Web Security Services

 View Only

  • 1.  What are the optional parameters for running aclogon.exe?

    Posted Oct 22, 2018 06:45 AM

    Hi

    I have managed to get aclogon to exectute at logon with the optional script parameter in GPO being the Auth Connector Server IP address.

    This is as per the link:

    https://support.symantec.com/en_US/article.TECH251555.html

    My question here is how to run this script to logoff. The link above mentiones that the logoff script should be run with    /logoff authconnector IP address as the parameter in GPO. I have tried doing this but everytime I get to signoff or logoff, the system freezes at the signoff point.

     

    What are the correct parameters for running aclogon.exe at the point of logging off or signing off.

     

    Kindly

    Wasfi 

     



  • 2.  RE: What are the optional parameters for running aclogon.exe?
    Best Answer

    Broadcom Employee
    Posted Oct 22, 2018 09:35 AM

    Hello Wasfi,

    Thank you for reaching us.

    After checking, it appears you are refering to our Web Security Services (WSS) product, different than our Web Security.Cloud, tagged on this post.

    We do not use Client Connector in Web Security.Cloud offering, and despite digging, I cannot provide you with a complete solution to this question, as I lack on-hands knowledge of this feature.

    I would adivise you to make a new post for the product Could-Delivered Web Security Services tagged, or contact the support team for this product through a support case, to get a preceise answer to your request.

    Have a nice day!

     

    Best regards,

    Guillaume Pietkiewicz,

    Pr. Product Support Engineer, Symantec.Cloud



  • 3.  RE: What are the optional parameters for running aclogon.exe?

    Posted Nov 21, 2018 04:52 AM
      |   view attached

    Hi Wasfi,

    you have to follow below steps to creat a proper logon/logoff scrip in Group policy. Also please note only mention ip address of your auth connector server and not hte host name  in your GPO Parameter and nothing else that only it will work.

    It appears that the GPO is configured to run the script from Windows configuration as a “Startup” script. The aclogon script is a logon\logoff script, GPO should be configured to run it from “User Configuration > Policies > Windows Settings > Scripts (Logon/Logoff)”
    Please follow the below steps to run the script.
     

    1. Open the Group Policy Management console:
    2. Expand the Domains tree, right-click a domain or OU name, and select Create a GPO in this domain and Link it here.
    3. In the New GPO dialog box, give the GPO a descriptive name, then click OK.
    4. Locate the new GPO in the Domains tree (under the domain or OU that you selected above), right-click it, and select Edit.
    5. In the Group Policy Management Editor, navigate to User Configuration > Policies > Windows Settings > Scripts (Logon/Logoff), then double-click Logon in the right pane.
    6. In the Logon Properties window, click Show Files. A folder whose name ends in User\Scripts\Logon\ is displayed.
    7. Copy the aclogon.exe files into this folder.
    8. In the Logon Properties window, click Add.
    9. Click Browse to open the logon script directory, then select aclogon and click OK.
    10. Verify that the aclogon script now appears in the list on the Logon Properties window, then click OK.
    11. In the Script Parameters option enter the hostname or IP address of your Auth Connector server. (Take a look at the Aclogon release notes for other optional parameters)
    12. To configure log off script, repeat steps 5 through 9. This time, double-click Logoff at Step 5 and copy aclogon file into the folder that opens.
    13. Close the Group Policy Management Editor window for your GPO, then close the Group Policy Management window.
    14. Repeat this procedure on each domain controller in your network, as needed.

    Attachment for your reference

     

    Thanks.