WindX Security Prompt v17

Started by brandonwCPG, October 13, 2020, 08:55:29 AM

Previous topic - Next topic

brandonwCPG

During installation on v17, after starting WindX...there is a security prompt about using WindX Security.
We are using PDQ deploy to deploy the software silently, is there a config file with a paramenter to answer this question automatically (to disable WindX security)
We don't want this popping up after installation.

Devon Austen

When doing the install on the client define a user Environment variable WDXTRUST to be the hostname or IP address of the WindX server.

https://manual.pvxplus.com/PXPLUS/PxPlus%20Installation%20and%20Configuration/Customizing%20PxPlus/Environment%20Variables.htm#Mark3
Principal Software Engineer for PVX Plus Technologies LTD.

brandonwCPG

Quote from: Devon Austen on October 13, 2020, 09:22:24 AM
When doing the install on the client define a user Environment variable WDXTRUST to be the hostname or IP address of the WindX server.

https://manual.pvxplus.com/PXPLUS/PxPlus%20Installation%20and%20Configuration/Customizing%20PxPlus/Environment%20Variables.htm#Mark3

Where are the Environment Variables defined at?

Devon Austen

Environment variables are a OS-level feature. Your installer application probably has features to make it easy to set an environment variable. If not it can be done through creating a registry entry I believe. Google will have the answer for your particular installer I am sure. If not Google "Set Environment Variable programmatically"  will get you answers that are more generic.
Principal Software Engineer for PVX Plus Technologies LTD.

brandonwCPG

Ok so I managed to set the environment variable to bypass the security prompt, but now when a user logs into our ERP server (without having to answer the security prompt) we get the following error...
(see attached image)
This error does not come up if we answer the security prompt through normal install (without editing environmental variables)

Can anyone assist?

Mike King

Check the connection address in WdxTrust against what you are using to connect with. 

If you specify WDXTRUST then the rule is if the  address you connected to is not an exact match then the system will default to no rights.  Basically if you have a WDXTRUST environment variable set then ONLY those whose name match will have access rights, all other won't and no security questions will be asked.

Fully open system can set WDXTRUST to * however this is not recommended.
Mike King
President - BBSysco Consulting
eMail: mike.king@bbsysco.com

brandonwCPG

Having one more issue.

If I put the environment variable in System Variables...should the prompt be popping up for WindX Security...or does it have to go into USER variables?

I put it in system variables with a PS script ran in the background and still had the prompt pop up for another user...

Mike King

Given the Microsoft description of System Environment variables I would have thought it would show up for all users on the same workstation.

From the WindX perspective we don't know if an environment variable comes from the system list or user list.

You might try going to Windows command mode and issuing a SET command to see the list of environment variables.  Something like:

  c:\user\mike>SET | FINDSTR WDX

Also note, setting environment variables applies the changes to NEW processes started by Explorer.  I am not certain when the System environment variables are loaded but it might be during reboot or sign-on thus you might try that to see if the settings take.
Mike King
President - BBSysco Consulting
eMail: mike.king@bbsysco.com

brandonwCPG

Is there anything that would prevent a domain admin from seeing the WindX security pop-up?
During our testing phase of the rollout, we installed on 2 domain admin computers (myself and a co-worker in our department) and neither one of us saw the security prompt upon installation, but our users are seeing it....

Anything that would be in place to cause a domain admin to NOT see the prompt by default?

Thomas Bock

Each user has his own environment. Maybe that is the reason.

Another way to circumwent the security check is to deploy a modified version of the library 'windx.en' in the WindX subdirectory on the client.
Add a pre display logic in the panel 'security_chk' to execute cmd_str$="END",arg_1$="NO"

brandonwCPG

Quote from: Thomas Bock on October 16, 2020, 02:33:47 AM
Each user has his own environment. Maybe that is the reason.

Another way to circumwent the security check is to deploy a modified version of the library 'windx.en' in the WindX subdirectory on the client.
Add a pre display logic in the panel 'security_chk' to execute cmd_str$="END",arg_1$="NO"

I have absolutely no idea how to modify that library file.

Could you perhaps send me a modified version of it where this command string is inserted? This would make things so much smoother for deployment.

Thank you!

Thomas Bock

That is a panel library. You can edit it with *nomads.

Mike King

If you are still looking for a way to avoid being asked about how to avoid the security settings, have you considered using a .BAT file?

Something like this will work to connect to Simple CS:

@echo off
set WDXTRUST=%1
start windx://%1:scs/4093/


Save this as WindX.bat, and to connect simply enter the command (or create a shortcut) of

  windx server

Mike King
President - BBSysco Consulting
eMail: mike.king@bbsysco.com

brandonwCPG

Quote from: Mike King on October 19, 2020, 11:11:14 PM
If you are still looking for a way to avoid being asked about how to avoid the security settings, have you considered using a .BAT file?

Something like this will work to connect to Simple CS:

@echo off
set WDXTRUST=%1
start windx://%1:scs/4093/


Save this as WindX.bat, and to connect simply enter the command (or create a shortcut) of

  windx server


Can you elaborate on this a little more?

Is this BAT file supposed to run each time or just on the 1st install?
What do you mean by enter the command or create a shortcut of windx server?

I need you to "dumb" this down a little more for me.... I understand what a batch file is...but I need to understand exactly how this works and what this does....

Mike King

Okay -- take the code shown in my response and put it into a file called windx.bat. 

You can now create a Windows shortcut to run this .bat file by doing the following.

1) Using Windows explorer find the .bat file on your system
2) Right click on the .bat file and select Create Shortcut.  This will create a .lnk file to your batch file
3) Right click on the newly created short cut file and in the 'Target' field you should have something like "c:\....\windx.bat",  Append the IP address or server name to the command.  For example if your server was called "myserver1" then your would change the target to "c:\....\windx.bat myserver1".
4) Save and exit.

Now when you click the shortcut the system should launch windx and connect to myserver1.


Mike King
President - BBSysco Consulting
eMail: mike.king@bbsysco.com