1
|
2017-04-12 17:08:17,118 (2768) INFO "__init__" Demarrage
|
2
|
2017-04-12 17:08:17,305 (2768) DEBUG "init_fw" Firewall init, fich=None, os=Vista
|
3
|
2017-04-12 17:08:17,305 (2768) DEBUG "lancecmd_dbg" netsh advfirewall set allprofiles state on
|
4
|
2017-04-12 17:08:17,477 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=tcp dir=out
|
5
|
2017-04-12 17:08:17,602 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=udp dir=in
|
6
|
2017-04-12 17:08:17,680 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=udp dir=out
|
7
|
2017-04-12 17:08:17,805 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" program="C:\Windows\Eole\cliscribe\servscribe.exe" dir=out
|
8
|
2017-04-12 17:08:18,197 (2768) INFO "__init__" Network timeout 30
|
9
|
2017-04-12 17:08:18,368 (2768) INFO "servstart" Le service Scribe demarre : ip Scribe=10.1.3.5 ; port Scribe=8789 ; port local=8788 ; windir=C:\Windows ; tmpdir=C:\Windows\TEMP\Eole ; poste=DESKTOP-5SPH695 ; os=Vista ; ip=10.1.2.50 ; MAC=02:00:0A:01:02:74 ; version=22
|
10
|
2017-04-12 17:08:18,368 (2768) DEBUG "get_file" Demande de telechargement de liste_fwregles.eol
|
11
|
2017-04-12 17:08:18,384 (2768) INFO "get_file" Telechargement de http://10.1.3.5:8790/liste_fwregles.eol dans "c:\windows\temp\tmpiu714y" (30 tentatives)
|
12
|
2017-04-12 17:08:18,400 (2768) DEBUG "get_file" Telechargement de http://10.1.3.5:8790/liste_fwregles.eol.MD5SUM
|
13
|
2017-04-12 17:08:18,415 (2768) DEBUG "check_sum" checksum OK 3c2656b7dad600d74aa3de814dd708df
|
14
|
2017-04-12 17:08:18,415 (2768) DEBUG "init_fw" Firewall init, fich=c:\windows\temp\tmpiu714y\liste_fwregles.eol, os=Vista
|
15
|
2017-04-12 17:08:18,415 (2768) DEBUG "lancecmd_dbg" netsh advfirewall set allprofiles state on
|
16
|
2017-04-12 17:08:18,618 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleScribe"
|
17
|
2017-04-12 17:08:18,743 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleDNS"
|
18
|
2017-04-12 17:08:18,852 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleVNC"
|
19
|
2017-04-12 17:08:18,977 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleUtilisateur"
|
20
|
2017-04-12 17:08:19,118 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleNuWinC"
|
21
|
2017-04-12 17:08:19,243 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleGestionPostes"
|
22
|
2017-04-12 17:08:19,352 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=tcp dir=out remoteip=10.1.3.5 remoteport=135,137,138,139,445,8789,8790,389
|
23
|
2017-04-12 17:08:19,477 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=udp dir=in
|
24
|
2017-04-12 17:08:19,586 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=udp dir=out
|
25
|
2017-04-12 17:08:19,680 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" dir=in remoteip=10.1.3.5
|
26
|
2017-04-12 17:08:19,775 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" program="C:\Windows\Eole\cliscribe\servscribe.exe" dir=in remoteip=10.1.3.5
|
27
|
2017-04-12 17:08:19,868 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" program="C:\Windows\Eole\cliscribe\servscribe.exe" dir=out
|
28
|
2017-04-12 17:08:19,977 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp dir=in localport=5500,5800
|
29
|
2017-04-12 17:08:20,072 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp dir=out remoteport=5500,5800
|
30
|
2017-04-12 17:08:20,165 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="C:\Windows\Eole\ultravnc\winvnc.exe" dir=in
|
31
|
2017-04-12 17:08:20,259 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="C:\Windows\Eole\ultravnc\winvnc.exe" dir=out
|
32
|
2017-04-12 17:08:20,352 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="C:\Windows\Eole\ultravnc\vncviewer.exe" dir=in
|
33
|
2017-04-12 17:08:20,447 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="C:\Windows\Eole\ultravnc\vncviewer.exe" dir=out
|
34
|
2017-04-12 17:08:20,555 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="P:\gestion-postes\winvnc.exe" dir=in
|
35
|
2017-04-12 17:08:20,650 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="P:\gestion-postes\winvnc.exe" dir=out
|
36
|
2017-04-12 17:08:20,743 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="P:\gestion-postes\vncviewer.exe" dir=in
|
37
|
2017-04-12 17:08:20,868 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="P:\gestion-postes\vncviewer.exe" dir=out
|
38
|
2017-04-12 17:08:20,977 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleUtilisateur" program="C:\Windows\Eole\cliscribe\logon.exe" dir=in
|
39
|
2017-04-12 17:08:21,102 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleUtilisateur" program="C:\Windows\Eole\cliscribe\logon.exe" dir=out
|
40
|
2017-04-12 17:08:21,197 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleUtilisateur" program="C:\Windows\Eole\cliscribe\utilisateur.exe" dir=in remoteip=127.0.0.1,10.1.3.5
|
41
|
2017-04-12 17:08:21,290 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleUtilisateur" program="C:\Windows\Eole\cliscribe\utilisateur.exe" dir=out
|
42
|
2017-04-12 17:08:21,384 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleNuWinC" program="C:\Windows\Eole\NuWINc\nuwinc.exe" dir=in
|
43
|
2017-04-12 17:08:21,477 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleNuWinC" program="C:\Windows\Eole\NuWINc\nuwinc.exe" dir=out
|
44
|
2017-04-12 17:08:21,572 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleGestionPostes" program="P:\gestion-postes\gestion-postes.exe" dir=in
|
45
|
2017-04-12 17:08:21,665 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleGestionPostes" program="P:\gestion-postes\gestion-postes.exe" dir=out
|
46
|
2017-04-12 17:08:21,759 (2768) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleNuWINc" protocol=tcp dir=out remoteport=4129
|
47
|
2017-04-12 17:08:21,852 (2768) DEBUG "set_acl" Mise en place d'ACLs pour dompedago\DomainUsers sur C:\Windows\cliscribe_logon.log
|
48
|
2017-04-12 17:08:21,884 (2768) INFO "servlisten" retval : True
|
49
|
2017-04-12 17:08:23,915 (2768) DEBUG "set_acl" Mise en place d'ACLs reussie
|
50
|
2017-04-12 17:09:22,151 (1268) INFO "__init__" Demarrage
|
51
|
2017-04-12 17:09:22,355 (1268) DEBUG "init_fw" Firewall init, fich=None, os=Vista
|
52
|
2017-04-12 17:09:22,355 (1268) DEBUG "lancecmd_dbg" netsh advfirewall set allprofiles state on
|
53
|
2017-04-12 17:09:24,980 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=tcp dir=out
|
54
|
2017-04-12 17:09:25,088 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=udp dir=in
|
55
|
2017-04-12 17:09:25,198 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=udp dir=out
|
56
|
2017-04-12 17:09:25,308 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" program="C:\Windows\Eole\cliscribe\servscribe.exe" dir=out
|
57
|
2017-04-12 17:09:26,808 (1268) INFO "__init__" Network timeout 30
|
58
|
2017-04-12 17:09:27,401 (1268) INFO "servstart" Le service Scribe demarre : ip Scribe=10.1.3.5 ; port Scribe=8789 ; port local=8788 ; windir=C:\Windows ; tmpdir=C:\Windows\TEMP\Eole ; poste=DESKTOP-5SPH695 ; os=Vista ; ip=10.1.2.50 ; MAC=02:00:0A:01:02:74 ; version=22
|
59
|
2017-04-12 17:09:27,401 (1268) DEBUG "get_file" Demande de telechargement de liste_fwregles.eol
|
60
|
2017-04-12 17:09:27,433 (1268) INFO "get_file" Telechargement de http://10.1.3.5:8790/liste_fwregles.eol dans "c:\windows\temp\tmpp8385d" (30 tentatives)
|
61
|
2017-04-12 17:09:27,496 (1268) DEBUG "get_file" Telechargement de http://10.1.3.5:8790/liste_fwregles.eol.MD5SUM
|
62
|
2017-04-12 17:09:27,510 (1268) DEBUG "check_sum" checksum OK 3c2656b7dad600d74aa3de814dd708df
|
63
|
2017-04-12 17:09:27,510 (1268) DEBUG "init_fw" Firewall init, fich=c:\windows\temp\tmpp8385d\liste_fwregles.eol, os=Vista
|
64
|
2017-04-12 17:09:27,510 (1268) DEBUG "lancecmd_dbg" netsh advfirewall set allprofiles state on
|
65
|
2017-04-12 17:09:27,760 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleScribe"
|
66
|
2017-04-12 17:09:27,933 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleDNS"
|
67
|
2017-04-12 17:09:28,058 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleVNC"
|
68
|
2017-04-12 17:09:28,183 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleUtilisateur"
|
69
|
2017-04-12 17:09:28,308 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleNuWinC"
|
70
|
2017-04-12 17:09:28,480 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall del rule name="EoleGestionPostes"
|
71
|
2017-04-12 17:09:28,588 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=tcp dir=out remoteip=10.1.3.5 remoteport=135,137,138,139,445,8789,8790,389
|
72
|
2017-04-12 17:09:28,683 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=udp dir=in
|
73
|
2017-04-12 17:09:28,776 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" protocol=udp dir=out
|
74
|
2017-04-12 17:09:28,855 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" dir=in remoteip=10.1.3.5
|
75
|
2017-04-12 17:09:28,948 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" program="C:\Windows\Eole\cliscribe\servscribe.exe" dir=in remoteip=10.1.3.5
|
76
|
2017-04-12 17:09:29,058 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleScribe" program="C:\Windows\Eole\cliscribe\servscribe.exe" dir=out
|
77
|
2017-04-12 17:09:29,151 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp dir=in localport=5500,5800
|
78
|
2017-04-12 17:09:29,246 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp dir=out remoteport=5500,5800
|
79
|
2017-04-12 17:09:29,323 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="C:\Windows\Eole\ultravnc\winvnc.exe" dir=in
|
80
|
2017-04-12 17:09:29,417 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="C:\Windows\Eole\ultravnc\winvnc.exe" dir=out
|
81
|
2017-04-12 17:09:29,510 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="C:\Windows\Eole\ultravnc\vncviewer.exe" dir=in
|
82
|
2017-04-12 17:09:29,605 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="C:\Windows\Eole\ultravnc\vncviewer.exe" dir=out
|
83
|
2017-04-12 17:09:29,698 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="P:\gestion-postes\winvnc.exe" dir=in
|
84
|
2017-04-12 17:09:29,792 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="P:\gestion-postes\winvnc.exe" dir=out
|
85
|
2017-04-12 17:09:29,885 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="P:\gestion-postes\vncviewer.exe" dir=in
|
86
|
2017-04-12 17:09:29,980 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleVNC" protocol=tcp program="P:\gestion-postes\vncviewer.exe" dir=out
|
87
|
2017-04-12 17:09:30,073 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleUtilisateur" program="C:\Windows\Eole\cliscribe\logon.exe" dir=in
|
88
|
2017-04-12 17:09:30,167 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleUtilisateur" program="C:\Windows\Eole\cliscribe\logon.exe" dir=out
|
89
|
2017-04-12 17:09:30,246 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleUtilisateur" program="C:\Windows\Eole\cliscribe\utilisateur.exe" dir=in remoteip=127.0.0.1,10.1.3.5
|
90
|
2017-04-12 17:09:30,338 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleUtilisateur" program="C:\Windows\Eole\cliscribe\utilisateur.exe" dir=out
|
91
|
2017-04-12 17:09:30,433 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleNuWinC" program="C:\Windows\Eole\NuWINc\nuwinc.exe" dir=in
|
92
|
2017-04-12 17:09:30,510 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleNuWinC" program="C:\Windows\Eole\NuWINc\nuwinc.exe" dir=out
|
93
|
2017-04-12 17:09:30,605 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleGestionPostes" program="P:\gestion-postes\gestion-postes.exe" dir=in
|
94
|
2017-04-12 17:09:30,698 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleGestionPostes" program="P:\gestion-postes\gestion-postes.exe" dir=out
|
95
|
2017-04-12 17:09:30,792 (1268) DEBUG "lancecmd_dbg" netsh advfirewall firewall add rule action=allow name="EoleNuWINc" protocol=tcp dir=out remoteport=4129
|
96
|
2017-04-12 17:09:30,885 (1268) DEBUG "set_acl" Mise en place d'ACLs pour dompedago\DomainUsers sur C:\Windows\cliscribe_logon.log
|
97
|
2017-04-12 17:09:30,948 (1268) INFO "servlisten" retval : True
|
98
|
2017-04-12 17:09:30,980 (1268) DEBUG "set_acl" Mise en place d'ACLs reussie
|
99
|
2017-04-12 17:09:56,246 (1268) INFO "remote_logon"
|
100
|
############# SESSION #############
|
101
|
2017-04-12 17:09:56,246 (1268) INFO "remote_logon" Ouverture de session User=admin, ESU_GU=DomainAdmins, Machine=DESKTOP-5SPH695, ESU_GM=grp_eole
|
102
|
2017-04-12 17:09:56,246 (1268) DEBUG "create_dicts" Variables 1 {'TMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'COMPUTERNAME': 'DESKTOP-5SPH695', 'USERLNAME': 'admin admin', 'ESU_OS': 'Vista', 'USERINITLOGONSCRIPT': 'adminVista.bat', 'USERDOMAIN': 'DOMPEDAGO', 'GESTIONNAIRES': [], 'SID': 'S-1-5-21-2032766299-2956356467-2599722311-21008', 'ESU_GU': 'DomainAdmins', 'PSMODULEPATH': 'C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules', 'DOKANLIBRARY1': 'C:\\Program Files\\Dokan\\DokanLibrary-1.0.2\\', 'PROCESSOR_IDENTIFIER': 'Intel64 Family 6 Model 62 Stepping 4, GenuineIntel', 'PROGRAMFILES': 'C:\\Program Files (x86)', 'PROCESSOR_REVISION': '3e04', 'SYSTEMROOT': 'C:\\Windows', 'PATH': 'C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\;C:\\Users\\admin\\AppData\\Local\\Microsoft\\WindowsApps;', 'PROGRAMFILES(X86)': 'C:\\Program Files (x86)', 'ESU_LECTEUR_ICONES': 'R', 'ESU_PROXY_BYPASS': '127.0.0.1;10.1.2.0/24', 'TEMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'WINDIR': 'C:\\Windows', 'COMMONPROGRAMFILES(X86)': 'C:\\Program Files (x86)\\Common Files', 'ESU_PROXY_HOST': '10.1.2.1', 'PROCESSOR_ARCHITECTURE': 'x86', 'ESU_DOMAINE': 'dompedago', 'ALLUSERSPROFILE': 'C:\\ProgramData', 'LOCALAPPDATA': 'C:\\Users\\admin\\AppData\\Local', 'HOMEPATH': '\\', 'USERDOMAIN_ROAMINGPROFILE': 'DOMPEDAGO', 'PROGRAMW6432': 'C:\\Program Files', 'USERNAME': 'admin', 'LOGONSERVER': '\\\\SCRIBE', 'COMSPEC': 'C:\\Windows\\system32\\cmd.exe', 'GROUPES': ['DomainAdmins', 'DomainUsers', 'PrintOperators', 'professeurs'], 'PROGRAMDATA': 'C:\\ProgramData', 'IP': '10.1.2.50', 'HOMESHARE': '\\\\scribe\\admin\\perso', 'ESU_PARTAGE_ICONES': '\\\\scribe\\ICONES$', 'SESSIONNAME': 'Console', 'PATHEXT': '.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC', 'ESU_PDC': 'scribe', 'USERINITLOGONSERVER': 'SCRIBE', 'COMMONPROGRAMFILES': 'C:\\Program Files (x86)\\Common Files', 'APPDATA': 'C:\\Users\\admin\\AppData\\Roaming', 'HOMEDRIVE': 'U:', 'SYSTEMDRIVE': 'C:', 'NUMBER_OF_PROCESSORS': '2', 'ESU_GM': 'grp_eole', 'PROCESSOR_LEVEL': '6', 'PROCESSOR_ARCHITEW6432': 'AMD64', 'ESU_PROXY_PORT': '3128', 'COMMONPROGRAMW6432': 'C:\\Program Files\\Common Files', 'OS': 'Windows_NT', 'PUBLIC': 'C:\\Users\\Public', 'USERPROFILE': 'C:\\Users\\admin'}
|
103
|
2017-04-12 17:09:56,246 (1268) DEBUG "create_dicts" Variables 2 {'TMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'COMPUTERNAME': 'DESKTOP-5SPH695', 'USERLNAME': 'admin admin', 'ESU_OS': 'Vista', 'USERINITLOGONSCRIPT': 'adminVista.bat', 'USERDOMAIN': 'DOMPEDAGO', 'GESTIONNAIRES': [], 'SID': 'S-1-5-21-2032766299-2956356467-2599722311-21008', 'ESU_GU': 'DomainAdmins', 'PSMODULEPATH': 'C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules', 'DOKANLIBRARY1': 'C:\\Program Files\\Dokan\\DokanLibrary-1.0.2\\', 'PROCESSOR_IDENTIFIER': 'Intel64 Family 6 Model 62 Stepping 4, GenuineIntel', 'PROGRAMFILES': 'C:\\Program Files (x86)', 'PROCESSOR_REVISION': '3e04', 'SYSTEMROOT': 'C:\\Windows', 'PATH': 'C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\;C:\\Users\\admin\\AppData\\Local\\Microsoft\\WindowsApps;', 'PROGRAMFILES(X86)': 'C:\\Program Files (x86)', 'ESU_LECTEUR_ICONES': 'R', 'ESU_PROXY_BYPASS': '127.0.0.1;10.1.2.0/24', 'TEMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'WINDIR': 'C:\\Windows', 'COMMONPROGRAMFILES(X86)': 'C:\\Program Files (x86)\\Common Files', 'ESU_PROXY_HOST': '10.1.2.1', 'PROCESSOR_ARCHITECTURE': 'x86', 'ESU_DOMAINE': 'dompedago', 'ALLUSERSPROFILE': 'C:\\ProgramData', 'LOCALAPPDATA': 'C:\\Users\\admin\\AppData\\Local', 'HOMEPATH': '\\', 'USERDOMAIN_ROAMINGPROFILE': 'DOMPEDAGO', 'PROGRAMW6432': 'C:\\Program Files', 'USERNAME': 'admin', 'LOGONSERVER': '\\\\SCRIBE', 'COMSPEC': 'C:\\Windows\\system32\\cmd.exe', 'GROUPES': ['DomainAdmins', 'DomainUsers', 'PrintOperators', 'professeurs'], 'PROGRAMDATA': 'C:\\ProgramData', 'IP': '10.1.2.50', 'HOMESHARE': '\\\\scribe\\admin\\perso', 'ESU_PARTAGE_ICONES': '\\\\scribe\\ICONES$', 'SESSIONNAME': 'Console', 'PATHEXT': '.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC', 'ESU_PDC': 'scribe', 'USERINITLOGONSERVER': 'SCRIBE', 'COMMONPROGRAMFILES': 'C:\\Program Files (x86)\\Common Files', 'APPDATA': 'U:\\config_eole\\Application Data\\', 'HOMEDRIVE': 'U:', 'PERSONAL': 'U:\\', 'SYSTEMDRIVE': 'C:', 'NUMBER_OF_PROCESSORS': '2', 'ESU_GM': 'grp_eole', 'PROCESSOR_LEVEL': '6', 'PROCESSOR_ARCHITEW6432': 'AMD64', 'ESU_PROXY_PORT': '3128', 'COMMONPROGRAMW6432': 'C:\\Program Files\\Common Files', 'OS': 'Windows_NT', 'PUBLIC': 'C:\\Users\\Public', 'USERPROFILE': 'C:\\Users\\admin'}
|
104
|
2017-04-12 17:09:57,730 (1268) INFO "clean_machine_reg" Nettoyage du registre machine
|
105
|
2017-04-12 17:09:57,730 (1268) DEBUG "clean_reg" Effacement des policies restrictive pour sid=None
|
106
|
2017-04-12 17:09:57,730 (1268) INFO "applique_machine_reg" Application de cles de registre machine
|
107
|
2017-04-12 17:09:57,730 (1268) DEBUG "put_regs" Appel
|
108
|
2017-04-12 17:09:57,730 (1268) INFO "applique_machine_reg" Cles de registre machine appliquees
|
109
|
2017-04-12 17:09:57,730 (1268) INFO "clean_user_reg" Nettoyage du registre utilisateur
|
110
|
2017-04-12 17:09:57,730 (1268) DEBUG "clean_reg" Effacement des policies restrictive pour sid=S-1-5-21-2032766299-2956356467-2599722311-21008
|
111
|
2017-04-12 17:09:57,730 (1268) INFO "applique_user_reg" Application de cles de registre utilisateur
|
112
|
2017-04-12 17:09:57,730 (1268) DEBUG "put_regs" Appel
|
113
|
2017-04-12 17:09:57,746 (1268) INFO "applique_user_reg" Cles de registre utilisateur appliquees
|
114
|
2017-04-12 17:09:57,746 (1268) INFO "timesync" Synchronisation horaire sur "10.1.3.5"
|
115
|
2017-04-12 17:09:57,746 (1268) DEBUG "settime" Time=Wed Apr 12 16:09:05 2017
|
116
|
2017-04-12 16:09:04,984 (1268) INFO "del_domusers_from_group" Suppression des utilisateurs du domaine dompedago du groupe Administrateurs
|
117
|
2017-04-12 16:09:05,016 (1268) DEBUG "del_domusers_from_group" ['desktop-5sph695\\administrateur', 'desktop-5sph695\\pcadmin', 'dompedago\\domainadmins']
|
118
|
2017-04-12 16:09:05,016 (1268) INFO "gestionnaires" Ajout de ['domainadmins'] au groupe 'Administrateurs' de la machine
|
119
|
2017-04-12 16:09:05,016 (1268) DEBUG "add_to_local_group" L'utilisateur dompedago\domainadmins fait deja parti du groupe Administrateurs
|
120
|
2017-04-12 16:09:05,016 (1268) INFO "appel_user" Appel de remote_logon (utilisateur)
|
121
|
2017-04-12 16:09:06,734 (1268) DEBUG "<lambda>" retour remote_logon utilisateur True
|
122
|
2017-04-12 16:09:06,750 (1268) INFO "remote_bloc" Appel de la fonction remote_bloc : partmod=(0, None), sid=S-1-5-21-2032766299-2956356467-2599722311-21008, logon=True
|
123
|
2017-04-12 16:09:06,750 (1268) DEBUG "mask_part" self.nodrives=None, self.noview=None, unmask=True, logon=True, nodrives=0, noview=0, nohide=None
|
124
|
2017-04-12 16:09:06,750 (1268) DEBUG "mask_part" self.nodrives=0, self.noview=0, nodrives=0, noview=0, nohide=None
|
125
|
2017-04-12 16:09:06,798 (1268) DEBUG "remote_fw" cmd=SETMODE::block;;allow
|
126
|
2017-04-12 16:09:06,798 (1268) DEBUG "lancecmd_dbg" netsh advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound
|
127
|
2017-04-12 16:09:07,141 (1268) INFO "remote_winvnc" Appel de la fonction remote_winvnc "setinputs"; val="None" ; conf="None"; restart="False"
|
128
|
2017-04-12 16:09:07,141 (1268) DEBUG "setinputs" Application du type de controle 'setinputs' var=None
|
129
|
2017-04-12 16:09:07,173 (1268) DEBUG "remote_winvnc" Action setinputs terminee
|
130
|
2017-04-12 16:09:07,173 (1268) INFO "remote_winvnc" Appel de la fonction remote_winvnc "set_type"; val="simple" ; conf="None"; restart="True"
|
131
|
2017-04-12 16:09:07,173 (1268) DEBUG "put_regs" Appel
|
132
|
2017-04-12 16:09:07,173 (1268) DEBUG "remote_winvnc" Action set_type terminee
|
133
|
2017-04-12 16:18:06,970 (1268) INFO "remote_logon"
|
134
|
############# SESSION #############
|
135
|
2017-04-12 16:18:06,970 (1268) INFO "remote_logon" Ouverture de session User=admin, ESU_GU=DomainAdmins, Machine=DESKTOP-5SPH695, ESU_GM=grp_eole
|
136
|
2017-04-12 16:18:06,970 (1268) DEBUG "create_dicts" Variables 1 {'TMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'COMPUTERNAME': 'DESKTOP-5SPH695', 'USERLNAME': 'admin admin', 'ESU_OS': 'Vista', 'USERINITLOGONSCRIPT': 'adminVista.bat', 'USERDOMAIN': 'DOMPEDAGO', 'GESTIONNAIRES': [], 'SID': 'S-1-5-21-2032766299-2956356467-2599722311-21008', 'ESU_GU': 'DomainAdmins', 'PSMODULEPATH': 'C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules', 'DOKANLIBRARY1': 'C:\\Program Files\\Dokan\\DokanLibrary-1.0.2\\', 'PROCESSOR_IDENTIFIER': 'Intel64 Family 6 Model 62 Stepping 4, GenuineIntel', 'PROGRAMFILES': 'C:\\Program Files (x86)', 'PROCESSOR_REVISION': '3e04', 'SYSTEMROOT': 'C:\\Windows', 'PATH': 'C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\;C:\\Users\\admin\\AppData\\Local\\Microsoft\\WindowsApps;', 'PROGRAMFILES(X86)': 'C:\\Program Files (x86)', 'ESU_LECTEUR_ICONES': 'R', 'ESU_PROXY_BYPASS': '127.0.0.1;10.1.2.0/24', 'TEMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'WINDIR': 'C:\\Windows', 'COMMONPROGRAMFILES(X86)': 'C:\\Program Files (x86)\\Common Files', 'ESU_PROXY_HOST': '10.1.2.1', 'PROCESSOR_ARCHITECTURE': 'x86', 'ESU_DOMAINE': 'dompedago', 'ALLUSERSPROFILE': 'C:\\ProgramData', 'LOCALAPPDATA': 'C:\\Users\\admin\\AppData\\Local', 'HOMEPATH': '\\', 'USERDOMAIN_ROAMINGPROFILE': 'DOMPEDAGO', 'PROGRAMW6432': 'C:\\Program Files', 'USERNAME': 'admin', 'LOGONSERVER': '\\\\SCRIBE', 'COMSPEC': 'C:\\Windows\\system32\\cmd.exe', 'GROUPES': ['DomainAdmins', 'DomainUsers', 'PrintOperators', 'professeurs'], 'PROGRAMDATA': 'C:\\ProgramData', 'IP': '10.1.2.50', 'HOMESHARE': '\\\\scribe\\admin\\perso', 'ESU_PARTAGE_ICONES': '\\\\scribe\\ICONES$', 'SESSIONNAME': 'Console', 'PATHEXT': '.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC', 'ESU_PDC': 'scribe', 'USERINITLOGONSERVER': 'SCRIBE', 'COMMONPROGRAMFILES': 'C:\\Program Files (x86)\\Common Files', 'APPDATA': 'U:\\config_eole\\Application Data\\', 'HOMEDRIVE': 'U:', 'SYSTEMDRIVE': 'C:', 'NUMBER_OF_PROCESSORS': '2', 'ESU_GM': 'grp_eole', 'PROCESSOR_LEVEL': '6', 'PROCESSOR_ARCHITEW6432': 'AMD64', 'ESU_PROXY_PORT': '3128', 'COMMONPROGRAMW6432': 'C:\\Program Files\\Common Files', 'OS': 'Windows_NT', 'PUBLIC': 'C:\\Users\\Public', 'USERPROFILE': 'C:\\Users\\admin'}
|
137
|
2017-04-12 16:18:06,984 (1268) DEBUG "create_dicts" Variables 2 {'TMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'COMPUTERNAME': 'DESKTOP-5SPH695', 'USERLNAME': 'admin admin', 'ESU_OS': 'Vista', 'USERINITLOGONSCRIPT': 'adminVista.bat', 'USERDOMAIN': 'DOMPEDAGO', 'GESTIONNAIRES': [], 'SID': 'S-1-5-21-2032766299-2956356467-2599722311-21008', 'ESU_GU': 'DomainAdmins', 'PSMODULEPATH': 'C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules', 'DOKANLIBRARY1': 'C:\\Program Files\\Dokan\\DokanLibrary-1.0.2\\', 'PROCESSOR_IDENTIFIER': 'Intel64 Family 6 Model 62 Stepping 4, GenuineIntel', 'PROGRAMFILES': 'C:\\Program Files (x86)', 'PROCESSOR_REVISION': '3e04', 'SYSTEMROOT': 'C:\\Windows', 'PATH': 'C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\;C:\\Users\\admin\\AppData\\Local\\Microsoft\\WindowsApps;', 'PROGRAMFILES(X86)': 'C:\\Program Files (x86)', 'ESU_LECTEUR_ICONES': 'R', 'ESU_PROXY_BYPASS': '127.0.0.1;10.1.2.0/24', 'TEMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'WINDIR': 'C:\\Windows', 'COMMONPROGRAMFILES(X86)': 'C:\\Program Files (x86)\\Common Files', 'ESU_PROXY_HOST': '10.1.2.1', 'PROCESSOR_ARCHITECTURE': 'x86', 'ESU_DOMAINE': 'dompedago', 'ALLUSERSPROFILE': 'C:\\ProgramData', 'LOCALAPPDATA': 'C:\\Users\\admin\\AppData\\Local', 'HOMEPATH': '\\', 'USERDOMAIN_ROAMINGPROFILE': 'DOMPEDAGO', 'PROGRAMW6432': 'C:\\Program Files', 'USERNAME': 'admin', 'LOGONSERVER': '\\\\SCRIBE', 'COMSPEC': 'C:\\Windows\\system32\\cmd.exe', 'GROUPES': ['DomainAdmins', 'DomainUsers', 'PrintOperators', 'professeurs'], 'PROGRAMDATA': 'C:\\ProgramData', 'IP': '10.1.2.50', 'HOMESHARE': '\\\\scribe\\admin\\perso', 'ESU_PARTAGE_ICONES': '\\\\scribe\\ICONES$', 'SESSIONNAME': 'Console', 'PATHEXT': '.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC', 'ESU_PDC': 'scribe', 'USERINITLOGONSERVER': 'SCRIBE', 'COMMONPROGRAMFILES': 'C:\\Program Files (x86)\\Common Files', 'APPDATA': 'U:\\config_eole\\Application Data\\', 'HOMEDRIVE': 'U:', 'PERSONAL': 'U:\\', 'SYSTEMDRIVE': 'C:', 'NUMBER_OF_PROCESSORS': '2', 'ESU_GM': 'grp_eole', 'PROCESSOR_LEVEL': '6', 'PROCESSOR_ARCHITEW6432': 'AMD64', 'ESU_PROXY_PORT': '3128', 'COMMONPROGRAMW6432': 'C:\\Program Files\\Common Files', 'OS': 'Windows_NT', 'PUBLIC': 'C:\\Users\\Public', 'USERPROFILE': 'C:\\Users\\admin'}
|
138
|
2017-04-12 16:18:08,345 (1268) INFO "clean_machine_reg" Nettoyage du registre machine
|
139
|
2017-04-12 16:18:08,345 (1268) DEBUG "clean_reg" Effacement des policies restrictive pour sid=None
|
140
|
2017-04-12 16:18:08,345 (1268) INFO "applique_machine_reg" Application de cles de registre machine
|
141
|
2017-04-12 16:18:08,345 (1268) DEBUG "put_regs" Appel
|
142
|
2017-04-12 16:18:08,345 (1268) INFO "applique_machine_reg" Cles de registre machine appliquees
|
143
|
2017-04-12 16:18:08,345 (1268) INFO "clean_user_reg" Nettoyage du registre utilisateur
|
144
|
2017-04-12 16:18:08,345 (1268) DEBUG "clean_reg" Effacement des policies restrictive pour sid=S-1-5-21-2032766299-2956356467-2599722311-21008
|
145
|
2017-04-12 16:18:08,345 (1268) INFO "applique_user_reg" Application de cles de registre utilisateur
|
146
|
2017-04-12 16:18:08,345 (1268) DEBUG "put_regs" Appel
|
147
|
2017-04-12 16:18:08,375 (1268) INFO "applique_user_reg" Cles de registre utilisateur appliquees
|
148
|
2017-04-12 16:18:08,375 (1268) INFO "timesync" Synchronisation horaire sur "10.1.3.5"
|
149
|
2017-04-12 16:18:08,375 (1268) DEBUG "settime" Time=Wed Apr 12 16:18:08 2017
|
150
|
2017-04-12 16:18:07,993 (1268) INFO "del_domusers_from_group" Suppression des utilisateurs du domaine dompedago du groupe Administrateurs
|
151
|
2017-04-12 16:18:07,993 (1268) DEBUG "del_domusers_from_group" ['desktop-5sph695\\administrateur', 'desktop-5sph695\\pcadmin', 'dompedago\\domainadmins']
|
152
|
2017-04-12 16:18:07,993 (1268) INFO "gestionnaires" Ajout de ['domainadmins'] au groupe 'Administrateurs' de la machine
|
153
|
2017-04-12 16:18:07,993 (1268) DEBUG "add_to_local_group" L'utilisateur dompedago\domainadmins fait deja parti du groupe Administrateurs
|
154
|
2017-04-12 16:18:07,993 (1268) INFO "appel_user" Appel de remote_logon (utilisateur)
|
155
|
2017-04-12 16:18:09,345 (1268) DEBUG "<lambda>" retour remote_logon utilisateur True
|
156
|
2017-04-12 16:18:09,361 (1268) INFO "remote_bloc" Appel de la fonction remote_bloc : partmod=(0, None), sid=S-1-5-21-2032766299-2956356467-2599722311-21008, logon=True
|
157
|
2017-04-12 16:18:09,361 (1268) DEBUG "mask_part" self.nodrives=0, self.noview=0, unmask=True, logon=True, nodrives=0, noview=0, nohide=None
|
158
|
2017-04-12 16:18:09,361 (1268) DEBUG "mask_part" self.nodrives=0, self.noview=0, nodrives=0, noview=0, nohide=None
|
159
|
2017-04-12 16:18:09,407 (1268) DEBUG "remote_fw" cmd=SETMODE::block;;allow
|
160
|
2017-04-12 16:18:09,407 (1268) DEBUG "lancecmd_dbg" netsh advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound
|
161
|
2017-04-12 16:18:09,782 (1268) INFO "remote_winvnc" Appel de la fonction remote_winvnc "setinputs"; val="None" ; conf="None"; restart="False"
|
162
|
2017-04-12 16:18:09,782 (1268) DEBUG "setinputs" Application du type de controle 'setinputs' var=None
|
163
|
2017-04-12 16:18:09,798 (1268) DEBUG "remote_winvnc" Action setinputs terminee
|
164
|
2017-04-12 16:18:09,813 (1268) INFO "remote_winvnc" Appel de la fonction remote_winvnc "set_type"; val="simple" ; conf="None"; restart="True"
|
165
|
2017-04-12 16:18:09,813 (1268) DEBUG "put_regs" Appel
|
166
|
2017-04-12 16:18:09,813 (1268) DEBUG "remote_winvnc" Action set_type terminee
|
167
|
2017-04-12 16:19:47,954 (1268) INFO "remote_logon"
|
168
|
############# SESSION #############
|
169
|
2017-04-12 16:19:47,954 (1268) INFO "remote_logon" Ouverture de session User=admin, ESU_GU=DomainAdmins, Machine=DESKTOP-5SPH695, ESU_GM=grp_eole
|
170
|
2017-04-12 16:19:47,954 (1268) DEBUG "create_dicts" Variables 1 {'TMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'COMPUTERNAME': 'DESKTOP-5SPH695', 'USERLNAME': 'admin admin', 'ESU_OS': 'Vista', 'USERINITLOGONSCRIPT': 'adminVista.bat', 'USERDOMAIN': 'DOMPEDAGO', 'GESTIONNAIRES': [], 'SID': 'S-1-5-21-2032766299-2956356467-2599722311-21008', 'ESU_GU': 'DomainAdmins', 'PSMODULEPATH': 'C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules', 'DOKANLIBRARY1': 'C:\\Program Files\\Dokan\\DokanLibrary-1.0.2\\', 'PROCESSOR_IDENTIFIER': 'Intel64 Family 6 Model 62 Stepping 4, GenuineIntel', 'PROGRAMFILES': 'C:\\Program Files (x86)', 'PROCESSOR_REVISION': '3e04', 'SYSTEMROOT': 'C:\\Windows', 'PATH': 'C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\;C:\\Users\\admin\\AppData\\Local\\Microsoft\\WindowsApps;', 'PROGRAMFILES(X86)': 'C:\\Program Files (x86)', 'ESU_LECTEUR_ICONES': 'R', 'ESU_PROXY_BYPASS': '127.0.0.1;10.1.2.0/24', 'TEMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'WINDIR': 'C:\\Windows', 'COMMONPROGRAMFILES(X86)': 'C:\\Program Files (x86)\\Common Files', 'ESU_PROXY_HOST': '10.1.2.1', 'PROCESSOR_ARCHITECTURE': 'x86', 'ESU_DOMAINE': 'dompedago', 'ALLUSERSPROFILE': 'C:\\ProgramData', 'LOCALAPPDATA': 'C:\\Users\\admin\\AppData\\Local', 'HOMEPATH': '\\', 'USERDOMAIN_ROAMINGPROFILE': 'DOMPEDAGO', 'PROGRAMW6432': 'C:\\Program Files', 'USERNAME': 'admin', 'LOGONSERVER': '\\\\SCRIBE', 'COMSPEC': 'C:\\Windows\\system32\\cmd.exe', 'GROUPES': ['DomainAdmins', 'DomainUsers', 'PrintOperators', 'professeurs'], 'PROGRAMDATA': 'C:\\ProgramData', 'IP': '10.1.2.50', 'HOMESHARE': '\\\\scribe\\admin\\perso', 'ESU_PARTAGE_ICONES': '\\\\scribe\\ICONES$', 'SESSIONNAME': 'Console', 'PATHEXT': '.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC', 'ESU_PDC': 'scribe', 'USERINITLOGONSERVER': 'SCRIBE', 'COMMONPROGRAMFILES': 'C:\\Program Files (x86)\\Common Files', 'APPDATA': 'U:\\config_eole\\Application Data\\', 'HOMEDRIVE': 'U:', 'SYSTEMDRIVE': 'C:', 'NUMBER_OF_PROCESSORS': '2', 'ESU_GM': 'grp_eole', 'PROCESSOR_LEVEL': '6', 'PROCESSOR_ARCHITEW6432': 'AMD64', 'ESU_PROXY_PORT': '3128', 'COMMONPROGRAMW6432': 'C:\\Program Files\\Common Files', 'OS': 'Windows_NT', 'PUBLIC': 'C:\\Users\\Public', 'USERPROFILE': 'C:\\Users\\admin'}
|
171
|
2017-04-12 16:19:47,954 (1268) DEBUG "create_dicts" Variables 2 {'TMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'COMPUTERNAME': 'DESKTOP-5SPH695', 'USERLNAME': 'admin admin', 'ESU_OS': 'Vista', 'USERINITLOGONSCRIPT': 'adminVista.bat', 'USERDOMAIN': 'DOMPEDAGO', 'GESTIONNAIRES': [], 'SID': 'S-1-5-21-2032766299-2956356467-2599722311-21008', 'ESU_GU': 'DomainAdmins', 'PSMODULEPATH': 'C:\\Program Files\\WindowsPowerShell\\Modules;C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules', 'DOKANLIBRARY1': 'C:\\Program Files\\Dokan\\DokanLibrary-1.0.2\\', 'PROCESSOR_IDENTIFIER': 'Intel64 Family 6 Model 62 Stepping 4, GenuineIntel', 'PROGRAMFILES': 'C:\\Program Files (x86)', 'PROCESSOR_REVISION': '3e04', 'SYSTEMROOT': 'C:\\Windows', 'PATH': 'C:\\Windows\\system32;C:\\Windows;C:\\Windows\\System32\\Wbem;C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\;C:\\Users\\admin\\AppData\\Local\\Microsoft\\WindowsApps;', 'PROGRAMFILES(X86)': 'C:\\Program Files (x86)', 'ESU_LECTEUR_ICONES': 'R', 'ESU_PROXY_BYPASS': '127.0.0.1;10.1.2.0/24', 'TEMP': 'C:\\Users\\admin\\AppData\\Local\\Temp', 'WINDIR': 'C:\\Windows', 'COMMONPROGRAMFILES(X86)': 'C:\\Program Files (x86)\\Common Files', 'ESU_PROXY_HOST': '10.1.2.1', 'PROCESSOR_ARCHITECTURE': 'x86', 'ESU_DOMAINE': 'dompedago', 'ALLUSERSPROFILE': 'C:\\ProgramData', 'LOCALAPPDATA': 'C:\\Users\\admin\\AppData\\Local', 'HOMEPATH': '\\', 'USERDOMAIN_ROAMINGPROFILE': 'DOMPEDAGO', 'PROGRAMW6432': 'C:\\Program Files', 'USERNAME': 'admin', 'LOGONSERVER': '\\\\SCRIBE', 'COMSPEC': 'C:\\Windows\\system32\\cmd.exe', 'GROUPES': ['DomainAdmins', 'DomainUsers', 'PrintOperators', 'professeurs'], 'PROGRAMDATA': 'C:\\ProgramData', 'IP': '10.1.2.50', 'HOMESHARE': '\\\\scribe\\admin\\perso', 'ESU_PARTAGE_ICONES': '\\\\scribe\\ICONES$', 'SESSIONNAME': 'Console', 'PATHEXT': '.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC', 'ESU_PDC': 'scribe', 'USERINITLOGONSERVER': 'SCRIBE', 'COMMONPROGRAMFILES': 'C:\\Program Files (x86)\\Common Files', 'APPDATA': 'U:\\config_eole\\Application Data\\', 'HOMEDRIVE': 'U:', 'PERSONAL': 'U:\\', 'SYSTEMDRIVE': 'C:', 'NUMBER_OF_PROCESSORS': '2', 'ESU_GM': 'grp_eole', 'PROCESSOR_LEVEL': '6', 'PROCESSOR_ARCHITEW6432': 'AMD64', 'ESU_PROXY_PORT': '3128', 'COMMONPROGRAMW6432': 'C:\\Program Files\\Common Files', 'OS': 'Windows_NT', 'PUBLIC': 'C:\\Users\\Public', 'USERPROFILE': 'C:\\Users\\admin'}
|
172
|
2017-04-12 16:19:49,345 (1268) INFO "clean_machine_reg" Nettoyage du registre machine
|
173
|
2017-04-12 16:19:49,345 (1268) DEBUG "clean_reg" Effacement des policies restrictive pour sid=None
|
174
|
2017-04-12 16:19:49,345 (1268) INFO "applique_machine_reg" Application de cles de registre machine
|
175
|
2017-04-12 16:19:49,345 (1268) DEBUG "put_regs" Appel
|
176
|
2017-04-12 16:19:49,345 (1268) INFO "applique_machine_reg" Cles de registre machine appliquees
|
177
|
2017-04-12 16:19:49,345 (1268) INFO "clean_user_reg" Nettoyage du registre utilisateur
|
178
|
2017-04-12 16:19:49,345 (1268) DEBUG "clean_reg" Effacement des policies restrictive pour sid=S-1-5-21-2032766299-2956356467-2599722311-21008
|
179
|
2017-04-12 16:19:49,345 (1268) INFO "applique_user_reg" Application de cles de registre utilisateur
|
180
|
2017-04-12 16:19:49,345 (1268) DEBUG "put_regs" Appel
|
181
|
2017-04-12 16:19:49,377 (1268) INFO "applique_user_reg" Cles de registre utilisateur appliquees
|
182
|
2017-04-12 16:19:49,377 (1268) INFO "timesync" Synchronisation horaire sur "10.1.3.5"
|
183
|
2017-04-12 16:19:49,377 (1268) DEBUG "settime" Time=Wed Apr 12 16:19:50 2017
|
184
|
2017-04-12 16:19:49,994 (1268) INFO "del_domusers_from_group" Suppression des utilisateurs du domaine dompedago du groupe Administrateurs
|
185
|
2017-04-12 16:19:50,020 (1268) DEBUG "del_domusers_from_group" ['desktop-5sph695\\administrateur', 'desktop-5sph695\\pcadmin', 'dompedago\\domainadmins']
|
186
|
2017-04-12 16:19:50,020 (1268) INFO "gestionnaires" Ajout de ['domainadmins'] au groupe 'Administrateurs' de la machine
|
187
|
2017-04-12 16:19:50,020 (1268) DEBUG "add_to_local_group" L'utilisateur dompedago\domainadmins fait deja parti du groupe Administrateurs
|
188
|
2017-04-12 16:19:50,020 (1268) INFO "appel_user" Appel de remote_logon (utilisateur)
|
189
|
2017-04-12 16:19:51,270 (1268) DEBUG "<lambda>" retour remote_logon utilisateur True
|
190
|
2017-04-12 16:19:51,286 (1268) INFO "remote_bloc" Appel de la fonction remote_bloc : partmod=(0, None), sid=S-1-5-21-2032766299-2956356467-2599722311-21008, logon=True
|
191
|
2017-04-12 16:19:51,286 (1268) DEBUG "mask_part" self.nodrives=0, self.noview=0, unmask=True, logon=True, nodrives=0, noview=0, nohide=None
|
192
|
2017-04-12 16:19:51,286 (1268) DEBUG "mask_part" self.nodrives=0, self.noview=0, nodrives=0, noview=0, nohide=None
|
193
|
2017-04-12 16:19:51,334 (1268) DEBUG "remote_fw" cmd=SETMODE::block;;allow
|
194
|
2017-04-12 16:19:51,334 (1268) DEBUG "lancecmd_dbg" netsh advfirewall set allprofiles firewallpolicy blockinbound,allowoutbound
|
195
|
2017-04-12 16:19:51,693 (1268) INFO "remote_winvnc" Appel de la fonction remote_winvnc "setinputs"; val="None" ; conf="None"; restart="False"
|
196
|
2017-04-12 16:19:51,693 (1268) DEBUG "setinputs" Application du type de controle 'setinputs' var=None
|
197
|
2017-04-12 16:19:51,709 (1268) DEBUG "remote_winvnc" Action setinputs terminee
|
198
|
2017-04-12 16:19:51,709 (1268) INFO "remote_winvnc" Appel de la fonction remote_winvnc "set_type"; val="simple" ; conf="None"; restart="True"
|
199
|
2017-04-12 16:19:51,709 (1268) DEBUG "put_regs" Appel
|
200
|
2017-04-12 16:19:51,709 (1268) DEBUG "remote_winvnc" Action set_type terminee
|