Tech Arsenal 1

home *** CD-ROM | disk | FTP | other *** search

/ Tech Arsenal 1 / Tech Arsenal (Arsenal Computer).ISO / tek-05 / lwatch.zip / LANWATCH.DOC < prev next >

Wrap

Text File | 1990-11-22 | 55KB | 1,385 lines

LAN Watch (tm) 1.00 Copyright 1990 by E. Zaron All Rights Reserved Published by Zaron Software 13100 Dulaney Valley Road Glen Arm, Maryland 21057 (301) 592-3334 Contents LAN Watch Objectives . . . . . 2 System Overview . . . . . . . 3 System Requirements . . . . . 4 Installation . . . . . . . . . 4 Logon Program . . . . . . . . 5 Setup Program . . . . . . . . 8 Report Program . . . . . . . . 18 Password Program . . . . . . . 19 Purging Station Logs . . . . . 19 Job Accounting . . . . . . . . 19 Logon Error Codes . . . . . . 20 1 LAN Watch (tm) Objectives The LAN Watch program works on individual PCs and network workstations and meets the following objectives. . Provide complete PC and network security ---------------------------------------- User access is restricted by password and assigned security level. Access can be denied or limited to read-only on a file by file basis. Users can be restricted to running only authorized programs. LAN Watch automatically logs out a user after a preset period of inactivity. Logon password files are securely encrypted to deter 'hackers'. . Stop LAN piracy --------------- Users cannot download programs or data files to floppy disks without authorization. . Eliminate LAN corruption ------------------------ Users cannot copy programs on to their PC or the network without authorization. This is the most effective way to protect against computer viruses. . Software metering ----------------- Records the number of copies of a program that are run at different workstations simultaneously. . Monitor equipment utilization ----------------------------- Records every user logged on to the computer or the network and records the time spent in each program. Statistical reports reveal equipment utilization, program use, and user efficiency. . Report all file accesses ------------------------ Provides a complete report of all file accesses and changes. Records when files are read or written, and by whom. . Complete Job Accounting ----------------------- LAN Watch provides accurate job accounting for an unlimited number of jobs. Job totals and the time each user spends on a job are reported. . Ease of Use ----------- LAN Watch is easy to install and easy to use. Installation, even on a network, takes only 1 minute per station and may be done remotely. A complete context sensitive help system provides pop-up help at every point in the programs. All programs are menu driven. 2 LAN Watch (tm) System Overview There are four programs in the LAN Watch system. 1. LOGON ----- Logon is the TSR portion of the system that stays resident in your computer and provides logon capabilities with password checking. A new user can log on to the system by typing LOGON at the DOS prompt or by pressing the logon hot key at any time (the logon hot key is user definable and is set to a default value of ALT CTRL L). Users can log on or off at any time, even while running a program. If a user logs off while in a program the program's operation is suspended until the user returns or a new user logs on. 2. SETUP ----- The Setup program defines new users to the system and provides them with an initial password. The Setup program also assigns a security level to each user and controls which files or devices can be accessed by which users. 3. REPORT ------ The Report program provides a flexible means for reporting network or PC activity by date, user, program, job or file. The Report program also gives the status of all network stations showing who is using each. The Report and Setup programs contain complete help systems that may be accessed by pressing the F1 key at ANYTIME. 4. PASSWORD -------- The Password program allows the user to change his password. When running the Password program the user first enters his name and current password and is then prompted to enter his new password. 3 System Requirements LAN Watch requires an IBM PC/AT/PS2 or compatible with DOS 2.1+ and a hard disk. LAN Watch can operate on individual or networked PCs and is compatible with all networking systems. LAN Watch can also be used with diskless workstations. Installation of the LAN Watch system requires 360k bytes of disk storage. The resident portion of LAN Watch requires 17k of RAM in each workstation or individual PC. Installation To install the LAN Watch system insert the LAN Watch disk in Drive A: and then type the following line at the DOS prompt. A:INSTALL A,C If your hard disk is in a drive other than C simply replace the C with the correct identifier. Likewise, if the LAN Watch disk is inserted into a drive other than A, replace the A with the correct identifier. The installation process creates a subdirectory named \ZZLOG on your hard disk and also copies the LOGON program to the root directory. After the install process has copied the Logon and Password programs to your hard disk it will pause and ask if the Setup and Report programs are to be installed. If you are installing LAN Watch on a file server or stand alone PC press the Enter key. If you are installing LAN Watch on a network station you should press Ctrl C to terminate the install process. There are two predefined users in the LAN Watch system when shipped. User name 'ED' has a password of 'ZARON' and user name 'PAT' has a password of 'BIRD'. Use either one of these name/password combinations the first time you log into the LAN Watch System. After you enter your own names and passwords with the Setup program you may delete 'ED' and 'PAT' from the list of valid users. On a network it is not necessary to install the LAN Watch system on each station. LAN Watch may be installed on the network server and each station can run Logon from the server. For example, if the network server's hard drive is identified on the network as E:, individual stations can log on with following command lines (assumes station 3 is logging on). >E: >LOGON /Station=3/Name=Ed's Computer/Drive=E: ** Important note: When running Logon on network workstations the 'Station=' command line parameter (see page 6) must be used. 4 The Logon Program The Logon program is a TSR (terminate and stay resident) program that remains in the memory of your computer. The Logon program requires 17k of memory. Optionally, the Logon program may be loaded into high memory from 640k to 1000k with commercially available memory manager software. The Logon program uses command line parameters to set optional system variables. On a non-networked PC no command line parameters need to be entered. Command line parameters are entered only the first time Logon is run after booting your system. LOGON /Station number=1/Name=Ed's computer/Drive=E: The three command line parameters above identify this station as station 1, name the station "Ed's computer" and indicate that the password files are on drive E:. The station name "Ed's computer" will appear in page headings of the reports about station 1. Logon parameters are not case sensitive and they may be abbreviated to the first letter, so that the previous command line may be entered as; LOGON /s=1/n=Ed's computer/d=e: The LOGON command line should be included in the computer's autoexec.bat file so that Logon is automatically installed when the system is turned on or rebooted. Once the LOGON program has been installed the computer can be accessed only by individuals whose name and password have been previously entered into the system via the SETUP program. There are two ways a user can log on to the system. At the DOS prompt a user can type LOGON and he will be prompted for his name and password. At other times, the user can press a hot key which will log off the current user and prompt the new user for his name and password. The ability to log on or off from within an application is very useful. The user may want to leave his station for a few minutes while running an application. If he simply presses the logon hot key before leaving he can be assured that no one will disturb his work. When he returns, he can enter his name and password and resume his activities. 5 Logon Command Line Parameters There are seven optional command line parameters that may be entered the first time Logon is run. Each parameter starts with a slash '/' followed by a parameter keyword and an equal sign '='. Immediately following the equal sign is the value of the parameter. A parameter keyword may be abbreviated to its first letter. Listed below are the valid parameters that may be entered on the Logon command line. /Station=NN ----------- 'NN' is a station number from 1 to 99. The station number is REQUIRED on networks to identify each station. Each station must use a different station number. The /Station parameter is non functional on the single PC version of LAN Watch. The single PC version of LAN Watch is always station 1. The log for each station is written to the file \ZZLOG\STATION.NN, where NN is replaced by the selected station number. The logon program also writes the station name and the name of the current user to the file \ZZLOG\USER.NN, where NN is again replaced by the selected station number. /Name=Station Name ------------------ 'Station Name' is text string that will be printed on reports about this station. The station name may be up to 20 characters long. /Drive=E: --------- 'E:' is the drive that contains the password, group and log files pertaining to this station. Password, group and log files are always stored on path \ZZLOG\ on the selected drive. The password file is named PASSWORD.BIN and contains the name, password and security level for each user. The group file is named GROUP.BIN and contains your group access definitions. The password and group files are written and maintained with the LAN Watch Setup program. /Key=Logon Hot Key ------------------ 'Logon Hot Key' is a letter A through Z. For example if you enter /Key=X, then pressing Alt Ctrl X (hold down the Alt and Ctrl keys while pressing the X) will log off the current user and display the log on prompt so that a new user may log on. 6 Logon Command Line Parameters, Cont'd. /Time=log off delay ------------------- 'Log off delay' is the number of minutes of inactivity that the Logon program will allow before automatically logging off the current user. The /Time= parameter can be set to a value of 3 to 99 minutes. If the /Time= parameter is set to 0 then the automatic logoff feature will be disabled. /Environment=variable name -------------------------- 'Variable name' is the name of an environment variable that contains the name of the current user. The environment variable name may be up to 25 characters long. The purpose of the /Environment parameter is to allow you to use the Logon program's control and reporting abilities even if you currently use another password system for logging on users. If you use the /Environment parameter you can avoid having the user log on twice. When the /Environment parameter is present the Logon program will use the contents of named environment variable for the user name and will not check the user's password. For example, if you enter '/Environment=user' on the Logon command line then the program will use the contents of the environment variable 'USER' as the user name. Each time the environment variable 'USER' is changed with the DOS SET command you should rerun the Logon program as in the following example. >SET USER=ED >LOGON If the user ('ED' in this example) is not found in the password file, the logon program will assign him to file access group 7 and give him a security level of 7. If the user is found in the password file he will be assigned the security level and access group that were defined for him via the Setup program. /Unloadable ----------- The /Unloadable parameter is not followed by an equal sign or a value. If the /Unloadable parameter is present you may deactivate and unload the Logon program by typing 'LOGON -' at the DOS prompt '>'. The /Unloadable parameter should be included only when testing the LAN Watch system. 7 The Setup Program The Setup program is used to define new users to the system and to provide them with an initial password. The Setup program assigns a security level to each user and controls which files or devices can be accessed by which users. There are two main sections in the Setup program. The first section defines users to the system and assigns each an initial password, security level and file access group. The following is an extract of a sample user definition screen. .. Name ........ Security Levels .... Access Group Name .. . . . Ed 1 2 3 4 5 6 7 Finance . . Karen 1 2 3 4 5 6 7 Personnel . . Pat 2 3 4 5 6 7 Finance . . . . . . . .......................................................... From the above we can see that Ed and Pat both have access to the files in the Finance access group. Ed has security levels 1 through 7 while Pat does not have security level 1. Karen has security levels 1 through 7 and has access to the files in the Personnel access group. A user may be assigned any combination of the seven security levels. 8 The Setup Program, cont'd. The second section of the Setup program defines file access groups. Each file access group defines the security level necessary to read or write to a particular file or device. For example, a user with security level 1 may be allowed to read and write file FORECAST.90 while a user with security level 2 is only allowed to read file FORECAST.90. The following is an extract of a sample access group definition screen. .. Finance files .... Report Allowed Security Levels .. . A: All All 1 . . A: All Read 2 . 3 . FORECAST.* All All 1 . 4 . FORECAST.* All Read 2 3 4 5 6 . 5 . SETUP.EXE None Read 1 . 6 . *.EXE Write All 1 . 7 . *.EXE None Read 2 3 4 5 6 7 . . \FINANCE\*.* Write All 1 2 3 4 5 6 7 . . *.* Write All 1 . .......................................................... The Allowed and Security columns control who will have access to which programs, devices and files. The Report column indicates which accesses will be reported by the system. The first line indicates that only users with a security level of 1 can write to drive A:. The second line indicates that users with a security level of 2 can only read from drive A:. Users who have neither a security level of 1 nor 2 will be restricted from using drive A. The third and fourth lines indicate that only a user with a security level of 1 can write to file FORECAST.*. Users with a security level of 2 through 6 are able to read FORECAST.* but are not be able to change it. Users with only a security level of 7 are restricted from reading or writing FORECAST.*. The fifth line indicates that a security level of 1 is necessary to run the SETUP program. Lines 6 and 7 indicate that a security level of 1 is necessary to write a *.exe file. This restricts users from loading any executable programs onto the system. The next to last line indicates that with exception of the files listed before it, all users can have unrestricted access to the files on path \FINANCE\. The last line indicates that users with a security level of 1 will have unrestricted access to the remaining files on the system. 9 Adding New Users A user must have his name and password added to the Setup program's user list before he is able to log on to the system. Press 1 at the Setup program main menu to add new user names to the system. When the user list is displayed type the new user's name and press the Enter key. A user name may be a maximum of 18 characters long. After entering the user's name you will be prompted to enter the user's initial password. Type the user's password and press the Enter key. The user's password may be up to 12 characters long. Later, when the user has logged on to the system he may change his password by running the Password program. If a single asterisk '*' is entered as the user's password, he will be able to log on without entering a password. Once the password has been entered you will be prompted to enter the user's security levels. Press Y or N at each line in the security level menu to select the desired security levels. There is no implied hierarchy in the security levels. A user may be given any combination of the seven security levels. After selecting the user's security levels you will be prompted to select the file access group to which the user is assigned. Press a number from 1 to 7 to select the desired file access group. A user may be assigned to only one file access group. The user list is automatically sorted in name order. As the user list grows you may search for a particular user by typing in his name and then pressing the Enter key. To change an entry in the user list, move the cursor over the desired user name and press the Enter key. You will then be prompted to change the assigned security levels and file access group. To delete a user from the list, move the cursor over the name you wish to delete and press the Del key. You can print the user list by pressing the F9 function key. Press the F1 function key at anytime to get help while entering user names. 10 Defining File Access Groups The file access groups control who gets access to which programs, devices and files. Press 3 at the main menu to define the file access groups. You will then be prompted to select a file access group to define. Press a number from 1 to 7 to select the desired access group. Next, you will be prompted to enter a name for the selected access group. If the current name does not need to be changed press the Enter key, otherwise enter a new name for the group and press the Enter key. The selected file access group will then be displayed. The file access group list contains four columns of information. .. Finance files .... Report Allowed Security Levels .. . FORECAST.90 Write All 1 . . FORECAST.90 None Read 2 3 4 5 6 7 . . *.* Write All 1 2 3 4 5 6 7 . .......................................................... The leftmost column gives the file, program or device name. This column may contain paths and the standard DOS wildcard characters '*' and '?'. The next column, titled 'Report', indicates which accesses will be recorded in the station log. The report column will contain either 'None', 'Read', 'Write' or 'All'. 'None' indicates that the system will not record any access information about the named file or device. An entry of 'Read' indicates that the system will record only read accesses of the named file or device. An entry of 'Write' indicates that the system will record only write and delete accesses of the named file or device. An entry of 'All' indicates that the system will record all read, write and delete accesses made of the named file or device. The next column, titled 'Allowed', indicates which accesses will be allowed. The allowed column works in conjunction with the rightmost column, titled 'Security levels', to control who gets access to what. If a security level of the current user matches a security level listed in the 'Security levels' column he will be allowed the access listed in the 'Allowed' column. The 'Allowed' column may contain either 'None', 'Read', or 'All'. 'None' indicates that no access is allowed. 'Read' indicates that only read access is allowed. 'All' indicates that read, write and delete accesses are allowed. It is not possible to allow write and delete access without giving read access. The 'Security levels' column may contain any combination of the seven security levels. 11 Defining File Access Groups, cont'd. The first time a program issues a read or write request for a particular file, the Logon program scans the current file access group list searching for a match that will allow the necessary access. Since the Logon program scans the access group list from top to bottom, the order of your entries is important. .. Finance files .... Report Allowed Security Levels .. . . . *.* All All 1 2 3 4 5 6 7 . . FORECAST.90 All All 1 . . FORECAST.90 All Read 2 3 4 5 6 7 . . . .......................................................... Referring to the INCORRECT access group list above, if the current user has only a security level of 2, he will still have unlimited access to file FORECAST.90 since the Logon program will get a match when it evaluates the first line of the access group. To limit the user to read-only access of file FORECAST.90 the access group should be structured as shown below. .. Finance files .... Report Allowed Security Levels .. . . . FORECAST.90 All All 1 . . FORECAST.90 All Read 2 3 4 5 6 7 . . *.* All All 1 2 3 4 5 6 7 . . . .......................................................... The order of entries in the access group list is controlled by the location of the cursor when you begin typing a new entry for the list. New entries are inserted before the line at the cursor. Whenever Logon encounters a wildcard character '*' or '?' it checks to see if a match has already failed for the desired file or device name. .. Finance files .... Report Allowed Security Levels .. . . . FORECAST.90 All All 1 . . FORECAST.90 All Read 2 3 4 5 6 7 . . FORECAST.* All All 1 2 3 4 5 6 7 . . . .......................................................... Using the above access group list, a user with only security level 2 will not be able to write file FORECAST.90. The user will be able to write any other FORECAST file so long as it does not end with the suffix 90. 12 Defining File Access Groups, cont'd. Once a particular file or device name appears in the access group list each security level must be explicitly granted access to use it. .. Finance files .... Report Allowed Security Levels .. . . . FORECAST.90 All Read 2 3 4 5 6 7 . .......................................................... Using the above access group list, a user with only security level 1 will not be able to use file FORECAST.90. To allow the security level 1 user access to file FORECAST.90 you must add another entry as in the following list. .. Finance files .... Report Allowed Security Levels .. . . . FORECAST.90 All All 1 . . FORECAST.90 All Read 2 3 4 5 6 7 . .......................................................... Usually, when you make an entry in the access group list that restricts the access for certain security levels you will make a matching entry that allows access for other security levels. To restrict certain security levels from running a particular program set the 'Allowed' column to 'None'. For example, the following access group will allow only users with a security level of 1 to run the Report or Setup programs. Read access allows a user to run a program. .. Finance files .... Report Allowed Security Levels .. . . . SETUP.EXE All Read 1 . 2 . SETUP.EXE All None 2 3 4 5 6 7 . . REPORT.EXE All Read 1 . 4 . REPORT.EXE All None 2 3 4 5 6 7 . . . . FORECAST.90 All All 1 . . FORECAST.90 All Read 2 3 4 5 6 7 . . *.* Write All 1 2 3 4 5 6 7 . .......................................................... Since each security level needs to be explicitly granted access to each name in the access group we may delete the 2nd and 4th lines of the list and still retain the same functionality. .. Finance files .... Report Allowed Security Levels .. . . . SETUP.EXE All Read 1 . . REPORT.EXE All Read 1 . . . . FORECAST.90 All All 1 . . FORECAST.90 All Read 2 3 4 5 6 7 . . *.* Write All 1 2 3 4 5 6 7 . .......................................................... 13 Defining File Access Groups, cont'd. A similar method may be used when you want to give only certain security levels access to a file. For example, using the following access group list only users with a security level of 1 or 2 will be able to access file ACTUALS.90. .. Finance files .... Report Allowed Security Levels .. . . . SETUP.EXE All Read 1 . . REPORT.EXE All Read 1 . . ACTUALS.90 All All 1 2 . . FORECAST.90 All All 1 . . FORECAST.90 All Read 2 3 4 5 6 7 . . *.* Write All 1 2 3 4 5 6 7 . . . .......................................................... The 'Report' column in the access group list controls what access information is written to the station logs. There are usually many files accessed by a program that you do not care to have the system track. For instance, files with a suffix of .TMP or .WRK are often temporary work files. To keep the station logs from using excessive disk storage you may want to eliminate the reporting of these files by setting the 'Report' column to 'None' as in the following. .. Finance files .... Report Allowed Security Levels .. . . . *.TMP None All 1 2 3 4 5 6 7 . . *.WRK None All 1 2 3 4 5 6 7 . . SETUP.EXE All Read 1 . . REPORT.EXE All Read 1 . . ACTUALS.90 All All 1 2 . . FORECAST.90 All All 1 . . FORECAST.90 All Read 2 3 4 5 6 7 . . *.* Write All 1 2 3 4 5 6 7 . . . .......................................................... The best way to find out which files you do not want reported is to use the LAN Watch system for 1 day and then run the Report program. An examination of the file report will quickly show you what files to exclude. 14 Defining File Access Groups, cont'd. You may want to set the 'Report' column to 'Write' for those files that you do not care who reads. Actually, this is most often what we want. So, if we set the 'Report' column to 'Write' our sample access group will look like the following. .. Finance files .... Report Allowed Security Levels .. . . . *.TMP None All 1 2 3 4 5 6 7 . . *.WRK None All 1 2 3 4 5 6 7 . . SETUP.EXE Write Read 1 . . REPORT.EXE Write Read 1 . . ACTUALS.90 Write All 1 2 . . FORECAST.90 Write All 1 . . FORECAST.90 Write Read 2 3 4 5 6 7 . . *.* Write All 1 2 3 4 5 6 7 . . . .......................................................... An exception to this may be when we publish a new set of policies and procedures that we want everyone to read. By setting the 'Report' column to 'Read' or 'All' we will later be able to run a report that shows who has actually read the new policies and procedures. .. Finance files .... Report Allowed Security Levels .. . . . POLICIES.NEW All All 1 2 3 4 5 6 7 . . *.TMP None All 1 2 3 4 5 6 7 . . *.WRK None All 1 2 3 4 5 6 7 . . SETUP.EXE Write Read 1 . . REPORT.EXE Write Read 1 . . ACTUALS.90 Write All 1 2 . . FORECAST.90 Write All 1 . . FORECAST.90 Write Read 2 3 4 5 6 7 . . *.* Write All 1 2 3 4 5 6 7 . . . .......................................................... 15 Defining File Access Groups, cont'd. Careful use of the file access groups can eliminate software theft and the introduction of computer viruses into your computer. To eliminate software theft simply lock out selected users from writing to floppy drives A: and B:. In the following example only users with a security level of 1 can write to drives A: or B:. .. Finance files .... Report Allowed Security Levels .. . . . A: Write Read 2 3 4 5 6 7 . . A: Write All 1 . . B: Write Read 2 3 4 5 6 7 . . B: Write All 1 . . *.TMP None All 1 2 3 4 5 6 7 . . *.WRK None All 1 2 3 4 5 6 7 . . FORECAST.90 Write All 1 . . FORECAST.90 Write Read 2 3 4 5 6 7 . . *.* Write All 1 2 3 4 5 6 7 . . . .......................................................... To eliminate the introduction of viruses lock out selected users from reading executable files (*.exe and *.com) from floppy drives A: and B:. In the following example only users with a security level of 1 can write to drives A: or B:, or can read an executable file from drives A: or B:. Other users will still be able to read a data file from drives A: or B:. .. Finance files .... Report Allowed Security Levels .. . . . A:*.COM Write Read 1 . . A:*.EXE Write Read 1 . . A:*.* Write Read 2 3 4 5 6 7 . . A:*.* Write All 1 . . B:*.COM Write Read 1 . . B:*.EXE Write Read 1 . . B:*.* Write Read 2 3 4 5 6 7 . . B:*.* Write All 1 . . *.* Write All 1 2 3 4 5 6 7 . .......................................................... 16 Defining File Access Groups, cont'd. To positively exclude the introduction of new *.com or *.exe files you need to prevent a user from loading an executable file under a different name and then renaming it with a .exe or .com suffix. The following access list does that by giving only security level 1 users write access to *.exe or *.com files. In the LAN Watch system, renaming a file requires write access. Lines 9 through 12 in the following access list give security level 1 users the ability to write *.exe and *.com files, while restricting other users to read-only access. .. Finance files .... Report Allowed Security Levels .. . . . A:*.COM Write Read 1 . . A:*.EXE Write Read 1 . . A:*.* Write Read 2 3 4 5 6 7 . . A:*.* Write All 1 . . B:*.COM Write Read 1 . . B:*.EXE Write Read 1 . . B:*.* Write Read 2 3 4 5 6 7 . . B:*.* Write All 1 . 9 . *.EXE Write All 1 . . *.COM Write All 1 . . *.EXE Write Read 2 3 4 5 6 7 . . *.COM Write Read 2 3 4 5 6 7 . . *.* Write All 1 2 3 4 5 6 7 . .......................................................... I suggest that you group similar file names to make your file list more readable. You should also list more restrictive names before less restrictive names (*.COM is more restrictive than *.*, FORECAST.90 is more restrictive than FORECAST.*). When setting up an access group list you should always keep one name/password combination assigned to a different access group list that you know works. This is a precaution to insure that you will always be able to get back into the Setup program even if you completely mess up the access group on which you are working. You may change the file access groups at any time, but the changes you make will not take affect until the next time you log on. 17 The Report Program The Report program is used to create reports based on the data collected by the Logon program. The Report program generates six different reports. For each report the user may select starting and ending dates, station numbers, user name, program name, file name and other criteria that control the level of detail and specificity of the report. After a report is generated it may be printed or viewed on the screen. While viewing the report you may search for specific text, jump to a particular page, and print selected pages. 1. Date Report ----------- The Date report lists a chronological log of each station's use, including the user name, programs run and files accessed. A report summary gives daily totals for each day the station was active. A report graph shows at a glance the system workload for each day of the week. 2. User Report ----------- The User report lists each user's time on the system and includes the programs run and files accessed. A report summary gives the total time each user was logged on, and his or her activity level measured in keystrokes per minute. 3. File Report ----------- The File report displays all file accesses in file name, date and time sequence. The user name, station number and program name are identified with each file access reported. 4. Program Report -------------- The Program report lists all programs that were run in program name, date and time sequence. A report summary gives the total time each program was run, and the number of copies of each program run simultaneously at different stations. 5. Job Report ---------- The Job report gives a complete list of the total time spent on each job, and the portion of the total spent by each user. 6. Active Report -------------- The Active report shows who is currently logged on the network at each station. The Report program can only be run if the Logon program has been previously loaded into memory. 18 The Password Program The Password program allows the user to change his password. When running the Password program the user first enters his name and current password and is then prompted to enter his new password. The Password program can only be run if the Logon program has been previously loaded into memory. Purging Station Logs The Logon program collects detailed information about the operation of your computer and writes it to file \ZZLOG\STATION.NN where NN is the station number that is being monitored. For example, the station log for station 3 is written to file \ZZLOG\STATION.03. Over time these station logs may expand to consume excessive disk space. To purge a station log simply delete it with the DOS erase command. For example, to delete the station log for station 3 type the following line at the DOS prompt. ERASE \ZZLOG\STATION.03 Station logs may be erased at anytime without affecting the operation of the LAN Watch system. When a station log is erased, a new one will be automatically started by the LAN Watch system. We suggest that at the end of each month, after printing all your monthly reports with the Report program, that you erase the station logs to conserve disk space. If disk space is not a consideration you may let the station logs accumulate for up to 600 days, at which time they should be erased. Using LAN Watch as a Job Accounting System The LAN Watch system can be used for job accounting by adding a semicolon and job name to the user name when logging on to the system. For example, if ED logs on as ED;JOB 1, his time will be accounted for under the job name JOB 1. The total length of the job name should not exceed 17 characters. Once job names have been used you can run the Job report. The Job report gives a complete list of the total time spent on each job, and the portion of the total spent by each user. The user can switch from one job to another at any time by pressing the logon hot key. 19 Logon Error Codes When the Logon program encounters a disk or network error, it will display a coded error message and give you an opportunity to retry the operation. The following list gives the meaning of each error code. 01 Invalid function 52 Duplicate name on network 02 File not found 53 Network name not found 03 Path not found 54 Network busy 04 No handles available 55 Network disconnected 05 Access denied 56 Net BIOS command limit exceeded 06 Invalid handle 57 Network adapter error 12 Invalid access code 58 Incorrect network response 13 Invalid data 59 Unexpected network error 15 Invalid drive 60 Incompatible remote adapter 19 Disk write protected 64 Network name deleted 21 Drive not ready 65 Access denied 25 Seek error 66 Network device type incorrect 26 Unknown media type 67 Network name not found 27 Sector not found 68 Network name limit exceeded 29 Write fault 69 Net BIOS session limit exceeded 30 Read fault 70 Temporarily paused 31 General failure 71 Network request not accepted 32 Sharing violation 83 Fail on Int 24 33 Lock violation 86 Invalid password 36 Sharing buffer overflow 87 Invalid parameter 50 Network request not supported 88 Network data fault 51 Remote computer not listening 89 Unknown error DISCLAIMER OF ALL WARRANTIES AND LIABILITY ------------------------------------------ Zaron Software, Inc. makes no warranties, either express or implied, with respect to this software, its quality, performance, merchantability, or fitness for any particular purpose. Zaron Software, Inc. and program author shall have no liability or responsibility to purchaser or to any other person or entity with respect to any liability, loss or damage caused or alleged to be caused by this software, including but not limited to any interruption of service, loss of business or anticipatory profits or consequential damages resulting from the use or operation of this software. 20 More Exceptional Zaron Software for PCs and Compatibles Hyper-Word (tm) The Word Processor that Interconnect Ideas! Hyper-Word delivers the promise of hypertext power without the burden of programming. Use Hyper-Word's free form ability to interconnect documents in a way that makes sense to you. Hyper-Word provides you with all the navigation tools to create and explore vast amounts of data. Instantly create interactive tutorials, computerized reference manuals and form letters with Hyper-Word's 'touch and link' power, or easily use it as a multi-window professional word processor with spell checker, readability index, recent reference list and more. Version 2.02 includes mouse and network support. Only $149.00. Three disk demo $10.00. HELP! (tm) The Universal Help System Easily create pop-up help and menus for all your programs and computer operations! This is the ultimate help system that can be easily adapted to any application. Help! can be used with standard text files to create a custom 'flat' help system, or use it with Hyper-Word to create a multi-dimensional help, reference or menu system. Help! automatically displays the correct help file for the program you are running. Help! does not require any changes to your programs, yet it provides relevant, context sensitive help at every point in each program's operation. Help! is a TSR (terminate and stay resident) program that requires less than 12k of memory and is mouse and network compatible. Includes sample help files and programs, plus a help system for commonly used DOS commands. Only $49.95 21