NAME dkwt - Dirk Krause's Windows tool SYNOPSIS dkwt users [] dkwt groups [] dkwt printers [] dkwt print [] [] dkwt boot dkwt login dkwt logout dkwt shutdown dkwt keep dkwt unkeep dkwt cleanup-profiles dkwt env [] [] dkwt help dkwt -h dkwt -v dkwt -L DESCRIPTION dkwt users lists the users. dkwt groups lists the user groups. dkwt printers lists the available printers. dkwt print prints the specified file(s). dkwt boot does cleanup during boot. dkwt login does cleanup during user login. dkwt logout does cleanup during user logout. dkwt shutdown does cleanup during shutdown. dkwt keep disables automatic cleanup temporarily until the next user login is completed. dkwt unkeep restores normal cleanup mechanisms. dkwt cleanup-profiles cleans up user profiles. dkwt help prints a help text for a specific command. dkwt -h shows this help text. dkwt -v shows version information. dkwt -L shows the license conditions. The boot, login, logout, shutdown, keep, and unkeep commands are intended for use in PC classrooms, see NOTES below. OPTIONS -s switches to short listings for the users, and groups command. -l switches to long (detailed) listings for users, groups, and printers command. -d chooses the printer for the print command. RETURN VALUE The program returns exit status code 0 on success, all other status codes indicate an error. FILES dkwt.conf The dkwt.conf file is used to configure automatic cleanup for the boot, login, logout, shutdown, and cleanup-profiles command. The file should be placed in "C:\Program Files\Krause\etc\dkt-3-size" or "C:\Program Files (x86)\Krause\etc\dkt-3-size" depending on your Windows version (32 or 64 bit). The file consists of three sections: "options", "public", and "profiles". In the options section you can configure the name for the "System" and "Everyone" account, the name differs depending on the language configured for your system. These settings are optional, the program retrieves the names for SIDs "S-1-5-18" and "S-1-1-0" if the settings are omitted. In the public section you can list public writable directories to be cleaned up automatically. In the start of the profiles section you configure the profile base directory (the parent directory where the profile directories live in). Each section line lists one directory to be left untouched by automatic cleanup. NOTE: On Windows 7 I do not recommend to manage user profile directories using dkwt. Use the group policy configured in gpedit.msc to remove expired user profiles instead. Just omit the "[profiles...]" section. Example: [options] system user = System everyone user = Everyone [public] c:\temp c:\lecture [profiles C:\Users] All Users Default User Public Administrator admin sshd_server NOTES The boot, login, logout, shutdown, and cleanup-profiles commands are intended for use in computer classrooms and other educational environments. We assume the following: - User accounts are managed centrally, i.e. in AD or a Windows domain. There is only a few local accounts on each system required by the Windows system itself or by services running. - Each "normal" user has a home directory on a file server. - Typically all users in a class room log in and out nearly at the same time (begin and end of a lecture). For the following reasons we do not store user profiles on a file server: - Large parts of the user profile are not related to the lectures, saving them on a file server would be waste of disk space. Although Windows allows you to exclude profile subdirectories from profile replication we don't want to use this feature. Blacklist mechanisms require research for new directories to exclude after each software installation or update. - Due to the simultaneous login and logout of all users there would be load peaks on server and networks on begin and end of lectures significantly higher than average load. So we use a setup as follows: - In the group policies we allow local user profiles only, profile synchronization or propagation to the server is disabled. - During the lectures users write data to a public writable directory, i.e. C:\Temp or C:\Lecture. At the end of the lecture they save valuable data to the home directory or to private storage media (i.e. USB device). After saving the data the users deletes all contents he created in the public writable directory. - During logout a logout script is run. This script first changes the permissions to all contents still found in the public writable directories to grant full access for everyone. Next it attempts to remove the contents. The same is done for the users home directory. - Not all contents can be deleted during logout as some files still might be in use (i.e. the HKCU registry hive file in the user profile). So we attempt to delete these contents again at the next users login, at shutdown and at next reboot. To have this cleanup automatically we add dkwt boot to the system boot script, dkwt login to the user login script, dkwt logout to the user logout script, and dkwt shutdown to the system shutdown script. On Windows Vista and above the boot, login, logout, and shutdown commands do not attempt to clean up user profiles. Login scripts here do not have sufficient permissions to clean up. You can start the command prompt as administrator and run "dkwt cleanup-profiles" manually instead. Lectures about system programming (i.e. "How do I build a driver?") need a special setup. When testing self-made system software the system may crash or hang, so a reboot with a new login will be necessary. We need to deactivate the automatic cleanup, otherwise all changes we made in the public writable directories would be lost. Before starting experiments we run dkwt keep to disable automatic cleanup temporarily until the next user login is finished. If all experiments succeeded we can run dkwt unkeep after saving all our changes before logging off. The HKEY_LOCAL_MACHINE\SOFTWARE\DKrause\Shared\dkwt must exist, full access must be possible for "Everyone" or "INTERACTIVE". AUTHOR Dirk Krause HISTORY COPYRIGHT AND LICENSE Run dkwt --license-terms to see the license conditions. SEE ALSO http://dktools.sourceforge.net