5 0 0:Creating a Command Event

From SEPsesam
Revision as of 13:40, 8 March 2024 by Jus (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

This is documentation for SEP sesam version 5.0.0 Jaglion.
This is not the latest version of SEP sesam documentation and, as such, does not provide information on features introduced in the latest release. For more information on SEP sesam releases, see SEP sesam Release Versions. For the latest documentation, check SEP sesam documentation.

Overview

A command event enables the execution of any program on a SEP sesam Client. A user must be authorized to run the commands on a specific client. By default, only commands entered in the system directory at <SESAM_ROOT>/bin/sesam can be executed. If you want to allow starting commands in other directories, see the section Setting permission to run commands.

In the SEP sesam GUI, you can start command events immediately or schedule the events for automatic execution.

Steps

To create a new command event, follow the steps below:

  1. From Main Selection -> Scheduling -> Schedules, select the schedule to which you want to add a command event. Then right-click the desired schedule and select New Command Event. The New Command Event window is displayed.
  2. Note that if you have not already configured a schedule, you must first configure it by clicking the New Schedule button in the Schedules window. For details, see Creating a Schedule.
  3. Under the Parameter tab, specify the following settings:
    • Priority: Optionally, define a priority for the command event. SEPuler always executes schedules with higher priority first. The default priority level is 1, which is the lowest priority (the highest is 99). The highest priority level is 99. The only exception is schedules with priority 0, which override all other priorities and are always executed. For details, see Event Priority.
    • Blocking date: This should be used in conjunction with high priority for special events. When this check box is selected, lower priority events of the same type are blocked, ensuring that the command event is processed if other command events are also scheduled at the same time. See Blocking Events.
    • Name: Select the name of the existing command from the drop-down list. When selected, the full command is displayed in the Preview field below.
    • Tip
      You can access the configured commands from the menu bar -> Configuration -> Command. You can define your own commands to use when creating a command event, and modify, delete, or copy the existing commands. For details, see Configuration: Commands.
    • Client: Select a client on which to execute the command.
    • User: Enter the user name of a user who has sufficient rights to execute the command on the client.
    • Retention time: Specify how long (in days) to retain the command event results and logs (default 30).
    • Additional Parameter: Optionally add additional parameters to the command.
    • Follow up (available in v. ≥ 5.0.0 Jaglion): Optionally use this field to configure a follow up event to be started on the SEP sesam Server once the command event has completed. For details, see Creating Follow-up Events.

  4. Click OK to add your command event to a schedule. You can review your schedules and assigned events, trigger events to start immediately, or delete them by right-clicking the selected schedule/event.

Setting permission to run commands

Not every user on a specific client is authorized to run all commands. Without additional entries authorizing selected users to run certain commands, commands can only be run from the system directory <SESAM_ROOT>/bin/sesam. If a command is to be started from another directory before the regular backup is started, this must be entered/allowed on the target client.

UNIX

Copy the file sesam_cmdusers.allow from the directory <SESAM_ROOT>/skel to /etc on the client and modify the file. You can now enter a line for the user and the command in the format {user} {command}. If you use a wildcard (*), all commands will be executed.

No explicit permissions are required to execute SEP sesam commands such as sm_loader.

Windows

To set access rights for the user and command, use the following key: \\HKLM\SOFTWARE\SEP Elektronik GmbH\sesam\CommandEvents\<user>\<command>

In addition, on the client computer, the entry CTRLD_Path=ID/bin/sesam;ID/bin/sms in the file ID/var/ini/sm.ini in the section [CTRLD_Server] must be extended to include the directories in which the desired programs are located.

  1. Open the Regedit editor.
  2. Go to HKEY_LOCAL_MACHINE\SOFTWARE\SEP Elektronik GmbH\sesam\ and create a new key named CommandEvents. If it does not already exist, right click and select New Key.
  3. Enter <user> and then <command> with the full path information as the key.

The available commands are:

Command Execution
* all commands
cmd /c all DOS commands (dir, etc.)
DOS command (e.g., dir) specific DOS command only (e.g., dir)
specific command (e.g., ping) specific command only (e.g., ping)

If there are other commands, the last command is executed. If you use a wildcard (*), all commands are executed.


Below is an example of a registry file (*.reg) that allows all command events for the administrator and the sesam user:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\SEP Elektronik GmbH\sesam\CommandEvents\sesam\*]
[HKEY_LOCAL_MACHINE\SOFTWARE\SEP Elektronik GmbH\sesam\CommandEvents\Administrator\*]
Note
The most common errors when setting up the desired user permissions and allowed commands are:
  • The necessary entries are not entered in the directories of the target clients, are not entered on the server, or are entered incorrectly.
  • Instead of entering a command as a key, it is entered as a string.
Copyright © SEP AG 1999-2024. All rights reserved.
Any form of reproduction of the contents or parts of this manual is allowed only with the express written permission from SEP AG. When compiling and designing user documentation SEP AG uses great diligence and attempts to deliver accurate and correct information. However, SEP AG cannot issue a guarantee for the contents of this manual.