GREAT TEAMS OWN THE MOMENT

The New York Giants Draft Room presented by Crestron

Learn More

Increase your efficiency, boost your productivity, and stay ahead of the competition with industry-leading training from the Crestron Technical Institute

Learn More

Increase your efficiency, boost your productivity, and stay ahead of the competition with industry-leading training from the Crestron Technical Institute

Learn More

Explore moments made possible with DM NVX® technology.

Learn More

Explore moments made possible with DM NVX® technology.

Learn More

Explore moments made possible with DM NVX® technology.

Learn More

GREAT TEAMS OWN THE MOMENT

The New York Giants Draft Room presented by Crestron

Learn More

Explore moments made possible with DM NVX® technology.

Learn More

GREAT TEAMS OWN THE MOMENT

The New York Giants Draft Room presented by Crestron

Learn More

Everything in the home is controlled with ease on one intelligent platform.

Learn More

Missed DM NVX AV-over-IP Week?

The good stuff from our week-long celebration of innovation is available! Catch webinars, techinars, and other opportunities to learn.

View our entire
product catalog

Dedicated solutions for
the modern workplace.

See the Catalog

Online help

Quickly find the answers and resources you need for all things Crestron. Ask questions, manage previously asked questions, access FAQs, and more.

Learn More

Online help

Quickly find the answers and resources you need for all things Crestron. Ask questions, manage previously asked questions, access FAQs, and more.

Learn More

Looking for a specific product?

See the Catalog

Enable Authentication Example Script

OLH v10

 

[Header]

DebugStrings=on

AbortOnError=off

ConcurrentSectionLimit=100

GlobalReportFile=|$scriptpath||$scriptfilename|-Report Log |$date| |$time|.log

GlobalReportFileIncludeAll=on

//-----------------------------------------------------------------------------

[AddressList:Processors]

auto AV3-BOARDROOM

// auto 192.168.1.100

// ssh PRO3-OFFICE

// Add IPs or Hostnames as needed - Use SSH or Auto (not CTP)

[Variables]

AdminAccountUsername=AdminUN123

AdminAccountPassword=AdminPW123

UserAccountUsername=UserUN123

UserAccountPassword=UserPW123

// Note minimum password length is 6 characters

//-----------------------------------------------------------------------------

[Enable Authentication On Processors]

Connect=AddressList:Processors

LogComment "Connected to |$scriptconnect|. "

CommunicationsSendAndWait "AUTH\r",5,true,>

TestResults 0,has,"OFF"

IfSuccess

LogComment "Authentication is off. "

CommunicationsSendAndWait "AUTH ON\r",5,true,Username:

TestResults 0,has,"create"

IfSuccess

LogComment "First time enabling Authentication. "

LogComment "Creating new Administrator account. "

 

CommunicationsSendAndWait "|AdminAccountUsername|\r",5,true,Password:

CommunicationsSendAndWait "|AdminAccountPassword|\r",5,true,password:

CommunicationsSendAndWait "|AdminAccountPassword|\r",5,true,ON

 

LogComment "Creating User account. "

CommunicationsSendAndWait "ADDUSER -N:|UserAccountUsername| -P:|UserAccountPassword|",5,true,created.

CommunicationsSendAndWait "ADDUSERTOGROUP -N:|UserAccountUsername| -G:USERS",5,true,'USERS'.

Else

LogComment "Authentication enabled prior. "

CommunicationsSendAndWait "|AdminAccountUsername|\r",5,true,Password:

CommunicationsSendAndWait "|AdminAccountPassword|\r",5,true,>

TestResults 0,has,"Invalid"

IfSuccess

LogComment "Login with Admin credentials failed. Restoring processor to clear out old Admin account. "

CommunicationsSendAndWait "RESTORE\r",5,true,(Y or N)?

CommunicationsSend "Y\r"

Else

LogComment "Login with Admin credentials successful. Authentication re-enabled. "

LogComment "Creating User account. "

CommunicationsSendAndWait "ADDUSER -N:|UserAccountUsername| -P:|UserAccountPassword|",5,true,created.

CommunicationsSendAndWait "ADDUSERTOGROUP -N:|UserAccountUsername| -G:USERS",5,true,'USERS'.

EndIf

EndIf

Else

LogComment "Authentication has already been enabled on this processor. "

Endif

//--------------------------- AUTH ON FOR FIRST TIME --------------------------

// CP3N>auth on

// Please create a local administrator account.

// Username: UserName123!

// Password: ************

// Verify password: ************

//

// An administrator account was successfully created.

// Authentication is now ON.

// SSL is currently off, turning it on using a self-signed certificate...

// Reboot to complete change.

// Reboot to take effect....

//--------------------------- AUTH ENABLED PREVIOUSLY ------------------------

// CP3N>auth on

// Please enter your administrator's credentials.

// Username: UserName123!

// Password: ************

//

// Authentication is now ON.

// SSL is currently off, turning it on using a self-signed certificate...

// Reboot to complete change.

// Reboot to take effect....

//--------------------------- ADDITIONAL INFO --------------------------------

// * Additional Info *

// Note enabling Authentication enables Self-Signed SSL by default

 

// To harden further, disable fallback & only allow strong cyphers

// CommunicationsSendAndWait "SSL SELF TLSONLY\r",5,true,>

// CommunicationsSendAndWait "CIPHER STRONG\r",5,true,>

 

// To harden even further, instead enable CA issued certificates & extended secure gateway

// CommunicationsSendAndWait "SSL CA -P:PrivateKeyFilePassword123!\r",5,true,>

// CommunicationsSendAndWait "SECUREGATEWAYMODE secureext\r",5,true,>

 

// SSL can otherwise be disabled if desired

// CommunicationsSendAndWait "SSL OFF\r",5,true,>

 

// Please review Secure Deployment Guide & Security Audit Tool OLH

// https://support.crestron.com/app/answers/answer_view/a_id/5571

//-----------------------------------------------------------------------------