home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
World of Shareware - Software Farm 2
/
wosw_2.zip
/
wosw_2
/
CPROG
/
KILLCO.ZIP
/
KILLCONN.DOC
< prev
next >
Wrap
Text File
|
1991-04-20
|
12KB
|
313 lines
DOCUMENTATION FOR KILLCONN.EXE
(Copyright 1991 Thomas R. Bruce)
In general:
KillConn is a utility which permits authorized users to clear
workstation connections on a Novell network via the command
line or from a batch file. It is useful for clearing stations prior to
running system backup and maintenance procedures, particularly if these
are being run unattended. The user should keep in mind that
however useful it may be it is also somewhat dangerous, particularly if
it is being used in the unattended mode.
KillConn has been tested under Netware 2.15 and 3.10 and it is
therefore probably safe enough to assume that it will work well with
any version of Netware above 2.10. (I'd love to hear about any
exceptions to this naive generalization).
//////////////////////////////////////////////////////////////////////
Additional notes for version 1.1:
Version 1.1 is appearing only a few days after version 1. This is
owed not (thank heavens) to any major flaws in the original software,
but instead to the astute comments and observations of Gary Banks at
the University of Virginia Law School; 1.1 adds a couple of features
and solves some problems Gary was having with it. (Report bugs and
I'll mention your name too....)
First, KILLCONN now attempts to disconnect the victim five times
before failing with an appropriate error message to the log file;
Novell versions prior to 2.15 seem to have some problems with a
single pass. Previously KILLCONN's failures went unnoticed in the
log. You can change the retry count with the RETRIES=nn command line
parameter (see below).
Second, I thought that some of the more merciful among you-- those who are
not running this program late at night-- might appreciate the ability
to warn users prior to dropping their connections. See the
WARNING=nn parameter below.
//////////////////////////////////////////////////////////////////////
Safety nets:
KillConn cannot be run by anyone who does not have console operator
rights on a target file server. It can also be configured (via the
confirm=YES option -- see below) to require a keyboard response before
it clears anyone, if you are not running it unattended. You can also
set up a Netware group called IMMORTAL; KillConn will skip any of its
members no matter what. This is handled on a per-file-server basis, so
if you're running KillConn on an internetwork, you'll have to set up
the group on each server; whether you do this with the same members on
all servers or not is up to you.
KillConn will not clear ANY connection belonging to a user with the
same login_name as the workstation from which it is being run. This
can be a problem if the user running KillConn is logged in from multiple
locations, and you wish to retain only one, but I had to draw the
line somewhere.
Using the WARNING=nn parameter permits you to give the user an
appropriate amount of warning before disconnecting her. Of course,
too short a length of time is open to interpretation as a subtle
psychological torture....
//////////////////////////////////////////////////////////////////////
Power tools:
KillConn can be configured to clear groups of users in two ways- either
by using the group=SOMEGROUP parameter on the command line, which will
cause all members of a Netware group to be cleared, or by using
wildcard characters (* and ?, just as with DOS) in the user= command
line parameter (for example user=LABMACHINE*). Of the two methods, I
prefer using the 'group =' parameter. It involves a little more
administration, but it's also a great deal more obvious what's going on
and more difficult to make unintentional errors.
KillConn is set up to work automatically on all servers on an
internetwork; you can restrict its scope with the 'server='
command-line parameter if you only want to clear connections from one.
The 'user=' and 'group= ' parameters are still in effect (indeed, one
or the other is required). Of course, the workstation from which
KillConn is run must be attached to any server you wish to clear,
regardless of how you set the scope.
If you experience trouble with certain stations not clearing when you
know KILLCONN has found them, you may set KILLCONN to retry each
station a number of times before moving on. See RETRIES=nn below.
//////////////////////////////////////////////////////////////////////
Notification:
KillConn sends a regular Novell-type broadcast message to all stations
which it clears. The message give the date and time at which the
station was cleared, presumably for the victim to find the next morning.
Note that the date and time are taken from each server individually, so
that occasional discrepancies will result if your servers do not have
their system times synchronized.
You may also, via the 'log= logfilename' and 'logadd= logfilename'
parameters, configure KillConn to keep a log of its nefarious
activities. Using 'log=' causes an existing logfile with the same name
to be overwritten; 'logadd=' appends new information to an existing
logfile.
//////////////////////////////////////////////////////////////////////
Imaginative uses:
Primarily, KillConn is intended to clear stations out of the way so
that you can grab the system away from the end-users and get on with
whatever it was you wanted to do. I can also see it being used as a
way of plugging security holes created by users who leave workstations
running at all hours.
//////////////////////////////////////////////////////////////////////
ENOUGH, ALREADY! How do I use it?:
Command-line parameters:
USER=SOMEBODY
USER=WILD*CARD or WILD????
GROUP=NOVELL_GROUP (one and only one required)
USER=SOMEBODY will disconnect user SOMEBODY anywhere they are logged
in, no matter how many times they are logged in, unless SOMEBODY is a
member of IMMORTAL or the scope is restricted via the SERVER= option.
USER=WILD*CARD will similarly disconnect all users with names that
match the wildcard pattern (which follows DOS rules- * represents any
number of characters, ? only one).
GROUP=NOVELL_GROUP will disconnect all members of a group. Note that
if the group membership varies from server to server so will the people
disconnected; KillConn looks at only one bindery at a time.
You must use one of these and you may use only one. Anything else you
want to do can probably be handled either by setting up an appropriate
group with SYSCON or by running KillConn repeatedly from a batch file.
////////////////////////////////////////////////////////////////////////
SERVER=SERVERNAME
KillCon ordinarily works across all file servers to which the
workstation running it is attached (internetwork scope). If you want
to restrict this, you can limit it to server SERVERNAME by setting this
parameter.
////////////////////////////////////////////////////////////////////////
CONFIRM= YES or CONFIRM = NO
The default is CONFIRM= NO, so be careful. Normally, KillConn doesn't
ask anyone's permission before it blasts some heathen off the network.
If you set CONFIRM=YES at the command line, an operator at the
workstation running KillConn will be able to abort it on a case-by-case
basis. I recommend using this the first time you try a wildcarding
scheme, just to make sure nothing untoward shows up.
////////////////////////////////////////////////////////////////////////
LOG=filename or LOGADD=filename
If either one of these appears on the command line, KillConn will write
a log to file 'filename'. Of course, 'filename' may be a full DOS path
up to 255 characters in length. Using LOG= causes an existing file of
the same name to be overwritten; LOGADD= will create the file if it
doesn't exist, and append to it thereafter.
////////////////////////////////////////////////////////////////////////
HELP
-H
/H
Any one of these three produces a cryptic and potentially frustrating
help screen, as is traditional in the industry.
//////////////////////////////////////////////////////////////////////
WARNING=nn
Sends the user a broadcast message a minimum of nn seconds before
disconnecting them; you can set this as high as is necessary to allow
people to log out.
//////////////////////////////////////////////////////////////////////
RETRIES=nn
By default, KILLCONN will attempt a disconnection five times before
giving up; it seems that on certain networks stations do not respond
quickly enough. You can set the retry count higher or lower with
this parameter. There's probably no advantage to setting it lower
unless you're in one heck of a hurry.
//////////////////////////////////////////////////////////////////////
EXAMPLES:
Let's suppose we have a three-server internetwork with servers named
BOZO, CARDOZO, and SHLOMO-- I'm running KillConn as user BIGDEAL, who
has console privileges on all three servers.
KILLCONN USER=TOM
would clear TOM off of all three, provided that the workstation is
logged into all three.
KILLCONN USER=TOM SERVER=SHLOMO LOG=K:\HOME\BIGDEAL\KILLED.LOG
would kick TOM off SHLOMO only, and record this fact in the file
KILLED.LOG in the specified directory. If we then ran
KILLCONN USER=TO* LOG=K:\HOME\BIGDEAL\KILLED.LOG
users TOM, TORRID, TORRENTIAL, and TORTOISE would be cleared from all
servers. The log file would be overwritten with this information.
To retain the information from our previous session, we would use
KILLCONN USER=TO* LOGADD=K:\HOME\BIGDEAL\KILLED.LOG
If we wanted to skip the log, but have individual control over each
of the four users, we could use:
KILLCONN USER=TO* CONFIRM=YES
and manually confirm each clear from the workstation running
KillConn. Finally
KILLCONN GROUP=DINGBATS SERVER=BOZO
would zap all users in the group DINGBATS from server BOZO. Of
course, this assumes that none of the people mentioned above are
members of the IMMORTAL group.
Got it?
//////////////////////////////////////////////////////////////////////
YOUR RIGHT TO USE THIS PRODUCT:
KillConn is being marketed under a 'conscience-ware' scheme, whereby
I as author am not really seeking any compensation, but am also very
open to the possiblity that people might send me $10 or so if they find
it useful. More to the point, I really enjoy hearing from people who
are using the silly thing; it's nice to know someone's using something you
built. So, regardless of whether you send cash or not, drop me a line
or give me a call. As I say, it's nice to feel that this stuff isn't
getting pitched into a void.
Naturally, though I won't strain your credulity by claiming that I like
to get bug reports, I _do_ want to hear about them, and I will continue
to maintain this code (on an admittedly as-time-permits basis) for as long as
people report problems. Believe it or not I get a charge out of
writing little utilities and would therefore love to hear about any
ideas anyone may have for other small tools, new features, and so on.
KillConn _is_ copyrighted, and may not be distributed commercially or
in conjunction with any commercial product without the author's
permission; I also expect that should you post it to a bulletin board
or other public forum you will include this documentation, copyright
notice, and disclaimer. The author, Thomas R. Bruce, may not be held
liable for any damages, loss of business, or other direct or indirect
consequences of your use of this product. Put another way:
DISCLAIMER - AGREEMENT
Users of KillConn must accept this disclaimer of warranty:
"KillConn is supplied as is. The author
disclaims all warranties, expressed or implied, including,
without limitation, the warranties of merchantability and of
fitness for any purpose. The author assumes no liability for
damages, direct or consequential, which may result from the
use of KillConn."
That said, enjoy using KillConn. And don't forget to write:
Thomas R. Bruce
147 Chestnut St. E-22
Ithaca, NY 14850 (607)-273-2661
In cyberspace: lemuel!tom@cs.cornell.edu
75360,542 (Compuserve), which I don't check real often.