Re: Quarantine rqc parameter details
From: Priya Raghavan [MSFT] (priyadr_at_online.microsoft.com)
Date: 04/05/04
- Next message: Priya Raghavan [MSFT]: "Re: Quarantine rqc parameter details"
- Previous message: Eran Shany [MSFT]: "Re: ISA 2004 to protect LAN"
- In reply to: John Pickett: "Quarantine rqc parameter details"
- Next in thread: Priya Raghavan [MSFT]: "Re: Quarantine rqc parameter details"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 5 Apr 2004 15:40:26 +0530
Hi John,
Regarding the first parameter which you pass to rqc, it is the name of the
dial up connectoid which is created when you installed the CM profile.
If your CM profile is going for dial up connections, the first entry will be
populated with the name of your dial up connectoid.
If your profile is going for tunnel connections (or VPN connections) , the
second entry will be populated with the name of your VPN connectoid, which
in your case is "VPN Access to Domain".
Only one of the above is needed for rqc.exe.
Here, I think your script is failing because you are not passing the right
STRING to the RQS on the server side. The string is the most important part
in removing your client from Quarantine. The RQS will check the string you
pass with the string stored in the server side registry and remove your
client from Quarantine only if the string matches.
In your case, you are passing the string "Example1a". You need to check if
the server will accept this string.
If you are the administrator and if you have set up the server side of
Quarantine, namely, RQS yourself, then you need to check this registry entry
to find out the list of strings which RQS will accept.
HKLM\System\CurrentControlSet\Services\RQS -> AllowedSet
Otherwise you need to contact the administrator of your RAS Server to find
out if the string "Example1a" is acceptable on the server side.
Thansk,
Priya.
This posting is provided AS IS and offers no warranties.
"John Pickett" <jpickett@acs.utah.edu> wrote in message
news:%234B8TzNGEHA.3180@TK2MSFTNGP12.phx.gbl...
> Hello,
>
> I've been struggling to get the rqc component to correctly notify the rqs
> app a user has passed our quarantine control application. A sample call
> would look like this:
>
> rqc.exe NULL "VPN Access to domain" 7250 DOMAIN USERNAME Example1a
>
> where DOMAIN is really our domain and USERNAME is my testing username. I
> think I'm really close but there are two parts that are bugging me and I'm
> not sure how either relate to each other or which (possibly both?) are
> causing the script to fail.
>
> The first uncertainty is regarding the first parameter that gets set to
NULL
> by the CM when it calls our system check application. The documentation
> calls this parameter the %DialRasEntry% and the rqc exe describes it as:
>
> ConnName: the name of the RAS connection on this host
>
> in the format:
>
> rqc <ConnName> <TunnelConnName> <Port> <Domain> <Username> <String>
>
> What exactly is this and why is CM setting it to NULL? Any ideas?
>
> The other part I'm not sure of is the version string at the end. In all
the
> examples it suggests putting the version of your script. I'm not sure if
> this means the CM script, my checking script, etc... The documentation
the
> rqc.exe file gives doesn't help any:
>
> String: the string to send
>
> GREAT :-) Does this string actually "check" against anything? Or is it
> basically any string whatsoever would work?
>
> Any help will be much appreciated. I've struggled with this for a long
time
> now. I thought writing the VB app to do the quarantine check would be
> hard.. This has been a huge road block.
>
> John P.
>
>
- Next message: Priya Raghavan [MSFT]: "Re: Quarantine rqc parameter details"
- Previous message: Eran Shany [MSFT]: "Re: ISA 2004 to protect LAN"
- In reply to: John Pickett: "Quarantine rqc parameter details"
- Next in thread: Priya Raghavan [MSFT]: "Re: Quarantine rqc parameter details"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
