Synchronizing Login Accounts

[[Br...]]

I have plants in multiple States that we keep networked and we have a centralized group of CMM Programmers that may need to access a machine that is not in their State via VNC.

I do not want to have each programmer need to have a different account set up on each machine. I need this managed as an administrator where I can duplicate all logins on all machines.

I can envision building a system where I create their accounts myself and update 1 machine, which then pushes its login files (aruser.0582 I believe) to all other CMM computers. But this falls apart as soon as a user somewhere wants to update their password and I don't know about it.

What solutions have others developed short of reverse engineering these credential files (or long of it) to wrestle control of the login system away from Zeiss and into the hands of sys admins where it belongs?

[[Ke...]]

you could make a c# program or maybe some batch file scripts.

find the last modified file and have it push to the other machines or have it auto send an email to let you know.

might want some safety's like, verifying file size before and after its sent to confirm the file transfer and maybe only have it check/ update when vwnt.exe process is not active

sloppy c# console code example(only checks two files for the last modified file location)

*would not use but gives you a rough idea*

using System;
using System.IO;

class Program
{
    static void Main()
    {
        string filePath1 = @"C:\path\to\your\file1.txt";
        string filePath2 = @"C:\path\to\your\file2.txt";

        string lastModifiedFile = GetLastModifiedFile(filePath1, filePath2);
        Console.WriteLine($"The last modified file is: {lastModifiedFile}");
    }

    static string GetLastModifiedFile(string filePath1, string filePath2)
    {
        FileInfo fileInfo1 = new FileInfo(filePath1);
        FileInfo fileInfo2 = new FileInfo(filePath2);

        if (!fileInfo1.Exists && !fileInfo2.Exists)
        {
            return "Neither file exists.";
        }

        if (!fileInfo1.Exists)
        {
            return $"{fileInfo2.FullName} (only this file exists)";
        }

        if (!fileInfo2.Exists)
        {
            return $"{fileInfo1.FullName} (only this file exists)";
        }

        return fileInfo1.LastWriteTime > fileInfo2.LastWriteTime
            ? fileInfo1.FullName
            : fileInfo2.FullName;
    }
}

[[Br...]]

Thanks Kevin. It does seem like this is the best way to go.

[[Br...]]

Success!

If someone is interested in duplicating this solution ...

I created a service on each Calypso computer that pushes updates to a server when changes are detected in the file:
"C:\Users\Public\Documents\ZEISS\CALYPSO\config\values"

The server then grabs that file in addition to the full contents of the folder from that computer:
"C:\ProgramData\ZEISS\CALYPSO 7.8\users\*"

Then pushes those same files/folder tree out to other Zeiss computers. If CALYPSOMonitor is running on a computer that receive updates, they get a pop-up message telling them to log off before making any user account changes.

Backups of each change are zipped so that if a mistake occurs, I can restore any stable point.