Hello,
I am currently using Sophos SafeGuard Enterprise 6.00.1.
I've been trying to use the SafeGuard API, and some test scripts were working when running directly from my SafeGuard Server running Windows Server 2003. Those scripts were authenticating using the AuthenticateService() method since it was on the server.
I'm trying to now run some of these test scripts from another machine, which has SafeGuard Management Center 6.00.1 installed (and .NET 4.5). However, I am running into authentication errors. Here is a sample snippet from my code.
Option Explicit On Error Resume Next Dim msoName Dim sgnPassword Dim result, ret Dim Scripting, ScriptingDirectory, ScriptingCertificates Dim ErrorText msoName = "MasterSecurityOfficer@MYDOMAIN" sgnPassword = "Sp3ci4lPa55word!" Set Scripting = WScript.CreateObject("Utimaco.SafeGuard.AdministrationConsole.Scripting.Base") ret = Scripting.GetLastError(ErrorText) wscript.Echo("Created Base Object - " & ErrorText) result = Scripting.Initialize() ret = Scripting.GetLastError(ErrorText) wscript.Echo("API init " & result & " " & ErrorText) result = Scripting.AuthenticateOfficer(msoName, sgnPassword, "") ret = Scripting.GetLastError(ErrorText) wscript.Echo("Authentication " & result & " " & ErrorText) ' Returns: ' Created Base Object - OK ' API init 0 OK ' Authentication -6 Certificate not found.
The error I am getting is -6, which is NOT_AUTHENTICATED. The password stored in sgnPassword is correct, as I can launch the management center program with that password. Additionally, I am logged in with that curent user.
The error text is Certificate not found.
I am running this script on a Windows 7 x64 machine, but am invoking my VBS script from %SYSTEMROOT%\SysWOW64\cscript.exe so there isn't a "bitness" error going on. The MSO I am referencing in the script has Token Logon set to None.
Any idea on what I need to pass to get authenticated?
Additionally, if anyone could provide some insight on how to load the SafeGuard API into Powershell, that would also be great. Thank you.
=======================
EDIT: I figured out how to add the assembly in powershell, the hard part was figuring out where the DLL was. The command I ran in PowerShell x86 2.0 is
Add-Type -Path C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Utimaco.SafeGuard.AdministrationConsole.Scripting\v4.0_6.0.1.31__477ad77cf9ac4e6c\Utimaco.SafeGuard.AdministrationConsole.Scripting.dll
This is after I added .NET 4.0 runtime support, of course (see here - http://stackoverflow.com/questions/2094694/how-can-i-run-powershell-with-the-net-4-runtime)
=======================
EDIT 2: One thing I'm not too sure if, is if I have to pass the company certificate or the MSO certificate through the .conf file the documentation says is optional.
I was able to export both of the .cer/.p12 files and have placed them in the same directory as the .vbs script, but I still get the -6, Certificate Not Found error.
To give a more succinct description of my questions:
- Are there some better examples for the AuthenticateOfficer command for the SafeGuard API?
- Additionally, is there an example of how to format a .conf file to be used in the AuthenticateOfficer command?
=======================
This thread was automatically locked due to age.