SafeOper component

Components and SafeOper settings serves for securing the application from unwanted actions of the user for example starting other applications, ending the PROMOTIC application, etc.

This functionality is based on the possibility to configure the Windows OS 10/7/Embedded/2003-12Server by values in the Windows registration database (system registers) in order to make the running PROMOTIC application secure against unwanted actions of the user. Configuration files and scripts are located in the \Promotic\Tools\SafeOper folder. Everything that is described here that works in Windows OS 7 is also functional in Windows OS 11/10. In fact this is not a PROMOTIC component, but only a specific Windows OS setup.

Behavior of so configured system

a) After starting the computer, the PROMOTIC application is started automatically (Windows user Promotic is automatically logged in and the batch AutoStart.bat file in which the PROMOTIC application is triggered, is started).
b) Neither the Windows desktop nor the TaskBar is started nor the TaskManager is accessible.
c) Keys Ctrl+Esc, etc. aren't functional
d) Keys Alt+Tab, Alt+F4, etc. are functional and they enable handling with already opened windows and applications.
e) If the PROMOTIC application is decreased, then even the right mouse button doesn't work over the desktop outside the PROMOTIC application. Decreasing and closing the application can be barred on top of that in the configurator of the PmaRoot object on the Application and Appearance pages.
f) No task can be started by interactive tools in the Windows OS.
Since Windows OS Vista the Ctrl+Alt+Del keys can be pressed and then user log-off or computer shutdown cannot be prevented.
g) From application scripts it is possible to start any application by methods Pm.CreateProcess or Pm.ShellExecute (even in the context of another Windows user respectively, for example Admin, by the utility RunAs).
h) Logging off the user or switching off the computer must be engaged in the application by means of the Pm.ShutDown method (prefarably to call it on termination of the application in the PmaRoot.onAppStopBegin event).

Characteristic of work with the PROMOTIC system and application

All installation and upgrade of the PROMOTIC system and the application itself proceeds under created Windows user Admin (group Administrators). This account has no security properties and it allows unlimited work with the Windows OS and with the PROMOTIC application. This configuration refers to normal, non-protected operation.
The protected operation of the PROMOTIC application itself proceeds under created Windows user Promotic (group Users and temporarily even the group Administrators during the configuration due to writing into the register database). The application has an access into the folder \Promotic with the installed PROMOTIC system for read only.
Because the application is installed under the user Admin and operated under the user Promotic, all files and folders of the application must be accessible to the user Promotic for read and write. This is accomplished in the file system FAT32 where it isn't possible to set rights for files and folders but in NTFS this condition must be ensured (it wouldn't be accomplished by default).
If the Windows OS is installed on a stand-alone computer (outside a domain), then the Windows OS use simplified security model. It is not possible to set the user access rights for files and folders manually, but there is a shared Windows folder (C:\Users\Public\Documents for Windows OS Vista, Win Server 2008 and higher), that has its rights preset in order to enable all folders and files stored in it to all Windows users for read and write. This is the reason why it is suitable to place the application, including the folder with the application data files, into this shared folder.
If the Windows OS are located into a domain, then the application can be installed wherever but it is necessary to enable reading and writing the application folders and files to the user Promotic. In the case of emergency, the simplified security model of sharing files in the Windows OS XP that are not in the domain, can be switched off by means of 'Local security principles' of the computer.
On the configuration of the SafeOper component it is necessary to follow the guideline precisely. It is important that it is possible to bar the automatic logging in the user Promotic and consecutive starting the application by the key Shift, kept pressed during the whole start of the Windows OS, and, instead of this, to log in as the user Admin and to make pertinent modifications in the SafeOper configuration, in the application or in the PROMOTIC system. In the last resort it is possible to delete the user Promotic and to start the whole installation again from the point 7).
It is possible to start REG files (SafeOperStart.reg and SafeOperStop.reg) only under the user Promotic and in the moment when it is temporarily added even in the group Administrators. Basically it is necessary to start the SafeOperStart.reg file only once during the installation while the SafeOperStop.reg file usually needs to be never started.

Description of individual steps during the installation in Windows OS

By a wrong installation the situation when it isn't possible to connect correctly to the installed system, can come in the extreme case. That's why the following walkthrough is recommended:
1) Login as user Administrator.
2) Create a new user Admin, member of the group Administrators (important step, do not skip this).
3) Log out and log in as user Admin.
4) Installation the PROMOTIC system into the "C:\Promotic" folder.
5) Installation the application into a new folder located in the shared folder C:\Users\Public\Documents (for Windows OS Vista, Server 2008 and higher).
6) Edit SafeOper files in the \Promotic\Tools\SafeOper folder (AutoStart.bat starts the PROMOTIC application, SafeOperStart.reg configures the user Promotic in the SafeOper mode and SafeOperStop.reg configures the user Promotic back in the normal mode).
6.1) AutoStart.bat, in the file a command for starting the PROMOTIC application is edited (the file can be copied elsewhere so that it cannot be overwritten on the PROMOTIC upgrade).
6.2) SafeOperStart.reg, in the file a key with path to the file AutoStart.bat (Shell), computer name (DefaultDomainName) and password of the user Promotic (DefaultPassword) are edited.
7) Create new user Promotic, member of the group Users and Administrators.
8) Log off and log in as the user Promotic.
9) Start (read) the SafeOperStart.reg file in the \Promotic\Tools\SafeOper folder (folder WinXP or Win7).
10) Remove the user Promotic from the group Administrators.
11) Restart computer.


Shutdown Windows OS together with ending the application by calling the Pm.ShutDown method in the PmaRoot.onAppStopBegin event.
VBScriptSelect and copy to clipboard

Pm.ShutDown 2, true
Start the command line in the context of the logged-on Windows user (Promotic) in the script by the Pm.CreateProcess method.
VBScriptSelect and copy to clipboard

Pm.CreateProcess "cmd.exe", ""
Start the command line in the context of another Windows user (Admin) in the script by the Pm.CreateProcess method. This command shouldn't be missing in the service menu of the application, protected by the SafeOper component because the command line allows to start any other program, edit Windows users and their rights, copy and delete files, etc.
VBScriptSelect and copy to clipboard

Pm.CreateProcess "runas /user:Admin cmd.exe", ""
Start editing the particular file in the context of another Windows user while on each starting a password of the user must be entered (password mustn't be empty).
VBScriptSelect and copy to clipboard

Pm.CreateProcess "runas /user:Admin ""notepad.exe C:\Promotic\Apps\Application1\XY.ini""", ""
Start the application from the batch file AutoStart.bat by the utility RunLater (using this utility is necessary so as the window with the command line disappears from the screen after the application is launched).
C:\Pm\RunLater.exe /t=1 /f=C:\Documents and Settings\All Users\Dokumenty\Demo\demo.pra

Useful commands of the command line

Start a new command line in the context of another Windows user (Admin) from the command line (which is, for example, in the context of Promotic).
runas /user:Admin cmd.exe
Start the tool for modification of Windows users (possibility to assign administration rights to the Promotic user).
Not available for Windows OS Home editions (Windows OS 11/10 Home, Windows OS 7 Home Basic/Premium, ...).
Modifications can be done only in the context of the Windows user with administration rights (Admin).
Start the tool for Local Security Policy Editor
Not available for Windows OS Home editions (Windows OS 11/10 Home, Windows OS 7 Home Basic/Premium, ...).
Modifications can be done only in the context of the Windows user with administration rights (Admin).
The command for starting the desktop, toolbar with the button Start of the Windows OS (if SafeOper is active and the desktop is suppressed). It is necessary to restart the computer later on, so as SafeOper is fully functional again.
Start the REG file SafeOperStart.reg or SafeOperStop.reg (in the \Promotic\Tools\SafeOper folder (ForWin) that activates or inactivates the SafeOper component. It can be done only in the context of the Windows user Promotic, namely in the moment when it is temporarily added into the Administrators group.
Edit text file.
notepad "C:\Promotic\Tools\SafeOper\ForWin\AutoStart.bat"
notepad "C:\Promotic\Tools\SafeOper\ForWin\SafeOperStart.reg"
PROMOTIC 9.0.27 SCADA system documentation MICROSYS, spol. s r.o.

Send page remarkContact responsible person
© MICROSYS, spol. s r.o.