fcjoe Posted July 8, 2009 Share Posted July 8, 2009 Hello, I have a script that checks the type of OS role of the computer it is running on to see if it is a Workstation. If it is it then runs two functions. The first one adds entries into Internet Explorer trusted sites. The second one creates a new Favorite link in IE and a shortcut link on the desktop. I tested the script runs without any errors but it did not do anything. So I added a few lines to create a log file to see where it was failing. When the script ran it did what it was suppose to do but did not create the log file. So then I addedd a few more lines to pop-up a message box at certain places to see what happened and the script ran with no problems. I commented out the lines for the log file and message boxes and I was back to not having the script do anything. Then for no reason at all I added the sleep command (for 1 second) after the section that creates the log file and check if it was sucessful, the script ran and did everything. I am completely confused by this. Has anyone seen this before? I included the code below. The message box commands are still commented out. Thanks, Joe expandcollapse popupOpt('MustDeclareVars', 1) Opt("TrayIconHide", 1) #include <Date.au3> #Include <Timers.au3> ;Variable declaration for determining computer OS type Dim $objComputer, $objWMIService, $colObj, $OSobj, $ComputerRole Dim $strComputer = "." ;MsgBox(0,"Start","The script has started, click the OK button to continue.") Global $debugfile = FileOpen(@DesktopDir & "\TSLScript Log File.txt",2) ; Check if file opened for reading OK If $debugfile = -1 Then MsgBox(0, "Error", "Unable to open file.") Exit EndIf Sleep(1000) ;MsgBox(0,"Debug","Log file opened") FileWriteLine($debugfile, "-----Debug Start: " & @UserName & " -----Start time: " & _Now() & @CRLF) ;MsgBox(0,"Debug","Get Computer Role") ;Determin what type of OS is running(Workstation, Server, DC, etc...) $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $strComputer & "\root\cimv2") $colObj = $objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem") For $OSobj In $colObj Select Case $OSobj.DomainRole = 0 $ComputerRole = "Standalone Workstation" FileWriteLine($debugfile, $ComputerRole & @CRLF) ; MsgBox(0,"Debug","Standalone Workstation") Case $OSobj.DomainRole = 1 $ComputerRole = "Member Workstation" FileWriteLine($debugfile, $ComputerRole & @CRLF) ; MsgBox(0,"Debug","Member Workstation") Case $OSobj.DomainRole = 2 $ComputerRole = "Standalone Server" FileWriteLine($debugfile, $ComputerRole & @CRLF) Case $OSobj.DomainRole = 3 $ComputerRole = "Member Server" FileWriteLine($debugfile, $ComputerRole & @CRLF) Case $OSobj.DomainRole = 4 $ComputerRole = "Backup Domain Controller" FileWriteLine($debugfile, $ComputerRole & @CRLF) Case $OSobj.DomainRole = 5 $ComputerRole = "Primary Domain Controller" FileWriteLine($debugfile, $ComputerRole & @CRLF) Case Else $ComputerRole = "Unknown" FileWriteLine($debugfile, $ComputerRole & @CRLF) ; MsgBox(0,"Debug","Unknown") EndSelect Next ;Only run functions if machine is a workstation If StringInStr($ComputerRole,"Workstation") Then FileWriteLine($debugfile, "Is A Workstation Run Functions" & @CRLF) ; MsgBox(0,"Debug","It's a Workstation, run Functions") AddTrustedSites() CreateFav() FileWriteLine($debugfile, "Finished Running Functions" & @CRLF) ; MsgBox(0,"Debug","Finished Running Functions") EndIf FileWriteLine($debugfile, "--------------------Script Complete" & @CRLF) FileClose($debugfile) ;MsgBox(0,"Done","The script has finished, click the OK button to exit.") ;Adds entries into IE Trusted Sites Func AddTrustedSites() FileWriteLine($debugfile, "Start: AddTrustedSites Funtion" & @CRLF) ;Registry Key for Internet Explorer Trusted Sites Local $RWreturncode Local $RegKeyTS = "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\" Local $RegKeyTSArray[2] ;List of sites to be trusted $RegKeyTSArray[0] = $RegKeyTS & "acme.com\*.corp" $RegKeyTSArray[1] = $RegKeyTS & "acme.com\*.int" ;Registry Key for Trusted Sites security settings Local $RegKeyTSSettings = "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" ;Registry DWORD for User Authentication: Logon Local $RegDWORDLogon = "1A00" ;Add domains to trusted sites list FOR $RegKey IN $RegKeyTSArray $RWreturncode = RegWrite($RegKey,"*","REG_DWORD",2) If $RWreturncode = 1 Then FileWriteLine($debugfile, "Registry Write Successfull: " & $RegKey & @CRLF) Else FileWriteLine($debugfile, "Registry Write Failed, Error Code: " & @error & " Reg Key: " & $RegKey & @CRLF) EndIf NEXT ;Set User Authentication in Trusted Sites to Automatic Logon $RWreturncode = RegWrite($RegKeyTSSettings,$RegDWORDLogon,"REG_DWORD",0) If $RWreturncode = 1 Then FileWriteLine($debugfile, "Registry Write Successfull: " & $RegKey & @CRLF) Else FileWriteLine($debugfile, "Registry Write Failed, Error Code: " & @error & " Reg Key: " & $RegKey & @CRLF) EndIf FileWriteLine($debugfile, "Done: AddTrustedSites Funtion" & @CRLF) EndFunc ;Create a link in IE favorites Func CreateFav() Local $DskTpFavorite = @DesktopDir & "\Navigator.url" Local $IEFavorite = @FavoritesDir & "\ACME\Navigator.url" Local $file If Not FileExists($IEFavorite) Then $file = FileOpen($IEFavorite, 10) If $file <> -1 Then FileWrite($file, "[DEFAULT]" & @CRLF) FileWrite($file, "BASEURL=http://navigator.corp.acme.com" & @CRLF) FileWrite($file, "[InternetShortcut]" & @CRLF) FileWrite($file, "URL=http://navigator.corp.acme.com" & @CRLF) FileClose($file) EndIf EndIf ;Create a shortcut on Desktop just to see what the difference is If Not FileExists($DskTpFavorite) Then FileCreateShortcut("http://navigator.corp.acme.com",@DesktopDir & "\ACME Navigator.lnk","","","ACME Navigator") EndIf EndFunc Link to comment Share on other sites More sharing options...
Inverted Posted July 8, 2009 Share Posted July 8, 2009 All these things you're doing make zero sense, you should just say the script fails randomly. You should get rid of all the extra unneeded stuff and try to provide a simpler test case. Link to comment Share on other sites More sharing options...
SpotCheckBilly Posted July 8, 2009 Share Posted July 8, 2009 Hi Joe, This doesn't have anything to do with fixing your problem and I thought I should mention it. I spend a lot of time at several different security sites helping people clean viruses and other nasties from their computers. Virtually every security expert agrees that it's not a good idea to put websites in the Internet Trusted Zone. The Trusted Zone is one of the most common entry points for malware, mainly because its security settings are generally much more relaxed. Just something to bear in mind. Sorry to barge into your thread, but I thought it was important. -- SCB [font="Tahoma"]"I was worried 'bout rich and skinny, 'til I wound up poor and fat."-- Delbert McClinton[/font] Link to comment Share on other sites More sharing options...
anixon Posted July 8, 2009 Share Posted July 8, 2009 Hello, I have a script that checks the type of OS role of the computer it is running on to see if it is a Workstation. If it is it then runs two functions. The first one adds entries into Internet Explorer trusted sites. The second one creates a new Favorite link in IE and a shortcut link on the desktop. I tested the script runs without any errors but it did not do anything. So I added a few lines to create a log file to see where it was failing. When the script ran it did what it was suppose to do but did not create the log file. So then I addedd a few more lines to pop-up a message box at certain places to see what happened and the script ran with no problems. I commented out the lines for the log file and message boxes and I was back to not having the script do anything. Then for no reason at all I added the sleep command (for 1 second) after the section that creates the log file and check if it was sucessful, the script ran and did everything. I am completely confused by this. Has anyone seen this before? I included the code below. The message box commands are still commented out. Thanks, Joe expandcollapse popupOpt('MustDeclareVars', 1) Opt("TrayIconHide", 1) #include <Date.au3> #Include <Timers.au3> ;Variable declaration for determining computer OS type Dim $objComputer, $objWMIService, $colObj, $OSobj, $ComputerRole Dim $strComputer = "." ;MsgBox(0,"Start","The script has started, click the OK button to continue.") Global $debugfile = FileOpen(@DesktopDir & "\TSLScript Log File.txt",2) ; Check if file opened for reading OK If $debugfile = -1 Then MsgBox(0, "Error", "Unable to open file.") Exit EndIf Sleep(1000) ;MsgBox(0,"Debug","Log file opened") FileWriteLine($debugfile, "-----Debug Start: " & @UserName & " -----Start time: " & _Now() & @CRLF) ;MsgBox(0,"Debug","Get Computer Role") ;Determin what type of OS is running(Workstation, Server, DC, etc...) $objWMIService = ObjGet("winmgmts:{impersonationLevel=impersonate}!\\" & $strComputer & "\root\cimv2") $colObj = $objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem") For $OSobj In $colObj Select Case $OSobj.DomainRole = 0 $ComputerRole = "Standalone Workstation" FileWriteLine($debugfile, $ComputerRole & @CRLF) ; MsgBox(0,"Debug","Standalone Workstation") Case $OSobj.DomainRole = 1 $ComputerRole = "Member Workstation" FileWriteLine($debugfile, $ComputerRole & @CRLF) ; MsgBox(0,"Debug","Member Workstation") Case $OSobj.DomainRole = 2 $ComputerRole = "Standalone Server" FileWriteLine($debugfile, $ComputerRole & @CRLF) Case $OSobj.DomainRole = 3 $ComputerRole = "Member Server" FileWriteLine($debugfile, $ComputerRole & @CRLF) Case $OSobj.DomainRole = 4 $ComputerRole = "Backup Domain Controller" FileWriteLine($debugfile, $ComputerRole & @CRLF) Case $OSobj.DomainRole = 5 $ComputerRole = "Primary Domain Controller" FileWriteLine($debugfile, $ComputerRole & @CRLF) Case Else $ComputerRole = "Unknown" FileWriteLine($debugfile, $ComputerRole & @CRLF) ; MsgBox(0,"Debug","Unknown") EndSelect Next ;Only run functions if machine is a workstation If StringInStr($ComputerRole,"Workstation") Then FileWriteLine($debugfile, "Is A Workstation Run Functions" & @CRLF) ; MsgBox(0,"Debug","It's a Workstation, run Functions") AddTrustedSites() CreateFav() FileWriteLine($debugfile, "Finished Running Functions" & @CRLF) ; MsgBox(0,"Debug","Finished Running Functions") EndIf FileWriteLine($debugfile, "--------------------Script Complete" & @CRLF) FileClose($debugfile) ;MsgBox(0,"Done","The script has finished, click the OK button to exit.") ;Adds entries into IE Trusted Sites Func AddTrustedSites() FileWriteLine($debugfile, "Start: AddTrustedSites Funtion" & @CRLF) ;Registry Key for Internet Explorer Trusted Sites Local $RWreturncode Local $RegKeyTS = "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\" Local $RegKeyTSArray[2] ;List of sites to be trusted $RegKeyTSArray[0] = $RegKeyTS & "acme.com\*.corp" $RegKeyTSArray[1] = $RegKeyTS & "acme.com\*.int" ;Registry Key for Trusted Sites security settings Local $RegKeyTSSettings = "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" ;Registry DWORD for User Authentication: Logon Local $RegDWORDLogon = "1A00" ;Add domains to trusted sites list FOR $RegKey IN $RegKeyTSArray $RWreturncode = RegWrite($RegKey,"*","REG_DWORD",2) If $RWreturncode = 1 Then FileWriteLine($debugfile, "Registry Write Successfull: " & $RegKey & @CRLF) Else FileWriteLine($debugfile, "Registry Write Failed, Error Code: " & @error & " Reg Key: " & $RegKey & @CRLF) EndIf NEXT ;Set User Authentication in Trusted Sites to Automatic Logon $RWreturncode = RegWrite($RegKeyTSSettings,$RegDWORDLogon,"REG_DWORD",0) If $RWreturncode = 1 Then FileWriteLine($debugfile, "Registry Write Successfull: " & $RegKey & @CRLF) Else FileWriteLine($debugfile, "Registry Write Failed, Error Code: " & @error & " Reg Key: " & $RegKey & @CRLF) EndIf FileWriteLine($debugfile, "Done: AddTrustedSites Funtion" & @CRLF) EndFunc ;Create a link in IE favorites Func CreateFav() Local $DskTpFavorite = @DesktopDir & "\Navigator.url" Local $IEFavorite = @FavoritesDir & "\ACME\Navigator.url" Local $file If Not FileExists($IEFavorite) Then $file = FileOpen($IEFavorite, 10) If $file <> -1 Then FileWrite($file, "[DEFAULT]" & @CRLF) FileWrite($file, "BASEURL=http://navigator.corp.acme.com" & @CRLF) FileWrite($file, "[InternetShortcut]" & @CRLF) FileWrite($file, "URL=http://navigator.corp.acme.com" & @CRLF) FileClose($file) EndIf EndIf ;Create a shortcut on Desktop just to see what the difference is If Not FileExists($DskTpFavorite) Then FileCreateShortcut("http://navigator.corp.acme.com",@DesktopDir & "\ACME Navigator.lnk","","","ACME Navigator") EndIf EndFunc Are you running McAfee? Link to comment Share on other sites More sharing options...
fcjoe Posted July 9, 2009 Author Share Posted July 9, 2009 Hi Joe,This doesn't have anything to do with fixing your problem and I thought I should mention it. I spend a lot of time at several different security sites helping people clean viruses and other nasties from their computers. Virtually every security expert agrees that it's not a good idea to put websites in the Internet Trusted Zone. The Trusted Zone is one of the most common entry points for malware, mainly because its security settings are generally much more relaxed. Just something to bear in mind.Sorry to barge into your thread, but I thought it was important. -- SCB These are all internal sites. All web based applications that require certain security settings, fortunately it turned out to be the default settings for trusted sites. The sites in my code were replaced, not actually going to Acme web site.Thanks for the concern though. Link to comment Share on other sites More sharing options...
fcjoe Posted July 9, 2009 Author Share Posted July 9, 2009 Are you running McAfee?I should have guessed that. All the machines it didn't work on have a different version of McAfee and some new spyware tool which is set to block adding entries to trusted sites. Why do I always miss the obvious? Though it would have been nice if someone told me we were upgrading McAfee and changing the security.ThanksJoe Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now