Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [Header]
- DebugStrings=on
- AbortOnError=off
- ConcurrentSectionLimit=100
- GlobalReportFile=|$scriptpath||$scriptfilename|-Report Log |$date| |$time|.log
- GlobalReportFileIncludeAll=on
- //-----------------------------------------------------------------------------
- [AddressList:Processors]
- auto AV3-BOARDROOM
- // auto 192.168.1.100
- // ssh PRO3-OFFICE
- // Add IPs or Hostnames as needed - Use SSH or Auto (not CTP)
- [Variables]
- AdminAccountUsername=AdminUN123
- AdminAccountPassword=AdminPW123
- UserAccountUsername=UserUN123
- UserAccountPassword=UserPW123
- // Note minimum password length is 6 characters
- //-----------------------------------------------------------------------------
- [Enable Authentication On Processors]
- Connect=AddressList:Processors
- LogComment "Connected to |$scriptconnect|. "
- CommunicationsSendAndWait "AUTH\r",5,true,>
- TestResults 0,has,"OFF"
- IfSuccess
- LogComment "Authentication is off. "
- CommunicationsSendAndWait "AUTH ON\r",5,true,Username:
- TestResults 0,has,"create"
- IfSuccess
- LogComment "First time enabling Authentication. "
- LogComment "Creating new Administrator account. "
- CommunicationsSendAndWait "|AdminAccountUsername|\r",5,true,Password:
- CommunicationsSendAndWait "|AdminAccountPassword|\r",5,true,password:
- CommunicationsSendAndWait "|AdminAccountPassword|\r",5,true,ON
- LogComment "Creating User account. "
- CommunicationsSendAndWait "ADDUSER -N:|UserAccountUsername| -P:|UserAccountPassword|",5,true,created.
- CommunicationsSendAndWait "ADDUSERTOGROUP -N:|UserAccountUsername| -G:USERS",5,true,'USERS'.
- Else
- LogComment "Authentication enabled prior. "
- CommunicationsSendAndWait "|AdminAccountUsername|\r",5,true,Password:
- CommunicationsSendAndWait "|AdminAccountPassword|\r",5,true,>
- TestResults 0,has,"Invalid"
- IfSuccess
- LogComment "Login with Admin credentials failed. Restoring processor to clear out old Admin account. "
- CommunicationsSendAndWait "RESTORE\r",5,true,(Y or N)?
- CommunicationsSend "Y\r"
- Else
- LogComment "Login with Admin credentials successful. Authentication re-enabled. "
- LogComment "Creating User account. "
- CommunicationsSendAndWait "ADDUSER -N:|UserAccountUsername| -P:|UserAccountPassword|",5,true,created.
- CommunicationsSendAndWait "ADDUSERTOGROUP -N:|UserAccountUsername| -G:USERS",5,true,'USERS'.
- EndIf
- EndIf
- Else
- LogComment "Authentication has already been enabled on this processor. "
- Endif
- //--------------------------- AUTH ON FOR FIRST TIME --------------------------
- // CP3N>auth on
- // Please create a local administrator account.
- // Username: UserName123!
- // Password: ************
- // Verify password: ************
- //
- // An administrator account was successfully created.
- // Authentication is now ON.
- // SSL is currently off, turning it on using a self-signed certificate...
- // Reboot to complete change.
- // Reboot to take effect....
- //--------------------------- AUTH ENABLED PREVIOUSLY ------------------------
- // CP3N>auth on
- // Please enter your administrator's credentials.
- // Username: UserName123!
- // Password: ************
- //
- // Authentication is now ON.
- // SSL is currently off, turning it on using a self-signed certificate...
- // Reboot to complete change.
- // Reboot to take effect....
- //--------------------------- ADDITIONAL INFO --------------------------------
- // * Additional Info *
- // Note enabling Authentication enables Self-Signed SSL by default
- // To harden further, disable fallback & only allow strong cyphers
- // CommunicationsSendAndWait "SSL SELF TLSONLY\r",5,true,>
- // CommunicationsSendAndWait "CIPHER STRONG\r",5,true,>
- // To harden even further, instead enable CA issued certificates & extended secure gateway
- // CommunicationsSendAndWait "SSL CA -P:PrivateKeyFilePassword123!\r",5,true,>
- // CommunicationsSendAndWait "SECUREGATEWAYMODE secureext\r",5,true,>
- // SSL can otherwise be disabled if desired
- // CommunicationsSendAndWait "SSL OFF\r",5,true,>
- // Please review Secure Deployment Guide & Security Audit Tool OLH
- // https://support.crestron.com/app/answers/answer_view/a_id/5571
- //-----------------------------------------------------------------------------
Add Comment
Please, Sign In to add comment