deviceTRUST

Custom Properties Settings

The Custom Properties Settings defines scripts that can be launched during a session to determine additional properties of the local agent or remote device before the context is first evaluated.

Local Agent Custom Properties

When defined for the local agent, signed and trusted scripts are launched on Logon, Reconnect (or Unlock), and Service Start.

Custom Properties for the Local Agent

The following controls are available for the Local Agent:

Delay execution until properties are available - When checked, will execute the script after the all properties have been determined. The properties are available either from the Windows Registry, or as environment variables within the script.
Hash returned property values - When checked, any returned custom properties are converted to a SHA256 hash.
Persist custom properties across reconnects - When checked, the script is only evaluated on Logon and Service Start. Any custom properties that are created remain unchanged if a user Reconnects to a virtual session. When unchecked, any custom properties are discarded when the session is disconnected and the script is relaunched on a Reconnect.
Bypass Microsoft AppLocker policy - When checked, any PowerShell based Microsoft AppLocker rules are bypassed by the executed script.
Run as System - When checked, the script is launched as the System user. When unchecked, the script is launched as the user logging into the session.
Wait for the process to terminate up to timeout - Defines a timeout period after which the Logon or Reconnect process will no longer be held up if the script has not completed.

Remote Windows Device Custom Properties

When defined for the Remote Windows Device, signed and trusted scripts are launched on connecting Windows devices at the start of the virtual session.

Custom Properties for the Remote Windows Device

The following controls are available for the Remote Windows Device:

Hash returned property values - When checked, any returned custom properties are converted to a SHA256 hash.
Wait for the process to terminate up to timeout` - Defines a timeout period after which the process will no longer be held up if the script has not completed.

Remote Linux Device Custom Properties

When defined for the Remote Linux device, signed and trusted scripts are launched on connecting Linux based devices at the start of the virtual session.

Custom Properties for the Remote Linux Device

The following controls are available:

Hash returned property values - When checked, any returned custom properties are converted to a SHA256 hash.
Wait for the process to terminate up to timeout - Defines a timeout period after which the process will no longer be held up if the script has not completed.

Creating Custom Properties

Custom Properties scripts can create a custom property by writing either LOCAL_CUSTOM_<NAME>=<VALUE>, or REMOTE_CUSTOM_<NAME>=<VALUE> to the output. On Windows, this can be achieved by calling Write-Host in PowerShell. On Linux based clients, this can be achieved in bash using echo.

The following example demonstrates writing a custom property for the Local Windows Device:

` $exampleValue=$env:USERNAME Write-Host “LOCAL_CUSTOM_EXAMPLE=$exampleValue” `

The following example demonstrates writing a custom property for a Remote Windows Device:

` $exampleValue=$env:USERNAME Write-Host “REMOTE_CUSTOM_EXAMPLE=$exampleValue” `

The following example demonstrates writing a custom property for a Remote Linux Device:

#!/bin/bash echo REMOTE_CUSTOM_EXAMPLE=$(whoami)

Custom Properties scripts can stay resident in memory for the lifetime of the session, perhaps by entering a loop or by registering for events. Custom properties can be created in the usual way, or deleted by outputing DELETE LOCAL_CUSTOM_<NAME> or DELETE REMOTE_CUSTOM_<NAME>. After all properties are emitted to the output, a single line stating CONTINUE should be written to the output.

The Wait for the process to terminate up to timeout option should be unchecked for resident scripts. Any custom properties scripts that are still executing will be terminated when it is no longer needed.

Signing Custom Properties Scripts

Custom Properties scripts must be signed and trusted by the local or remote device that they execute on. Information about custom script signing can be found in the Custom Script Signing knowledge base article.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

Custom Properties Settings

Custom Properties Settings

Local Agent Custom Properties

Remote Windows Device Custom Properties

Remote Linux Device Custom Properties

Creating Custom Properties

Signing Custom Properties Scripts

In this article