10.3.1.2
Allowing direct members of a group to logon without further
configuration.
To enable this feature, issue the following command:
aconfig AutomaticLogonGroup “LocalGroupName”
Where LocalGroupName is the name of the Windows Local Group whose members are
allowed to logon without an individual user configuration. Members of the group must
be explicitly listed… indirect lookup of members of groups listed in the group is not
done.
You should also set a home directory for these users as follows:
aconfig AutomaticLogonHomeDirectory “
PathOfHomeDirectory”
Where PathOfHomeDirectory is the pathname of the home directory that will be given to
all members of this group when they logon via the ATRLS.
10.3.2 8-bit characters need to be sent by faulty telnet client.
According to the RFC that governs telnet, by default, the telnet data stream is only 7-bits
wide. In version 2.0 we corrected our earlier design to strip characters to 7 bits unless
binary mode had been negotiated. Unfortunately, there are telnet clients in the world
don’t support 8-bit mode, nor do they refuse to display 8-bit characters showing up in the
data stream… so for some customers it may make sense to put are telnet service into a
non-standard mode. (For example, the telnet client that comes with Windows versions
prior to Windows 2000 is one such faulty telnet client.) To enable this non-standard
mode, use the command:
aconfig SuppressCharacterStripping 1
10.3.3 Suppress cleanup of child processes.
For most users of the ATRLS, it is desirable to have processes executing at the time of an
unexpected failure be killed automatically. However, some users want to use the ATRLS
to start “background” tasks. We know of no good way to allow this, but we can suppress
the normal process cleanup that occurs at the time of session close. If you enable this
features, “background” processes will continue to run, but likewise will any processes
running at an unexpected process close. In particular, it is important that you always exit
or telnet sessions by issuing the “exit” command to CMD.EXE or the CMD.EXE will
continue to execute in the “background”. To enable this feature:
aconfig DisableChildCleanup 1
10.3.4 Programs that use Job Objects may not work under the ATRLS.
Microsoft limits each process to belonging to only one Job Object. Due to problems
reading Windows Performance Counters (to determine what processes to terminate) on
some systems, we switched to using Job Objects to control process termination on
19
connections that unexpectedly hang up.
Few programs use Job Objects, so this generally
should not be a problem. Past experience says that someone, somewhere will have a
problem with this, so we left the old method of cleaning up stray processes available. To
enable this feature:
aconfig UseOldStyleCleanup 1
10.3.5 Prompt after the banner after logon to give users a chance to read banners.
Several users have requested the ability to move the registration message until after a
successful logon. To enable this option:
aconfig PromptAfterBannerAfterLogon 1
10.3.6 Move print of “registration” banner until after logon.
Several users have requested the ability to move the registration message until after a
successful logon. To enable this option:
aconfig RegistrationBannerAfterLogon 1
10.3.7 Enable Tracing
To control debug information from the various services. Set the option TraceLevel to one
of the following:
1. Minimal state information.
2. Some protocol details.
3. Most protocol details.
4. Multiple messages per character transmitted. (You probably don’t want to use this
one.)
To disable the tracing set TraceLevel to 0. The debug information is logged to the file:
tracelog.txt in the directory where you installed the ATRLS.
Example:
aconfig TraceLevel 3
10.3.8 Sending Bells in Advanced Mode
You can reserve a character in Advanced Mode that will be translated to a bell character.
The argument to BellCharacter is a decimal number representing the character that will
cause a bell character to be sent to the telnet/rlogind client. On the resulting client screen,
the BellCharacter (in addition to sounding the bell) will appears as a space character. See
the
Programming
Considerations
section for the details of how to use this feature.
In many situations a good character to use is 255 (this is the non-breakable space
character used by old word processors… not usually used anymore).
To disable this option, set BellCharacter to zero.
Example:
20
aconfig BellCharacter 255
10.3.9 Suppress Successful Logon Messages.
Some users do not want a record of successful logons or command executions in the
event log.
To enable this option:
aconfig SuppressSuccessfulLogonMessages 1
10.3.10
Suppress Event Log Messages about Telnet Probes.
Some management packages detect the presence of a telnet server on your system by
opening, then immediately closing a connection to the telnet service. This same “probe”
is also used by people attempting to break into your system. By default we flag this as an
error. Some users want to allow the probes with no generated messages.
To enable this option:
aconfig SuppressProbeMessages 1
10.4 Using the Rlogind and Telnetd Services
See the “
Prompts Page
” subsection of the
Configuring the ATRLS
section for an
explanation of the various user prompts and associated options.
10.4.1 Simple vs. Advanced
The telnetd and rlogind of the ATRLS work in two modes: simple and advanced.
Advanced Mode is the most powerful, but incurs more overhead for each logon session.
Simple Mode is very low overhead and works well with custom software.
10.4.1.1
Advanced Mode
This mode allows you to run full-screen console programs such as text editors. In order
to use this feature your client program must support ANSI terminal escape sequences.
Most terminal emulation programs use ANSI escape sequences. You may use the
Advanced Mode if you run a program emulating a VTXXX terminal or when using the
“
rlogin
” or “
telnet
” programs from inside the “
xterm
” program found on most Unix
systems.
The full range of DOSKEY-style command line editing is available in Advanced Mode.
See the
Sending Special Keys
section below for information about how to send keys
such as “Home”.
Due to the way Advanced Mode works and since the Win32 API does not provide good
facilities for remote logon, the ^S and Pause keys do not suspend output as they do in a
local command prompt window. If you are issuing a command that will have more than
one screen of output, piping its output to the Windows “more” command is advisable.
Example:
21