Developing for Novell ® Nsure ™ SecureLogin Gordon Mathis Senior Software Engineer, Novell Inc.

© March 9, 2004 Novell Inc. 2 one Net: Information without boundaries…where the right people are connected with the right information at the right time to make the right decisions. The one Net vision Novell exteNd ™ Novell Nsure ™ Novell Nterprise ™ Novell Ngage SM : : : :

© March 9, 2004 Novell Inc. 3 The one Net vision Novell Nterprise is an innovative family of products which gives you the power to enable and manage the constant interaction of people with your business systems — regardless of who they are or where they are. Novell Nterprise ™ Novell exteNd ™ Novell Nsure ™ Novell Nterprise ™ Novell Ngage SM : : : :

© March 9, 2004 Novell Inc. 4 Documentation The documentation for SecureLogin is located in the Docs directory. Previous versions had the product documentation distributed in several different places. This made them difficult to locate in some cases. Nsladm – Administrators guide Nslinst – Installation guide Nslscrpt – Scripting guide Nslterm – Terminal Emulation guide Nsltserv – Terminal Services guide Nssadm – SecretStore guide

© March 9, 2004 Novell Inc. 5 Tools Included with SecureLogin – Wintool.exe – Window Finder (installed on every workstation) – Loginwatch.exe – Login Watcher (Located in NSL distribution under SecureLogin/tools directory) Not Included – Winspector Spy – ( Used to monitor internal Windows Messages. – Dependency Walker – ( Used to find DLL functions and dependencies.

© March 9, 2004 Novell Inc. 6 Types of Applications/Scripts 1. Pre-built 2. Corporate 3. Startup 4. Web/Advanced Web 5. Generic 6. Java 7. Lotus Notes 8. Password Policies 9. Terminal Launcher 10. Windows/Advanced Windows Scripting guide Page 14

© March 9, 2004 Novell Inc. 7 Script Commands The commands used within the script of the application will be determined by the type of the application. Certain commands are only valid for specific application types. Scripting guide Appendix A (page 115)

© March 9, 2004 Novell Inc. 8 Best Practices Scripting Guide page 17 Capitalization Indenting Leaving blank lines or Grouping Using comments Etc…

© March 9, 2004 Novell Inc. 9 Using Symbols Scripting Guide page 21 # % Etc…

© March 9, 2004 Novell Inc. 10 Using Variables Scripting Guide page 23 Stored Runtime Directory Attribute Internal Etc…

© March 9, 2004 Novell Inc. 11 Using Variables (cont.) Managing/Creating Scripts ConsoleOne ® MMC SLProto.exe SLManager.exe

© March 9, 2004 Novell Inc. 12 Corporate Scripts All users get the same script Eliminates confusion for users Allows management from a management console Why would you use them?

© March 9, 2004 Novell Inc. 13 Startup Scripts Allows SecureLogin to be running before application Timing problems with startup scripts Why would you use them?

© March 9, 2004 Novell Inc. 14 Web & Advanced Web Scripts Allows SecureLogin to interact with web pages. Automates the authentication and navigation of web pages The advanced web scripts commands give additional control over the web page and it’s controls. Default method of sending the OK event to the web browser does not work with all web pages. Why would you use them?

© March 9, 2004 Novell Inc. 15 Generic Scripts Used for repeated functions that can be called or included within multiple scripts. Use the include command in scripts to call a generic script. Why would you use them?

© March 9, 2004 Novell Inc. 16 Java Scripts Java scripts are only available if Sun’s JRE or better is installed. (see readme) Gives SecureLogin the ability to dump Java code and locate information. Works with both Java application and web pages that comply to Swing/AWT. Why would you use them?

© March 9, 2004 Novell Inc. 17 Lotus Notes Scripts Lotus Notes delivers separate dialogs for username and password. SecureLogin provides both a script and a interface module for Lotus Notes. The Lotus Notes interface module is nslassist.dll. Lotus Notes must be installed prior to install. Use pre-built Lotus Notes script. Why would you use them?

© March 9, 2004 Novell Inc. 18 Password Policies Allows control over types of passwords that can be used within applications. A unique password policy can be created for each application/script. Can require mixed case, min/max character or numeric values. Can be used in conjunction with Random password generation. Why would you use them?

© March 9, 2004 Novell Inc. 19 Terminal Launcher Scripts Allows interaction with terminal emulator sessions. Can be used to automate complicated or repetitive processes. Can be used for DOS based applications or any application that supports copy and paste functionality. Initiated by the tlaunch.exe utility. Dependency walker used to identify hllapi dll’s and function names. Why would you use them?

© March 9, 2004 Novell Inc. 20 Windows & Advanced Windows Scripts Adds support for Windows 32 bit applications. Monitors the standard Windows “WM_COMMAND” message to applications. The advanced windows command “event” allows you to change what message to monitor for application activity. Window Finder and Winspector used to identify specific information for each application. Why would you use them?

© March 9, 2004 Novell Inc. 21 Structure of Scripts The script is made up of several parts. The first part of the script identifies the window or condition that forces this part of the script to execute. For example: Dialog Class "#32770" Title "Contivity VPN Client" EndDialog See scripting guide page 31. (Finding control ID’s)

© March 9, 2004 Novell Inc. 22 Structure of Scripts The commands that follow the EndDialog are what you want to happen when this window is found. For example: Dialog Class "#32770" Title "Contivity VPN Client" EndDialog MessageBox “We found our Window” …

© March 9, 2004 Novell Inc. 23 Structure of Scripts We can have multiple dialog commands within the script. For example: Dialog Class "#32770" Title "Contivity VPN Client" EndDialog MessageBox “We found Window 1” Dialog Class "#32770" Title “Client Login" EndDialog MessageBox “We found Window 2”

© March 9, 2004 Novell Inc. 24 Practice Scripting guide page 101 Using the Wizard Perform steps 1-6. Scripting guide page 104 Manually creating a script. Perform steps 1-6. Scripting guide page 106 Using the Window Finder. Perform steps 1-3. Scripting guide page 106 Message box and change password. Perform steps 1-4 & Steps 1-7.

© March 9, 2004 Novell Inc. 25 Practice iFolder – An example of Advanced Windows Scripting. Let the Wizard create application/script. Does it work? What about logout and login? Use Winspector to identify iFolder window messages. Configure script to allow iFolder logout and login.

© March 9, 2004 Novell Inc. 26 Practice Dialog Class "#32770" Title "Novell iFolder Login" Event WM_SHOWWINDOW EndDialog Setprompt "Username:" Type $Username #1007 Setprompt "Password:" Type $Password #1079 Setprompt "Optional:" Type $Optional #1001 Click #1 Setprompt "Enter your iFolder Credentials."

© March 9, 2004 Novell Inc. 27 Practice Launch iFolder from a startup script. Does it work? Why not? What can we do to make it work? Admin guide Page 60. sleep 1 start "Ifolder" /MIN /B "C:\Program Files\Novell\iFolder\TrayApp.exe" exit

© March 9, 2004 Novell Inc. 28 Troubleshooting Use the MessageBox command. Web Page script. See install guide page 113. Deriving Application names from strings. Install guide page 114. One script two sets of credentials. Install guide page 119. Forcing user authentication. Install guide page 119. Make the script not active Walk through the application manually before creating script and write down each and every key press and mouse click. Try different variations of the same or similar command. For example try single quotes instead of double quotes, or try the type command instead of the click command.

© March 9, 2004 Novell Inc. 29 Support Resources InstallShield error codes for SecureLogin How to configure SecureLogin to capture debug logs SecureLogin doesn't click the OK button How to configure and setup a HLLAPI emulator with SecureLogin How to configure and setup a generic emulator with SecureLogin How to configure and setup an advanced generic emulator with SecureLogin How to configure the TeraTerm emulator with SecureLogin How to configure IBM client access for SecureLogin NSL script for aol.com Registry Keys and Values Used by Secure Workstation How to use Novell Secure Login (NSL) 3.5 with BorderManager Configuring SecureLogin for 16 bit Windows Apps Tool to find offsets for Advanced Generic EMU

Questions & Answers

© March 9, 2004 Novell Inc. 32 General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Novell, Inc., makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc., reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.