diff --git a/gp-scripts/checkpoint_EndpointSecurity.ps1 b/gp-scripts/checkpoint_EndpointSecurity.ps1 new file mode 100644 index 0000000..b85a9c8 --- /dev/null +++ b/gp-scripts/checkpoint_EndpointSecurity.ps1 @@ -0,0 +1,106 @@ +# ==================================================================================== +# Check Point SecuRemote Configuration Script +# - Ensures client_sub_type = "SecuRemote" +# - Restarts EPWD and TracSrvWrapper services +# - Restarts TrGUI.exe +# - Self-elevates to Administrator if needed +# - Waits for key press before exit +# ==================================================================================== + +# --- Self-elevate if not running as Administrator --- +if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole( + [Security.Principal.WindowsBuiltInRole] "Administrator")) { + + Write-Host "Restarting script as Administrator..." -ForegroundColor Yellow + Start-Process powershell.exe -Verb RunAs -ArgumentList "-ExecutionPolicy Bypass -File `"$PSCommandPath`"" + exit +} + +# --- Registry configuration --- +$regPath = "HKLM:\SOFTWARE\WOW6432Node\CheckPoint\TRAC" +$name = "client_sub_type" +$value = "EndpointSecurity" +$restartNeeded = $false + +try { + Write-Host "Checking registry value $name in $regPath ..." -ForegroundColor Cyan + + if (-not (Test-Path $regPath)) { + Write-Host "Registry path does not exist, creating..." -ForegroundColor Yellow + New-Item -Path $regPath -Force | Out-Null + } + + $currentValue = (Get-ItemProperty -Path $regPath -Name $name -ErrorAction SilentlyContinue).$name + + if ($currentValue -eq $value) { + Write-Host "Registry already set to '$value'. No change needed." -ForegroundColor Green + } else { + Write-Host "Updating registry value from '$currentValue' to '$value'..." -ForegroundColor Yellow + Set-ItemProperty -Path $regPath -Name $name -Value $value -Type String + Write-Host "Registry value updated successfully." -ForegroundColor Green + $restartNeeded = $true + } +} +catch { + Write-Host "Error setting registry value: $($_)" -ForegroundColor Red + exit 1 +} + +# --- Stop TrGUI.exe if running --- +try { + $trgui = Get-Process -Name "TrGUI" -ErrorAction SilentlyContinue + if ($trgui) { + Write-Host "Stopping TrGUI.exe ..." -ForegroundColor Cyan + Stop-Process -Name "TrGUI" -Force + Start-Sleep -Seconds 2 + Write-Host "TrGUI.exe stopped." -ForegroundColor Green + } else { + Write-Host "TrGUI.exe not running." -ForegroundColor Yellow + } +} +catch { + Write-Host "Error stopping TrGUI.exe: $($_)" -ForegroundColor Red +} + +# --- Restart services if needed --- +$services = @("EPWD", "TracSrvWrapper") + +if ($restartNeeded) { + foreach ($svc in $services) { + try { + Write-Host "Restarting service $svc ..." -ForegroundColor Cyan + if (Get-Service -Name $svc -ErrorAction SilentlyContinue) { + Restart-Service -Name $svc -Force -ErrorAction Stop + Write-Host "Service $svc restarted successfully." -ForegroundColor Green + } else { + Write-Host "Service $svc not found." -ForegroundColor Yellow + } + } + catch { + Write-Host "Failed to restart ${svc}: $($_)" -ForegroundColor Red + } + } +} else { + Write-Host "No service restart required (registry already correct)." -ForegroundColor Cyan +} + +# --- Restart TrGUI.exe --- +try { + $trguiPath = "C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe" + if (Test-Path $trguiPath) { + Write-Host "Starting TrGUI.exe ..." -ForegroundColor Cyan + Start-Process -FilePath $trguiPath + Write-Host "TrGUI.exe started successfully." -ForegroundColor Green + } else { + Write-Host "TrGUI.exe not found at expected path: $trguiPath" -ForegroundColor Yellow + } +} +catch { + Write-Host "Error starting TrGUI.exe: $($_)" -ForegroundColor Red +} + +Write-Host "`nAll tasks completed successfully." -ForegroundColor Cyan + +# --- Wait for user input before closing --- +Write-Host "`nPress any key to exit..." +[void][System.Console]::ReadKey($true) \ No newline at end of file diff --git a/gp-scripts/checkpoint_SecuRemote.ps1 b/gp-scripts/checkpoint_SecuRemote.ps1 new file mode 100644 index 0000000..b3bb376 --- /dev/null +++ b/gp-scripts/checkpoint_SecuRemote.ps1 @@ -0,0 +1,106 @@ +# ==================================================================================== +# Check Point SecuRemote Configuration Script +# - Ensures client_sub_type = "SecuRemote" +# - Restarts EPWD and TracSrvWrapper services +# - Restarts TrGUI.exe +# - Self-elevates to Administrator if needed +# - Waits for key press before exit +# ==================================================================================== + +# --- Self-elevate if not running as Administrator --- +if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole( + [Security.Principal.WindowsBuiltInRole] "Administrator")) { + + Write-Host "Restarting script as Administrator..." -ForegroundColor Yellow + Start-Process powershell.exe -Verb RunAs -ArgumentList "-ExecutionPolicy Bypass -File `"$PSCommandPath`"" + exit +} + +# --- Registry configuration --- +$regPath = "HKLM:\SOFTWARE\WOW6432Node\CheckPoint\TRAC" +$name = "client_sub_type" +$value = "SecuRemote" +$restartNeeded = $false + +try { + Write-Host "Checking registry value $name in $regPath ..." -ForegroundColor Cyan + + if (-not (Test-Path $regPath)) { + Write-Host "Registry path does not exist, creating..." -ForegroundColor Yellow + New-Item -Path $regPath -Force | Out-Null + } + + $currentValue = (Get-ItemProperty -Path $regPath -Name $name -ErrorAction SilentlyContinue).$name + + if ($currentValue -eq $value) { + Write-Host "Registry already set to '$value'. No change needed." -ForegroundColor Green + } else { + Write-Host "Updating registry value from '$currentValue' to '$value'..." -ForegroundColor Yellow + Set-ItemProperty -Path $regPath -Name $name -Value $value -Type String + Write-Host "Registry value updated successfully." -ForegroundColor Green + $restartNeeded = $true + } +} +catch { + Write-Host "Error setting registry value: $($_)" -ForegroundColor Red + exit 1 +} + +# --- Stop TrGUI.exe if running --- +try { + $trgui = Get-Process -Name "TrGUI" -ErrorAction SilentlyContinue + if ($trgui) { + Write-Host "Stopping TrGUI.exe ..." -ForegroundColor Cyan + Stop-Process -Name "TrGUI" -Force + Start-Sleep -Seconds 2 + Write-Host "TrGUI.exe stopped." -ForegroundColor Green + } else { + Write-Host "TrGUI.exe not running." -ForegroundColor Yellow + } +} +catch { + Write-Host "Error stopping TrGUI.exe: $($_)" -ForegroundColor Red +} + +# --- Restart services if needed --- +$services = @("EPWD", "TracSrvWrapper") + +if ($restartNeeded) { + foreach ($svc in $services) { + try { + Write-Host "Restarting service $svc ..." -ForegroundColor Cyan + if (Get-Service -Name $svc -ErrorAction SilentlyContinue) { + Restart-Service -Name $svc -Force -ErrorAction Stop + Write-Host "Service $svc restarted successfully." -ForegroundColor Green + } else { + Write-Host "Service $svc not found." -ForegroundColor Yellow + } + } + catch { + Write-Host "Failed to restart ${svc}: $($_)" -ForegroundColor Red + } + } +} else { + Write-Host "No service restart required (registry already correct)." -ForegroundColor Cyan +} + +# --- Restart TrGUI.exe --- +try { + $trguiPath = "C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe" + if (Test-Path $trguiPath) { + Write-Host "Starting TrGUI.exe ..." -ForegroundColor Cyan + Start-Process -FilePath $trguiPath + Write-Host "TrGUI.exe started successfully." -ForegroundColor Green + } else { + Write-Host "TrGUI.exe not found at expected path: $trguiPath" -ForegroundColor Yellow + } +} +catch { + Write-Host "Error starting TrGUI.exe: $($_)" -ForegroundColor Red +} + +Write-Host "`nAll tasks completed successfully." -ForegroundColor Cyan + +# --- Wait for user input before closing --- +Write-Host "`nPress any key to exit..." +[void][System.Console]::ReadKey($true) \ No newline at end of file