NI TestStand

cancel
Showing results for 
Search instead for 
Did you mean: 

user.ini Security

It's a fairly well known behavior that TestStand will re-create the Users.ini file if it's missing, but this also seems like a rather simple way to get full access to TestStand.  

 

Are there any features or options that would make this point of access more secure?  

 

My guesses would be having an option that would disable automatic re-creation of the Users.ini file, or maybe using an authenticating flag or value?

 

I'm using TestStand 2013 currently, but can move to 2014 if that's a feature on there already. 

0 Kudos
Message 1 of 4
(4,607 Views)

Our users.ini file is on a network drive.  It is locked to only a few users as far as editing permissions.  This way they cannot delete it.

 

Another option could be to give your users an attribute flag as you suggested.  Then in your front end callback check that flag to see if it is valid.  A new users.ini file would not have that flag.

 

Or put a fake user in the file and check to see if that user exists in the FrontEnd callback.  If it doesn't then you know the file is fraudulant.

 

Or check the file creation date in the FrontEnd callback.

 

Or find out who deleted the file and run them through a disciplinary board.... 🙂

 

Hope this helps.

 

Cheers,

jigg
CTA, CLA
testeract.com
~Will work for kudos and/or BBQ~
Message 2 of 4
(4,597 Views)

Have you had any problems with the Users.ini file being on the network drive?  I have concerns about things like network outages/slowness or with multiple people trying to edit it at the same time.  

 

Regarding the FrontEnd callback, I'm assuming you mean to put it in the LoginLogout sequence (as I have yet to see any other sequence ever put in there), right?

 

Thanks,
Seth

0 Kudos
Message 3 of 4
(4,584 Views)

Because our tests rely so heavily on the network anyway (Database Logging, ERP System Logging, ERP System Moving Product) our tests are dead without the network.  So in that regard no we haven't.  Either way it wouldn't matter though.

 

Basically the user scans their badge and we look in the Users.ini file.  If it is there then we log them in.  If it isn't we pull their info from the company DB and add them. Have not had an issue with multiple accesses to the file yet.

 

Yes the FrontEnd Callback file by default only has one sequence in it.  That is what I meant.  Although we have added our own sequences in there as well for other purposes.  But the LoginLogout sequence is the one the engine and UI use so you need to handle it in there.

 

Hope this helps,

jigg
CTA, CLA
testeract.com
~Will work for kudos and/or BBQ~
Message 4 of 4
(4,582 Views)