The SESCmd command-line tool permits sending commands into the SES Database. NOTE: SESCmd must be run on a server that is running SDConnex, as it uses the SDConnex communication services to communicate with endpoint devices.
Each variant of the subordinate commands will return either a success code - zero (0), or one of a set of error codes that explain why the command failed. These error codes can be used for error trapping in the calling program or comand.
SESCmd v1.0 - (C) 1997 - 2009 WinMagic Inc. All Rights Reserved. USAGE: SESCmd <Command> <parameter1> <parameter2>
Commands available: UpdatePassword <UserName> <UserPassword> Function: -- Updates password in the database of the user in the first parameter, setting it to the new password specified in second parameter. NOTE: Please check to see if UserName is valid and the UserPassword provided adheres to the password rules RETURN CODES: 0 = command successfully executed -1 = UserName is invalid -2 = UserPassword is invalid
AssignAdmin <UserName> <DeviceName> Function: -- assigns Admin Rights to the the user specified in the first parameter on the device specified in the second parameter. NOTE: Please check to see if UserName is valid and DeviceName is valid RETURN CODES: 0 = command successfully executed -1 = UserName is invalid -2 = DeviceName is invalid
AssignUser <UserName> <DeviceName> <UserAccessRights> [ /E | /D ] Function: -- Assigns the user specified in the first parameter to the device specified in the second parameter, and sets the access rights for that user on that device to the value specified in the third parameter -- use the following convention to enable / disable rights -- [W|w] for 'Modify Password' -- [K|k] for 'Modify Key' -- [V|v] for 'Export and View Key' -- [L|l] for 'View Transaction Log' -- [M|m] for 'Modify Profile' -- [S|s] for 'Select Profile' -- [R|r] for 'Convert Removable Media' -- [H|h] for 'Convert Hard Drive' -- [I|i] for 'Disk Integrity Check' -- [E|e] for 'Create Emergency Disk' -- use /E to enable access rights -- use /D to disable access rights
-- Example: use WKVLMSRHIE as <UserAccessRights> for 'Admin Rights'. -- Example: use W as <UserAccessRights> for 'User Rights'.
NOTE: Please check to see if UserName is valid and DeviceName is valid RETURN CODES: 0 = command successfully executed -1 = UserName is invalid -2 = DeviceName is invalid
RemoveUser <UserName> <DeviceName> Function: -- De-assigns the user specified in the first parameter from the device specified in the second parameter. NOTE: Please check to see if UserName is valid, DeviceName is valid and UserName is associated with DeviceName RETURN CODES: 0 = command successfully executed -1 = UserName is invalid -2 = DeviceName is invalid -3 = UserName is not associated with DeviceName
SetProtectionType <UserName> [ /T | /P ] Function: -- Sets, for the user specified in the first parameter, the protection type specified in the second parameter -- use /P to specify password protection -- use /T to specify token protection.
/? -- displays the above help.
NOTE: Please check to see if UserName is valid RETURN CODES: 0 = command successfully executed -1 = UserName is invalid -5 = if protection '/T' was specified and User doesn't have certificate for token protection
Below is a sample function script, calling the SESCmd command: Sample Script using SESCmd
Function ChangeLaptopEncryptionPassword(ByVal iUsername, ByVal iPassword, ByRef oFullOutput) ChangeLaptopEncryptionPassword = False
Dim WshShell, oExec Set WshShell = CreateObject("WScript.Shell") oFullOutput = ""
Set oExec = WshShell.Exec("""C:\Program Files\WinMagic\SDDB-NT\SDConnex\SESCmd.exe"" UpdatePassword """ & iUsername & """") oExec.StdIn.Write iPassword & Chr(13) & Chr(10) oExec.StdIn.Close() Do While oExec.Status = 0 WScript.Sleep(100) Loop oFullOutput = oExec.StdOut.ReadAll If oExec.ExitCode = 0 Then ChangeLaptopEncryptionPassword = True End If End Function