CHARON on Windows - Automated License Expiration Check

Version: 1.18 - Published 

Table of contents

Description

The goal of this Powershell script is to read the license content and send alerts 15 days (by default) before expiration. This document is related to the kit versions 1.9 to 1.17.

This utility is replaced by CHARON on Windows - Charon License Utility that provides a graphical interface providing the Windows server has PowerShell 5.1 and .NET Framework 4.6 minimum installed (4.8 recommended) installed.

Alerts consist in:

  • Adding a Windows Event entry in the Application log
  • Executing a customized script named "expiredlicense.bat" that can execute actions at your convenience: send an email, send an event to a monitoring software, etc...

Alert levels:

Days before expiration (date limited license)Hours before expiration (time limited license)Alert level
Between 7 and number of days defined (15 by default)Between 73 and 96 hoursInformational
Between 3 and 7Between 49 and 72 hours

Warning

Less than 3 and expiredLess than 49 and expired

Error

Related products:

Charon-AXP and Charon-VAX/PDP V4.5 and above

Operating systems:

Windows 7, Windows 8.1, Windows 10 Professional, Windows Server 2008 R2, Windows Server 2012 (R2), Windows Server 2016, Windows Server 2019

Step-by-step guide

Installation

  • Create a folder dedicated to store the scripts, for example: "C:\Charon"
  • Download the kit from our SFTP server (please ask us connection credentials if you have no access) and extract all files in this folder.
    (info) The kit contains some files, their usage is described further in this document.
    .
  • Optionally create the "expiredlicense.bat" file in the same folder and customize it at your own (to send emails for example).

    (question) If the script does not exist, a warning event will be posted but it will not prevent the script from running. In this case only Windows Application events will be sent.

    .
    Below is a simple example to append entries in a log file. You will find further in this article an example on how to send an email using powershell.

    echo %date% %time% %1 %2 >> C:\Charon\expiredlicense.log

    Notes:

    • "%1" corresponds to the severity level and can be "informational", "warning" or "error"
    • "%2" corresponds to the alert message containing the license number, the product name and the expiration status

Interactive check

  • Open a command line window
  • Move to the folder you created, example: C:\Charon
  • Execute the powershell script. The following parameters can be passed to the script:
    • "-folder" is used to specify where the scripts (.ps1 and .bat) are stored. If not specified, default is "C:\Charon"
    • "-nbdays" is used to specify the number of days before expiration to start sending alerts, default is 15
    • "-nbhours" is used to specify the number of hours before expiration of a backup/spare license (time limited) to start sending alerts, default is 96. Must not be lower than 72.
    • "-usevanilla" is used in case the hasp_view.exe program is not able to provide the expiration date in the output file (bug found in builds 18304 and 18305 with hasp_view.exe version 1.26). In this case, the script will use the hasp_view.exe program located in the "xxxxx_ORIGINALS_xxx_PATCH_xxx" folder (example: B18302_ORIGINALS_AXP_PATCH_X64). The bug is solved with hasp_view.exe version 1.27 and later.
    • "-haspview <hasp_view.exe location>" is used to specify the location of the hasp_view.exe file. If this parameter is not specified then the script searches for the location itself depending on Charon installation folder. It is used in case a license server performs the checks instead of the server hosting the Charon virtual machines. The "-usevanilla" parameter is ignored if this parameter is defined.
    • "-ini <file>" is used to specify a file where the -folder, -nbdays, -nbhours-usevanilla, -haspview and -tick parameters can be stored. Priority goes to the parameters passed in the command line then those in the specified file. The file is used to facilitate updates in the parameters passed in the tasks scheduler (update the file instead of the task).
    • "-tick" parameter is used to execute external script (expiredlicense.bat) even if no alert is detected (counter alert for monitoring software). If used in the .ini file, "1", "y", "yes" or "true" value activates it, other values will invalidate (Example: tick=true)


To run PowerShell scripts (files that end with .ps1), you must first set the execution policy to Unrestricted (This operation has to be done once).

To do so, open a command line window (cmd.exe) as an Administrator and use the following command:
c:\Charon>powershell -command "Set-ExecutionPolicy Unrestricted"

(info) The ExecutionPolicy can also be set to "RemoteSigned". In this case the .ps1 script files will have to be unblocked as described below.

If you are still prompted to allow for execution of the script, please run the following command to unblock the downloaded charon_expchk.ps1 file:
c:\Charon>powershell -command "Unblock-File -path c:\charon\charon_expchk.ps1"

Example:

c:\Charon>powershell -file charon_expchk.ps1 -folder c:\charon -nbdays 20

(info) If the license is not readable (dongle not connected for example), the script will end with an "Unable to generate the license view from hasp_view.exe!" error, an entry will be added to the Windows Event Application log and the expiredlicense.bat script will be executed.

If no script error is detected, it is now possible to create a new scheduled task.

Scheduled task creation

Scheduled task creation using the Graphical User Interface

To set this,

  • either open the Administrative tools under Control Panel and select "Task Scheduler" or
  • execute taskschd.msc from the Windows run command (press Windows key + R)

(info) Examples are given based on a Windows 2008 R2 server

Right click on Task Scheduler Library, select New folder then enter CHARON.

Select the newly created folder (1) and on the right pane, select "Create Task..." (2).

(warning) Do not use "Create Basic Task..."  some of the options required aren't available in that wizard.


Fill the General tab as below:

Select the Triggers tab and set the check interval, for example here: everyday at 09:00 AM

Select the Actions tab and configure powershell to be executed with the following parameters:

(1) : Powershell location here is "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"

(2) : Define the powershell arguments to be added: -file c:\Charon\charon_expchk.ps1 -folder c:\Charon (the folder parameter is optional here as it is the same as the default folder)

(3) : Set the folder to be the one where the scripts reside


(info) Once the task is created, it is recommended to right click on the task then "Run". To verify the script ran correctly, please check the existence of the "charon_expchk.txt" file in the installation folder (it should contain the license view, if the license is present) and check for events in the Windows Event Application log if any.

Scheduled task creation using the Character User Interface

Open a command line window (cmd.exe) and execute the following command:

c:\Charon>schtasks /create /SC DAILY /ST 09:00 /NP /RL HIGHEST /TN "CHARON\CHARON License Expiration Check" ^
More?
/TR "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -file c:\Charon\charon_expchk.ps1 -folder c:\Charon"

(lightbulb) Update the schedule type (/SC) and time (/ST) to your desired settings


Start the task as shown below:

c:\Charon>schtasks /run /TN "CHARON\CHARON License Expiration Check"

To verify the script ran correctly, please check the existence of the "charon_expchk.txt" file in the installation folder (it should contain the license view, if the license is present) and check for events in the Windows Event Application log if any.

Configuration file example

In the following example, the parameters/values are stored in the c:\charon\charon_expchk.ini file.

Example:

#Folder where the scripts are located
folder=C:\Charon

# Number of days before expiration alert
nbdays=21

# Location of the hasp_view.exe file if Charon is not installed
haspview=C:\Charon

# Send an alert even if no license is about to or has expired
tick=true

To execute the script with the .ini file, use the following command:

c:\Charon>powershell -file c:\charon\charon_expchk.ps1 -ini c:\charon\charon_expchk.ini

To create the scheduled task, open a command line window (cmd.exe) and execute the following command:

c:\Charon>schtasks /create /SC DAILY /ST 09:00 /NP /RL HIGHEST /TN "CHARON\CHARON License Expiration Check" ^
More? /
TR "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -file c:\Charon\charon_expchk.ps1 -ini c:\Charon\charon_expchk.ini"

Hints

(lightbulb) To verify the script is correctly working and to force the creation of a Windows event, and eventually the execution of the "expiredlicense.bat" file, you can:

  • either play with the removal of the dongle (if there is, that is no Software License)
  • or with the number of days (if the license is not unlimited)
  • or you can specify a folder that does not exist.



Windows Event Application log example - Information alert:


Windows Event Application log example - License dongle not connected:


Sending alerts via email - example

Using Powershell we can send alerts via email. You will find below an example with configuration steps.

Configuration details:

Email account password encryption

Due to the email account settings, to be able to send an email we need to generate a CliXML file that will store the encrypted password as described below.

(info) This file will only be valid for the current user and machine. The following operations must be performed using the same user as the author of the scheduled task.

(question) The "<monitoring-account>@<somewhere>" value must be adapted to your configuration

(question) When you will execute the "get-credential" command, you will be prompted to store the password of the corresponding email account, that is the "sender".

C:\Charon>powershell
Windows PowerShell
Copyright (C) 2014 Microsoft Corporation. All rights reserved.

PS C:\Charon> $From="<monitoring-account>@<somewhere>"
PS C:\Charon> $Creds=(get-credential -credential $From)
PS C:\Charon> $Creds | Export-CliXML C:\Charon\creds.clixml
PS C:\Charon> exit

C:\Charon>exit

(warning) If the sender's email address or its password has to be changed, the .clixml file will have to be recreated.


Powershell script used to send emails

Create a Powershell script named "sendmail.ps1" in the "c:\Charon" folder for example.

(question) The sender ($From) and recipient ($To) values must be adapted to your configuration

Param(
  [string]$lvl = "Information",
  [string]$msg = "no message"
)

$Hostname = (Get-Item env:\COMPUTERNAME).value
$Creds = Import-clixml C:\Charon\creds.clixml

#--- Customize the values below: "From" and "To" -----------------------------
$From = "<monitoring-account>@<somewhere>"
$To = "<someone>@<somewhere>"
#-----------------------------------------------------------------------------

send-mailmessage -to $To -from $From -subject "CHARON License Expiration Check for $Hostname ($lvl)" -body "$msg" -credential $Creds -smtpserver smtp.office365.com -usessl -port 587 -delivery none


(lightbulb) If you have to specify multiple recipients, an array has to be used as described below.

Example1:

$To = @( "James T. Kirk <kirk@uss-enterprise.fed>", "Spock <spock@uss-enterprise.fed>" )

Example2:

$To = @( "kirk@uss-enterprise.fed", "spock@uss-enterprise.fed", "uhura@uss-enterprise.fed" )


(info) The example shown above and another one given with embedded html code and colored email body are part of the kit downloaded previously.


Office365 email account is given here as an example but you can use "gmail" also and create a free dedicated account to send alerts. In this case the last line of the script(s) above has to be updated: the "-smtpserver" parameter has its "smtp.office365.com" value to be replaced by "smtp.gmail.com" (no other value to update)

(warning) Google may block sign-in attempts when using powershell and send-mailmessage. In this case the sender will receive a "Sign in attempt prevented" alert email. To allow emails to be sent:

  1. Create a dedicated gmail account
  2. Allow less secure apps to access your account. See this article: https://support.google.com/accounts/answer/6010255?hl=en


expiredlicense.bat file settings

Add the following line in the "expiredlicense.bat" file:

powershell -NonInteractive -file c:\charon\sendmail.ps1 -lvl %1 -msg %2

(info) This .bat file can be found in the kit downloaded previously.


Scheduled task settings update

This time, the General tab of the Scheduled task has to be updated in order to store the password and to be able to send the email:

You will be prompted to store the password of the author.

This can also be done using the command line:

c:\Charon>schtasks /change /TN "CHARON\CHARON License Expiration Check" /rp <password>

Related articles



© Stromasys, 1999-2024  - All the information is provided on the best effort basis, and might be changed anytime without notice. Information provided does not mean Stromasys commitment to any features described.