screen. That's all working fine.

The trouble happens, when the local admin here logs on using "MSTSC /CONSOLE" to do certain actions he needs the "console", not a regular TS-Session. And NOW the trouble step happens, when he logs off in stead of disconnecting: Then the autologin still happens, but it's NO local autologin, it's a (clientless) "mstsc /console" login. So my script doesn't initialize the App, because now my Autoit3 script is believing to run in a TS-Session, even though it's the "MSTSC /CONSOLE" accessed local console. So in this situation the App doesn't get started again (The Cosynus Blackberry Connector) and so the Blackberries will not be synchronised.

Any ideas how to ensure, that there is

-- always a local console login active?

-- always this application is runing at the local console login one time?

^_^

Thanks for any suggestions, Rudi.

Edited by rudi

Earth is flat, pigs can fly, and Nuclear Power is SAFE!

Share this post


Link to post
Share on other sites

Hi rudi,

I just saw your question.

As far as I'm aware, is PaulIA no longer an active member (He said goodbye a while ago).

About your questions:

First let me express my worries about the software you are running on your server.

The software company isn't able to write a proper program for a windows server???

Are they certified software developers???

It is totally unsafe to let a program run from the console and keep the console open.

This having said, I have a question for you:

Did you take a look in the help file, more specific to the functions ProcessExists, ProcessWait, ProcessWaitClose?

These functions may be helpful in finding a solution to your second question (this application is running one time?).

About the first question:

How to distinguish between a console login and a ts-session login?

1) You could use a different account name with appropriate rights (I thought two concurrent console logins are allowed, but I need to check that) for your app.

2) You could check the "Logon Type Codes" for Interactive Logon type 2 (see quote)

3) You could switch to another software vendor who is willing to deliver a program that doesn't need these kind of workarounds

4) Some other solution which I'm not thinking of right now.

Event IDs 528 and 540 signify a successful logon, event ID 538 a logoff and all the other events in this category identify different reasons for a logon failure.

However, just knowing about a successful or failed logon attempt doesnt fill in the whole picture.

Because of all the services Windows offers, there are many different ways you can logon to a computer such as interactively at the computers local keyboard and screen,

over the network through a drive mapping or through terminal services (aka remote desktop) or through IIS.

Thankfully, logon/logoff events specify the Logon Type code which reveals the type of logon that prompted the event.

Logon Type 2 Interactive

This is what occurs to you first when you think of logons, that is, a logon at the console of a computer. Youll see type 2 logons when a user attempts to log on at the local

keyboard and screen whether with a domain account or a local account from the computers local SAM. To tell the difference between an attempt to logon with a local or domain

account look for the domain or computer name preceding the user name in the events description. Dont forget that logons through an KVM over IP component or a

servers proprietary lights-out remote KVM feature are still interactive logons from the standpoint of Windows and will be logged as such.

Cheers, Scriptonize


If you learn from It, it's not a mistake

Share this post


Link to post
Share on other sites

#9 ·  Posted (edited)

Hi rudi,

I just saw your question.

As far as I'm aware, is PaulIA no longer an active member (He said goodbye a while ago).

About your questions:

First let me express my worries about the software you are running on your server.

The software company isn't able to write a proper program for a windows server???

No. They are very capable to write Windows code. But their knowledge upon Novell eDirectory might be less excellent ;)

At least they do not know how to code a service that's capable to authenticate for Novell eDirectory. The same Program for Windows AD is running as a service very fine and can authenticate for a specified user account against AD very well.

Are they certified software developers???

I don't care about "paper". [1] MCP/MCSE is a perfect example for certification worth close to nothing (I'm MCP/MCSE/MCT, and I remember very well how little I could do just after my certification ;)

It is totally unsafe to let a program run from the console and keep the console open.

The console is locked (Windows, and the room physically as well)

This having said, I have a question for you:

Did you take a look in the help file, more specific to the functions ProcessExists, ProcessWait, ProcessWaitClose?

These functions may be helpful in finding a solution to your second question (this application is running one time?).

That's exactly what I'm using.

About the first question:

How to distinguish between a console login and a ts-session login?

1) You could use a different account name with appropriate rights (I thought two concurrent console logins are allowed, but I need to check that) for your app.

This wouldn't help here for several reasons.

2) You could check the "Logon Type Codes" for Interactive Logon type 2 (see quote)

Ehm, see what quote? ^_^

I'll search for "Logon Type Codes".

3) You could switch to another software vendor who is willing to deliver a program that doesn't need these kind of workarounds

No. Cosynus in Darmstadt, Germany, is according to "Tobit David" the very best skilled software vendor available. I believe that in certain aspects they are even more skilled than the Tobit team itself, honestly. The Email/Fax solution "David 10" is fact here (and will be active for at least another 2 years), so there is no way at all to kick :) Cosynus.

4) Some other solution which I'm not thinking of right now.

Yes: How to find out, that this is a "MSTSC /CONSOLE" rather than a "MSTSC" logon.

For this "Logon Type Codes" I found this description: http://www.windowsecurity.com/articles/Logon-Types.html, it also doesn't distinguish tsc and tsc /console logons :D

Thanks for your reply,

regards, Rudi.

[1]

Imagine, you want to hire a taxi to travel a difficult african desert road. You have two choices for the driver: A 40 years old man who goes this route every day for the last 20 years - but you find out, he neither has a driving license, nor does he even know such a thing exists.

And a 25 year old NY taxi driver, with valid driving license, who arrived in Africa for his first time with the same flight you traveled. He owns a brand new GPS navigation system with the correct route in it, it's also equipped with satelite based traffic jam warning system :)

Which taxi driver will you entrust to drive you safely, shall I bet? ;)

Edited by rudi

Earth is flat, pigs can fly, and Nuclear Power is SAFE!

Share this post


Link to post
Share on other sites

#10 ·  Posted (edited)

I've got it now with help of you all:

It's possible with this script ...

#include <A3LWinAPI.au3>

if _API_GetSystemMetrics($SM_REMOTESESSION) then
  MsgBox(0, "", "Running Under TS" & @CR)
else
  MsgBox(0, "", "Local Console" & @CR)
endif

... and the setting of the environment variable "Session".

Fact:

I use autologon, start this program discussed above, then lock the console. The problem was to recognize a "console autologon" after a "mstsc /console" logout [b/]not to be a TS-Session.

  • Local Logon:

    Script: Local

    Env. Sessionname: Console

  • Taking over the local logon with "mstsc /console"

    Script: TS-Session

    Env. Sessionname: Console (so this isn't altered after a "real, physically local logon" happened before)

  • Logging out from the console using a "mstsc /console" session: This results in a "mstsc /console" autologon (gets locked moments after logon)

  • When taking Control with "mstsc /console"

    script: TS-Session

    Env. Sessionname:<not defined> (variable not set)

  • When logging into such a locked session locally

    script: Local

    Env. Sessionname: <not defined>

:D;):D So this is how to catch "mstsc /console" sessions, that were not disconnected but logged out :D :D :D

So now I need in addition to write an Autoit3 Service that will bomb one email per minute :) to the local admin :) when he logged out the local console logon ;) using "mstsc /console" connects.

^_^ Even better would be a service preventing from logging out without confirmation when at the console logon. But that's beyond my skills ;)

Thanks, Rudi.

Edited by rudi

Earth is flat, pigs can fly, and Nuclear Power is SAFE!

Share this post


Link to post
Share on other sites

Great to see you found a solution to your problem. :)

If I sounded too harsh with my comments, I apologize. That was not my intention.

I just was very surprised when I learned about your console application.

At our office these kind of programs are simply not allowed and I fully agree to that policy.

The software need to be fully "Bill Gates" compliant and if not we simply don't use it. ^_^

One thing is a bit strange though:

You responded "what quote" when I referred to the added quote in my previous post.

Is the quoted text not visible?

Please let me know, maybe I'm doing something wrong with those quoting tags.

Scriptonize


If you learn from It, it's not a mistake

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0