Using the xml schema, Examples – Lenovo ThinkVantage (Client Security Solution 8.21) User Manual
Page 30
Using the XML Schema
The purpose of the XML scripting is to enable IT administrators to create custom scripts that can be used
to deploy and configure Client Security Solution. The scripts can be protected by the xml_crypt_tool
executable with a password such as AES encryption. Once created, the virtual machine (vmserver.exe)
accepts the scripts as input. The virtual machine calls the same functions as the Client Security Solution
Setup Wizard to configure the software.
All of the scripts consist of one tag to specify the XML encoding type, the XML schema, and at least one
function to perform. The schema is used to validate the XML file and check to see that the required
parameters are present. The use of schema is not currently enforced. Each function is enclosed in a function
tag. Each function contains an order, this specifies in what order the command will be executed by the
virtual machine (vmserver.exe). Each function has a version number as well; currently all of the functions
are at version 1.0. Each of the example scripts below only contain one function. However, a practice a
script would most likely contain multiple functions. The Client Security Solution Setup Wizard can be
used to create such a script. For additional information about creating scripts with the setup wizard, see
“Client Security Solution setup wizard” on page 34.
Note: If the parameter <DOMAIN_NAME_PARAMETER> is left out in any of the functions that require a
domain name, then the default computer name of the system will be used.
Examples
The following commands are examples of the XML Schema:
ENABLE_TPM_FUNCTION
This command enables the Trusted Platform Module and uses the argument SYSTEM_PAP. If the system
already has a BIOS administrator or supervisor password set, then this argument must be provided.
Otherwise, this command is optional.
<tvt_deployment xmlns ="http://www.lenovo.com"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance " xsi:schemaLocation="
http://www.lenovo.com cssDeploy.xsd">
< registry_settings />
< /tvt_deployment >
<FUNCTION>
<ORDER>0001</ORDER>
<COMMAND>ENABLE_TPM_FUNCTION</COMMAND>
<VERSION>1.0</VERSION>
<SYSTEM_PAP>PASSWORD</SYSTEM_PAP>
</FUNCTION>
</CSSFile>
Note: This command is not supported in the emulation mode.
DISABLE_TPM_FUNCTION
This command uses the argument SYSTEM_PAP. If the system already has a BIOS administrator or
supervisor password set, then this argument must be provided. Otherwise, this command is optional.
<tvt_deployment xmlns ="http://www.lenovo.com"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance " xsi:schemaLocation="
http://www.lenovo.com cssDeploy.xsd">
< registry_settings />
< /tvt_deployment
<FUNCTION>
<ORDER>0001</ORDER>
<COMMAND>DISABLE_TPM_FUNCTION</COMMAND>
<VERSION>1.0</VERSION>
24
Client Security Solution 8.21Deployment Guide