PC Direct 1995 May

home *** CD-ROM | disk | FTP | other *** search

/ PC Direct 1995 May / PC Direct CD-ROM (May 1995).ISO / ipe / protec / manual / chap8.txt < prev next >

Wrap

Text File | 1994-08-09 | 49.1 KB | 1,283 lines

Chapter 8 PROTEC NET Programs This section lists and describes all programs and files available to you when using PROTEC NET. Programs are presented in the following manner: Filename, Location, Type, Syntax, Description, Parameters and Examples. The last two headings do not appear for all filenames. A file location may either be a directory on the Workstation (W) or Security Server (SS). The file type may be NET Script, Security Setup, Maintenance or Security itself. W indicates the file must exist both on the workstation and in the PROPUBLIC directory on the Security Server. PSETUP.INF, located within the PROPUBLIC directory, contains the most current list of files copied to either the workstation, PROPUBLIC, and PROSYSTEM directories and appear as follows: [workstation], [public files] or [system files], respectively. The following security modules, .SC files, must exist both in the PROTEC directory on a PROTEC NET workstation as well as PROPUBLIC directory: AUDIT.SC, AUDITUSE.SC, CFGAUTO.SC, CRYPT.SC, DFNAME.SC, DIR.SC, ISOPATH.SC, KEYLOCK.SC, KS.SC, LLIO.SC, MEMORY.SC, NETIO.SC, PRTCOMM.SC, PTSR.SC, REUSE.SC, SAVESCRN.SC, SCRNIO.SC and TD.SC. *************************************************** ADDRESS.EXE *************************************************** Location: SS PROPUBLIC directory Type: Security Setup Syntax ADDRESS Description ADDRESS returns the current workstation's network address. *************************************************** AUTONVLL.EXE *************************************************** Location: SS PROPUBLIC directory Type: NET Script Syntax AUTONVLL.EXE [/help] [/messages] Description This program is designed to run from NetWare's System Login Script so that workstation security installation and removal tasks occurs automatically at login. Tasks may be scheduled using the Security program, PSECURE.EXE. Parameters Parameter Value Description ____________________________________________ /messages /messages Overrides the PROFLAGS environment variable. This sets its output to HEADINGS, MESSAGES, ERRORS, BOX and DOUBLE. /help /help Provides on line help. *************************************************** BLDTREE.EXE *************************************************** Location: SS PROPUBLIC directory Type: NET Script Syntax BLDTREE.EXE [/help] [/messages] Description BLDTREE.EXE catalogs workstation resources including drives, directories and files. This program is designed to run from NetWare's System Login Script so that a supervisor can assign permissions to workstation resources using directory trees. This task may be scheduled using the Security program, PSECURE.EXE. Parameters Parameter Value Description ____________________________________________ /messages /messages Overrides the PROFLAGS environment variable. This sets its output to HEADINGS, MESSAGES, ERRORS, BOX and DOUBLE. /help /help Provides on line help. *************************************************** C2.EXE *************************************************** Location: W PROTEC directory Type: Security Syntax C2 switch Description C2 turns the keyboard on or off at the hardware level. C2 may be used within the AUTOEXEC.BAT or other batch files to control keyboard input. It is automatically set when Boot Protection is installed through PSECURE.EXE Parameter Parameter Value Description ____________________________________________ switch /0 Turns the keyboard /1 off. Turns the keyboard on. *************************************************** CHMOD.EXE *************************************************** Location: SS PROPUBLIC directory Type: Security Setup Syntax CHMOD [-|+attribute] [files] Description Changes the attribute of a file or set of files. To display file attributes, specify files without specifying attributes. Use + to set attribute. Use - to remove attribute. Parameters Parameter Value Description ___________________________________________ attribute r read-only h hidden s system files any valid DOS Refer to the filename, DOS manual including wild for proper cards. syntax Examples A command line WITHOUT + or - displays current attributes. For example, chmod *.bak Attributes and filenames may be combined. For example, chmod -hr *.com chmod +r d:\thisdir\*.* f:\thatdir\*.doc *************************************************** COPYKEY.EXE *************************************************** Location: SS PROSYSTEM directory Type: Maintenance Syntax COPYKEY.EXE Description Keydisks are stored in encrypted format on the Security Server. COPYKEY.EXE copies the appropriate workstation's keydisk to the destination drive. This keydisk file is used in conjunction with RBPKEY.EXE to remove Boot Protection from a workstation. For more information on removing Boot Protection refer to Install/Remove Boot Protection and Emergency Removal. *************************************************** ENCRYPT.EXE *************************************************** Location: SS PROSYSTEM directory Type: Security Setup Syntax ENCRYPT [/mono] Description This utility allows a NetWare supervisor to encrypt files located on a network drive. These resources are then processed by PROTEC's automatic encryption module so that only authorized NetWare users that sign onto a PROTEC NET workstation can read automatically encrypted files. Parameter Parameter Value Description ____________________________________________ /mono /mono Specifies that the monitor is monochrome. *************************************************** KEYLOCK.EXE *************************************************** Location: W Microsoft Windows Directory Type: Security Description This program is used by PROTEC to provide Keyboard Lock within Windows. This system only works in conjunction with the PROTEC NET security system and is activated if the Windows option within Keyboard Lock has been checked. During signon, PROTEC ensures that the following files exist within the Windows directory: KEYLOCK.EXE, KEYTIME.EXE PROTEC.GRP, KTDLL.DLL, PKEYDLL.DLL AND BWCC.DLL. *************************************************** KEYTIME.EXE *************************************************** Location: W Microsoft Windows Directory Type: Security Description This program is used by PROTEC to provide Keyboard Lock for Windows during unattended sessions. This system only works in conjunction with the PROTEC NET security system and is activated if the Windows option within Keyboard Lock has been checked. During signon, PROTEC ensures that the following files exist within the Windows directory: KEYLOCK.EXE, KEYTIME.EXE PROTEC.GRP, KTDLL.DLL, PKEYDLL.DLL AND BWCC.DLL. *************************************************** LOADER.COM *************************************************** Location: W C:\ directory Type: Security Syntax C:\LOADER.COM /d[drive:][path] /e:auto [/mono] Description LOADER.COM is PROTEC's security kernel and is responsible for loading and enforcing security. This program must be called from the AUTOEXEC.BAT file. LOADER.COM should reside in the root directory on the first physical disk to provide maximum protection. Refer to Loading PROTEC into Upper Memory for more information on loading PROTEC into high memory. LOADER.COM is responsible for the following operations: - loading the appropriate security modules into memory. - initializing EMS memory. - providing the interface so that all security modules can communicate with one another. - creating the PROTEC environment. Parameter Value Description ____________________________________________ /shell /shell Must be specified if PROTEC is loaded as a Shell within the CONFIG.SYS file. /d a valid DOS Must be set directory to the PROTEC directory. /e Must be less than Specifies or equal to 32767 the size of or "auto" if PROTEC's loaded within the environment AUTOEXEC.BAT file. in bytes. /l /mono Specifies that the monitor is either monochrome or a two color system. Examples If PROTEC is installed to load into upper memory the AUTOEXEC.BAT file may look as follows: loadhigh C:\LOADER.COM /e:auto C:\PROTEC\LOADINIT.COM while the CONFIG.SYS may be configured as follows: device=C:\DOS\HIMEM.SYS device=C:\DOS\EMM386.EXE ram DOS=high,umb *************************************************** LOADINIT.COM *************************************************** Location: W PROTEC directories Type: Security Syntax loadhigh C:\LOADER.COM [drive:][path]LOADINIT.COM Description LOADINIT.EXE allows PROTEC's security kernel, LOADER.COM, to take control over the system after it has been loaded into upper memory. Refer to the your memory manager's manual for proper syntax for loading a program high. Refer to Loading PROTEC into High Memory. *************************************************** LOGIN.EXE *************************************************** Location: SS \LOGIN, PROPUBLIC directories Type: Security Syntax LOGIN [/option] [servername/[name]] [scriptparameters] Description The Login program should only be used with NetWare. This program should be used instead of NetWare's Login program to allow full compatibility between PROTEC and NetWare. This program functions exactly the same as NetWare except it supports PROTEC's master environment and PROTEC script enhancements. *************************************************** LOGINDAT.EXE *************************************************** Location: SS PROPUBLIC directory Type: Security Setup Syntax LOGINDAT [servername/] [username] Description This utility allows you to view NetWare account restrictions for a particular user on a particular file server. Parameters Parameter Value Description ____________________________________________ servername File server Specifies where to name look for a user's account restrictions. username A valid Specifies the user NetWare user restrictions to name. output. *************************************************** LOGOUT.EXE *************************************************** Location: SS \LOGIN, PROPUBLIC Directories Type: Security Setup Syntax LOGOUT [servername] Description The Logout program should only be used with NetWare. This program should be used instead of NetWare's Logout program to ensure full compatibility with NetWare. If this program is not used and an invalid drive ID entries exist within the current path, refer to REMAP.EXE. This program resides in the \LOGIN directory on the Security Server. *************************************************** MAP.EXE *************************************************** Location: SS \LOGIN, PROPUBLIC directories Type: Security Syntax MAP * Description The Map program should be used with NetWare. This program should be used instead of NetWare's Map program to ensure full compatibility with NetWare. This program resides in the \LOGIN directory on the Security Server. * Supports all map options listed within Novell NetWare's Utilities Reference Manual. *************************************************** NAMER.EXE *************************************************** Location: SS PROPUBLIC directory Type: NET Script Syntax NAMER [/help] [/messages] Description NAMER.EXE records a workstation's network address, Workstation ID, into PROTEC NET's workstation database, NAMER.DBF. This program is designed to run from NetWare's System Login Script so that a supervisor can install and configure workstation security centrally. Parameters Parameter Value Description _____________________________________________ /messages /messages Overrides the PROFLAGS environment variable. This sets its output to HEADINGS, MESSAGES, ERRORS, BOX and DOUBLE. /help /help Provides on line help. *************************************************** NETINST.EXE *************************************************** Location: SS PROSYSTEM Directory Type: Security Setup Syntax NETINST [/mono] Description NETINST.EXE is PROTEC NET's server installation program. Parameter Parameter Value Description ____________________________________________ /mono /mono Specifies that the monitor is monochrome. *************************************************** NETSEC.EXE *************************************************** Location: SS PROSYSTEM Directory Type: Security Setup Syntax NETSEC [/mono] Description This utility allows managers to configure workstation security and schedule security installations and updates. Group Access Permissions cannot be configured through this program. This program is generally called from within PSECURE.EXE. Parameter Parameter Value Description ____________________________________________ /mono /mono Specifies that the monitor is monochrome. *************************************************** NOCOPY.EXE *************************************************** Location: SS PROPUBLIC Directory Type: Security Setup Syntax NOCOPY [drive:][path] filename.ext Description NOCOPY.EXE injects the program with code that disallows a user to run the program on another system that is not a PROTEC NET workstation. Only files with the extensions .EXE and .COM can be protected in this way. Example nocopy C:\DATA\SUB2\*.EXE *************************************************** PCRYPT.EXE *************************************************** Location: SS PROPUBLIC Directory Type: Security Setup Syntax PCRPYT function method [drive:][path]filename.ext [drive:][path]filename.ext...] Description Encrypts or decrypts files. PCRYPT.EXE may also be used as a command line encryption to specify files to be encrypted automatically by PROTEC NET. Multiple files may be specified and are delimited by spaces. PCRYPT.EXE ensures that files are only encrypted once. Parameters Value Description ______________________________________________ function /e Encrypt specified files excluding programs. /ee Encrypt specified files. /d Decrypt specified files excluding programs. /de Decrypt all files. /ae Encrypt specified files (excluding .DLL,.SYS,.COM. .EXE) and is to be used by PROTEC's Automatic Encryption module. /ad Decrypt specified files used by automatic encryption. method /hdes Encrypt/Decrypt with Hardware DES board. /sdes Encrypt/Decrypt using software DES algorithm. /prop Encrypt/Decrypt using PROTEC's proprietary algorithm. filename any valid Refer to the DOS e.ext DOS manual for proper filename, syntax including wild cards. key A-Z, a-z, 0- where the key may be 9 ` - = [ ] a string ranging ; ' . / , ~ from 1 to 8 ! @ # $ % ^ characters. Tabs * ( ) _ + { and spaces are not } : " < > ? valid keys. The key \ | is not case sensitive. Examples pcrypt /e /sdes c:\wp\*.doc c:\word\test.doc pcrypt /d /PROP c:\files\myfile.txt pcrypt /ae /PROP c:\julie\*.* When using /ae parameter, PCRYPT.EXE inserts information so that PROTEC's automatic encryption module can read the file automatically from a PROTEC NET workstation. ************************************************** PCVAUDIT.EXE ************************************************** Location: SS PROSYSTEM Directory Type: Maintenance Syntax PCVAUDIT method filename.[ext] [audit database] Description This utility is a maintenance tool which converts AUDIT.DBF to the filename specified. If an .ext is not specified, then either a .dbf or .txt extension is appended to the filename. Parameters Parameter Value Description ____________________________________________ method /a Converts the audit database to an ASCII /d comma-delimited file. Converts the audit database to a dBase III compatible database file. filename any Refer to the DOS manual .ext valid for proper syntax DOS filename, including wild cards. audit any The default audit database valid database file to DOS convert is AUDIT.DBF. filename. If the filename is different or is not located in the PROTEC directory then specify the filename. ************************************************** PERM.EXE ************************************************** Location: SS PROSYSTEM directory Type: Security Setup Syntax PERM [/mono] Description Allows you to configure Group Access Permissions. Parameter Parameter Value Description ____________________________________________ /mono /mono Specifies that the monitor is monochrome. ************************************************** PINIT.EXE ************************************************** Location: SS PROSYSTEM directory Type: Maintenance Syntax PINIT method [ databases] Description Recreates PROTEC databases within the PROPUBLIC directory. Parameters Parameter Value Description ers method /r Recreates specified databases or all if non /m specified. Recreates missing databases. databases audit.dbf Audit data file program.dbf Application Manager data file gor.dbf Group Access Permissions data file object.dbf Automatic Encryption data file dfiles.dbf Workstation drive data file psys.dat Master Password and general security parameter data file. Examples To recreate missing databases in the PROPUBLIC directory, you would type the following: pinit /m To recreate all databases, type the following: pinit /r To recreate program.dbf , type the following: pinit /m program.dbf ************************************************** PLICENSE.EXE ************************************************** Location: SS PROSYSTEM directory Type: Maintenance Syntax PLICENSE Description This utility increases the number of site licenses allowed for a specific Security Server. Contact your PROTEC NET representative for assistance. ************************************************** PLOGIN.EXE ************************************************** Location: W PROTEC directory Type: Security Syntax PLOGIN Description Use this program instead of PROTEC's login program if one of the following is TRUE: · You are using the EXIT command within a NetWare script file (either the user script or the system script) · You want to run login from a menu program (e.g., Dosshell or PROTEC's PMENU.EXE). Both NetWare and PROTEC LOGIN.EXE programs insert the string specified by the EXIT command into the BIOS keyboard buffer. Since most menu programs clear this buffer when they regain control, any keys inserted by the Login program are lost making the EXIT command useless. PLOGIN.EXE solves this problem. If possible, use the SHELL login script command as an alternative to the EXIT command. ************************************************** PMAP.EXE ************************************************** Location: SS PROSYSTEM directory Type: Security Setup Syntax PMAP Description This utility provides a memory map of each PROTEC security module that is loaded into memory, its memory location, the number of bytes it uses and the security feature it activates. Log onto the workstation prior to running this program. ************************************************** PMENU.EXE ************************************************** Location: SS PROPUBLIC directory Type: Security Syntax PMENU [/mono] Description This program is PROTEC's menu system and is referred to as the Application Manager. It can only be run with the PROTEC NET security system and is specified as a Login Shell. PMENU displays only those resources to which a user has been granted access. Refer to Login Shell and User Login Shell. Within PMENU.EXE there are several function keys which allow you to create menus and submenus. These are listed below: · F6 F5:Install and de-install programs and submenus. · F8: Scan drive for programs found in PSETUP.INF `[program]' list. · F9: Moves the highlighted program or submenu to the location selected when pressing enter. Parameter Value Description ____________________________________________ /mono /mono Specifies that the monitor is monochrome. ************************************************** PPERM.EXE ************************************************** Location: W PROTEC directory Type: Security Syntax PPERM Description Loads a user's permissions when he signs onto the security system. It is used internally by PROTEC NET. ************************************************** PPURGE.EXE ************************************************** Location: SS PROPUBLIC directory Type: Maintenance Syntax PPURGE command drive: Description This program may be used on the workstation to catalog files on a specific drive. If files are created after a purge data file is created using the /create command, they may be identified and possibly specified for deletion. This program is configured to run from the workstation's AUTOEXEC.BAT file to stop users from creating files on the workstation. Parameter Value Description ____________________________________________ command /create Creates a data file containing a list of all files on the specified drive. Any /compare file not found within the data file is deleted by the delete command. /delete Displays all files that [/noask] exist within the data file yet do not exist on the specified drive. Also displays files /list that will be deleted by using the /delete command. Deletes files not located within the data file. PURGE verifies the file is to be deleted unless you specify the command /noask. Lists specified files within data file. Output can be redirected to standard out. drive: any available drive. ************************************************** PRIMSRVR.EXE ************************************************** Location: SS PROSYSTEM directory Type: Maintenance Syntax PRIMSRVR task1[servername1/username][ servername2/username] PRIMSRVR task2 [ filename.ext] Description This utility generates a report of users and their Primary Servers and allows a supervisor to change Primary Servers. This utility also allows a supervisor to recreate the PROTEC_GROUP and PROTEC_USER if needed. Parameters Parameter Value Description ____________________________________________ task1 /a Assign a Primary Server. /c Change a user's Primary Server. Must specify /g[d] both server names and users. /u[d] `/g' creates PROTEC_GROUP. `/gd' deletes it. `/u' creates the PROTEC_USER. `/ud' deletes it. task2 /s Creates server list to filename.ext. /l Lists all users and their Primary Servers /v for all Security Servers. Verify unique Primary Server for all Security Servers. servername1 any Can be used in valid conjunction with /a and NetWare /c. servername1 file corresponds to the server Primary Server assigned to the user if none exists or the user's current Primary Server to be changed. servername2 any Specifies the file valid server to be a user's NetWare Primary Server. file server. username a Specifies the user whose NetWare Primary Server is user affected. name filename.ext any Contains list of file valid servers. One server DOS name per line. Used filename with /s /l and /v. ************************************************** PROTEC3.SYS ************************************************** Location: W PROTEC directory Type: Security Syntax C:\DRIVERS\PROTEC3.SYS Description This program is used internally by PROTEC to perform Boot Protection. If Boot Protection is installed, this driver appears usually as the first device driver in the CONFIG.SYS. This driver may be loaded high if needed. Refer to the DRIVERS Directory for details on loading a device driver high. ************************************************** PSCRIPT.EXE ************************************************** Location: W PROTEC directory Type: Security Syntax PSCRIPT.EXE Description This program is used internally by PROTEC to execute NetWare's login scripts This program creates the NetWare environment and enables the system to be PROTEC "aware." ************************************************** PSECURE.EXE ************************************************** Location: SS PROSYSTEM directory Type: Security Setup Syntax PSECURE [/mono] Description PSECURE.EXE is the PROTEC NET Security program which allows a supervisor or users with supervisor security equivalence to configure workstation security and user security. Parameter Parameter Value Description /mono /mono Specifies that the monitor is monochrome. ************************************************** PSETUP.INF ************************************************** Location: SS PROPUBLIC directory Type: Security Description This file is a text file used by most PROTEC NET utilities. ************************************************** PSIGNON.EXE ************************************************** Location: W PROTEC directory Type: Security Syntax PSIGNON [/mono] Description This program is called by LOADER.COM and it allows any user to use the EXIT command within NetWare's login scripts. Further, PSIGNON expands the command line to 126 characters. Parameter Parameter Value Description s /mono /mono Specifies that the monitor is monochrome. ************************************************** PSUPPORT.EXE ************************************************** Location: SS PROSYSTEM directory Type: Maintenance Syntax PSUPPORT Description This program is for solving certain technical problems and requires a key from the Technical Support Staff to be able to execute it. ************************************************** PSYS.DAT ************************************************** Location: W PROTEC directory Type: Security Description This program is used internally by PROTEC to configure workstation security parameters. This file is updated by the NET Script program, UPP.EXE. ************************************************** RBP.EXE ************************************************** Location: SS PROPUBLIC directory Type: NET Script Syntax RBP [/help] [/messages] Description RBP installs and removes Boot Protection to and from a workstation. This program is designed to run from NetWare's System Login Script so that a supervisor can install and configure workstation security centrally. Installation and deinstallation can be scheduled using the Security program, PSECURE.EXE. Parameter Value Description ____________________________________________ /messages /messages Overrides the PROFLAGS environment variable. This sets its output to HEADINGS, MESSAGES, ERRORS, BOX and DOUBLE. /help /help Provides on line help. ************************************************** RBPKEY.EXE ************************************************** Location: SS PROPUBLIC directory Type: Maintenance Syntax RBPKEY filename Description Use this program to remove Boot Protection externally from a workstation. Refer to Boot Protection, Emergency Removal. Parameter Value Description ____________________________________________ filename KEY?????.??# The keydisk is where ? copied to the same represents a location as number. RBKEY.EXE. ************************************************** REMAP.EXE ************************************************** Location: SS \LOGIN, PROPUBLIC directories Type: Maintenance Syntax REMAP Description This program resets the PATH statement after you have logged out from the NetWare server using NetWare's LOGOUT.EXE. ************************************************** REPORT.EXE ************************************************** Location: SS PROSYSTEM directory Type: Maintenance Syntax REPORT [/mono] Description Allows users (who have access to REPORT.EXE) and Managers to create the following reports: User, Groups, Programs, Audits, Automatic Encryption and Workstation. Parameter Parameter Value Description ____________________________________________ /mono /mono Specifies that the monitor is monochrome. ************************************************** RMPROTEC.EXE ************************************************** Location: SS PROSYSTEM directory Type: Maintenance Syntax RMPROTEC Description Removes PROTEC NET from the Security Server. Workstation Removal should be completed prior to using this feature. If not, technical assistance may be required to gain access to each workstation. NetWare Login files are copied back to \LOGIN directory if specified to do so. The following file server bindery records are removed: PROTEC NET signature, PROTEC_USER, PROTEC_GROUP and Primary Server properties. ************************************************** UPP.EXE ************************************************** Location: SS PROPUBLIC directory Type: NET Script Syntax UPP [/help] [/messages] Description UPP updates information stored on the local workstation such as master and local passwords and local copies of PROTEC. This program is designed to run from NetWare's System Login Script so that a supervisor can install and configure workstation security centrally. Use PSECURE.EXE to update security. Parameters Parameter Value Description ____________________________________________ /messages /messages Overrides the PROFLAGS environment variable. This sets its output to HEADINGS, MESSAGES, ERRORS, BOX and DOUBLE. /help /help Provides on line help.