cancel
Showing results for 
Search instead for 
Did you mean: 

Duplicate computer names in Epo 4.6 for non-persistent vdi desktops

We’re testing Mcafee Move with Citrix Xendesktop non-persistent desktops.

Mcafee Move works fine, but because the guid of the Mcafee agent is generated every time when a non-persistent desktop restarts we end up with duplicate computer names in Epo 4.6.

The computer entries eventually end up in the inactive agents group, but is there a better automated solution?

6 Replies

Re: Duplicate computer names in Epo 4.6 for non-persistent vdi desktops

I am having the same issue Frank.

andrep1
Level 14
Report Inappropriate Content
Message 3 of 7

Re: Duplicate computer names in Epo 4.6 for non-persistent vdi desktops

You could have a server task run every hous to delete systems identified by a query where you filter on system name "is duplicated" and last communication "is not within" whatever interval you set...

Here's a sample query to do it (save as an .xml and import the definition in queries):

- <queries>

- <query>

<name language="en">test</name>

<description language="en" />

<property name="target">EPOLeafNode</property>

<property name="tableURI">query:table?orion.table.columns=EPOLeafNode.NodeName%3AEPOLeafNode.LastUpdate&orion.table.order.by=EPOLeafNode.NodeName&orion.table.order=asc</property>

<property name="conditionURI">query:condition?orion.condition.sexp=%28+where+%28+and+%28+duplicatedComputerName+EPOLeafNode.NodeName+%29+%28+olderThan+EPOLeafNode.LastUpdate+604800000++%29+%29+%29</property>

<property name="summaryURI">query:summary?orion.sum.query=false&orion.query.type=table.table</property>

</query>

</queries>

mirelp
Level 7
Report Inappropriate Content
Message 4 of 7

Re: Duplicate computer names in Epo 4.6 for non-persistent vdi desktops

I'm having exactly the same issue. The MAC address and system name are persistent on the VM but Agent GUID changes on each reboot. This works fine in most cases (as MAC is the same so ePo knows it's the same system) except when a machine reboots twice within a short period of time.

Let's take this scenario when a VM is up and running and ePo has all the correct info about the VM: hostname, MAC address and AgentGUID

1. VM is rebooted - Agent GUID is changed, hostname and MAC are the same

2. VM McAfee agent will check in to ePo and report the new Agent GUID - ePo AgentGUID is updated (as expected)

3. A few minutes later for some reason, VM MAC field is cleared on ePO (Why??) - MAC address has not been changed (NOT EXPECTED)

If VM is rebooted again (when ePO MAC is empty) it will cause a duplication and VM will be added to ePO Lost & Found container. If instead you wait an hour or so before rebooting the VM, MAC address is already updated on ePO and no duplication occurs.

In a prod environment with many users, VMs can be rebooted in a short period of time and this will cause issues. If the duplicated machine is placed in Lost and Found, a different policy will be applied from ePO. In my case, I use tags to mark MOVE machines and apply policies like MOVE offload server address or to disable the install of full AV client.

In conclusion, it is critical for us not to have duplications and to have the systems placed in the correct OU container.

Andre, thank you for posting the script - I will try to see if this helps. Can you please let me know if there is a way to also move the duplicated machine to the correct OU container (let's say if IP address matches an IP range move  system to  "Virtual Desktop" OU)?

How do you find the performance of MOVE?

Thank you

FYI: ePO 4.6, McAfee Agent 4.6, MOVE 2.0. Virtual Desktops are hosted on Hyper-V and VMs are Windows 7 and provisioned by Xen Desktop

Message was edited by: mirelp on 31/12/11 13:14:11 CST

Message was edited by: mirelp on 31/12/11 13:17:47 CST

Re: Duplicate computer names in Epo 4.6 for non-persistent vdi desktops

Hi:

Can you send me the query xml,  i have duplicated computers and I want to used your query.  Thanks

Message was edited by: maritereperez on 3/23/12 7:59:50 AM CDT

Re: Duplicate computer names in Epo 4.6 for non-persistent vdi desktops

Hi Frank,

This was a complete pain in the backside for us to get working, but we seem to have it nailed now. We basically had to come up with a script that clears out the values cached in the registry by the ePO agent and writes in a GUID based on the hostname (since the MAC address *could* change between reboots, this is the safest way for us). You need to set this up as a Machine Startup Script on your gold master via gpedit.msc and change the McAfee Framework Service to Manual start through services.msc. When the service starts up, it'll collate the missing information (MAC address, IP address etc) and will check into ePO. Because the GUID is being generated from the hostname every startup, before the ePO agent is loaded, it will always have the same GUID and will prevent ePO duplicates.

Depending on the structure of your hostnames, you may wish to change "hostnameClean = Right(hostname,13)" to "hostnameClean = Left(hostname,13)" if the first 13 characters are more likely to be unique in your environment.

Environment:

VMware vSphere 4

Citrix PVS 5.1

Citrix XenDesktop 3.0

McAfee ePO 4.6

McAfee MOVE AV 2.0

----------------------------------------------------------------------------------------------------------------------------------------------------------------

Start guidgen.vbs

----------------------------------------------------------------------------------------------------------------------------------------------------------------

Option Explicit

'Don't modify these values

Const HKEY_LOCAL_MACHINE = &H80000002

Dim AgentConfigValues

Dim ComputerInfo, WindowsRegistry, WMIServices, WindowsServices, McAfeeService

Set ComputerInfo = CreateObject("WinNTSystemInfo")

Set WindowsRegistry = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\defaultSmiley FrustratedtdRegProv")

Set WMIServices = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")

Set WindowsServices = WMIServices.ExecQuery("Select * from Win32_Service Where Name ='" & AgentServiceName & "'")

Dim hostname, hostnameClean, pad, padAmount, guidText, guidHex, hexChar, position, agentValue

'Configuration Options

'Registry key storing the ePO Agent settings and cached values

Const AgentConfigKey = "SOFTWARE\Network Associates\ePolicy Orchestrator\Agent"

'Service name (as stored in the registry) for the ePO service

Const AgentServiceName = "McAfeeFramework"

'Array of values to be deleted to ensure a fresh start when the ePO Agent loads

AgentConfigValues = Array("ComputerName","IPAddress","IPHostName","LoggedOnUser","MacAddress","SubnetAddress","SubnetMask")

'Working logic begins here

'Get the hostname in UPPER CASE

hostname = Ucase(ComputerInfo.ComputerName)

'Remove any hyphens

hostnameClean = Replace(hostname,"-","")

'Check the length of the hostname:

If Len(hostnameClean) > 13 Then

          'If it is more than 13 digits long, take the last 13 digits (most likely to be unique)

          hostnameClean = Right(hostname,13)

ElseIf Len(hostnameClean) < 13 Then

          'If it is less than 13 digits long, pad the beginning with spaces

          'Work out how much padding is required

          padAmount = 13 - Len(hostnameClean)

          For pad = 1 to padAmount

    'Add a space to the front of the string

    hostnameClean = " " & hostnameClean

          Next

End If

'Prefix the cleaned hostname with "EPO"

guidText = "EPO" & hostnameClean

'Start the GUID with a brace

guidHex = "{"

'For each character in the cleaned hostname with EPO prefixed

For position = 1 to 16

          'Convert the next character to Hex

          hexChar = Hex(Asc(Mid(guidText,position,1)))

          'Check the length:

          If Len(hexChar) = 2 Then

    'If it is two characters long, append it to the GUID

    guidHex = guidHex & hexChar

          ElseIf Len(hexChar) = 1 Then

    'If it is one character long, append a 0 and the new character to the GUID

    guidHex = guidHex & "0" & hexChar

          Else

    'If it is three characters long (shouldn't happen!), append the last two characters to the GUID

    guidHex = Right(hexChar,2)

          End If

          'Add in hyphens after the correct number of characters (each string character is 2 hex characters)

          Select Case position

    Case 4

      guidHex = guidHex & "-"

    Case 6

      guidHex = guidHex & "-"

    Case 8

      guidHex = guidHex & "-"

    Case 10

      guidHex = guidHex & "-"

          End Select

Next

'End the GUID with a brace

guidHex = guidHex & "}"

'Remove existing configuration values

For Each agentValue In AgentConfigValues

          WindowsRegistry.DeleteValue HKEY_LOCAL_MACHINE,AgentConfigKey,agentValue

Next

'Set new AgentGUID and correct ComputerName

WindowsRegistry.SetStringValue HKEY_LOCAL_MACHINE,AgentConfigKey,"AgentGUID",guidHex

WindowsRegistry.SetStringValue HKEY_LOCAL_MACHINE,AgentConfigKey,"ComputerName",hostname

'Start the ePO Agent

For Each McAfeeService in WindowsServices

          McAfeeService.StartService()

Next

'Done!

----------------------------------------------------------------------------------------------------------------------------------------------------------------

End guidgen.vbs

----------------------------------------------------------------------------------------------------------------------------------------------------------------

Hope this helps...

Message was edited by: craigg.barr on 07/03/12 03:36:33 CST

Re: Duplicate computer names in Epo 4.6 for non-persistent vdi desktops

Hi,

We're using VDI automated pools and McAfee agent 4.6 with VSE 8.7. In ePO I had duplicate hosts because the McAfee agent GUID and MAC address change when the client is being reprovisioned on logoff/reboot/shutdown. To bypass this issue and keep the threat history data of the clients, we wrote an autoit script which exports/imports the agent GUID, sequence number and the agent's ssl private/public key files when the vdi client shuts down or starts up. We invoke the script using a GPO startup/shutdown logon script. Without copying the agent's ssl key files we had the issue that the clients did not communicate with the ePO after they have been reprovisioned.

So far this works well in our situation. This way we don't need to run queries/tasks on ePO to remove duplicate systems.

To use the script you may follow these steps.

  1. Download autoit from www.autoitscript.com
  2. To simplify maintenance and have the logfiles centrally, we created an network share with modify rights for everyone (you may restrict it to the computers running vdi)
  3. Create the following subfolders
    \config
    \log
    \scripts
  4. Copy and Paste the code below to a file called "ConfigureMcAfee.au3".
  5. Compile the script using Autoit and copy the exe to the "scripts" directory.
  6. Disable the access protection policy setting "Prevent McAfee services from being stopped" for the VDI clients
  7. Create a GPO, assign it to the VDI clients and add a startup/shutdown script
    Parameters for Shutdown: \\<server>\<share>\scripts\ConfigureMcAfee.exe shutdown
    Parameters for Startup: \\<server>\<share>\scripts\ConfigureMcAfee.exe startup

regards,
Nik

And here's the code:


#cs ---------------------------------------------------------------------------------------

  AutoIt Version: 3.2.2.0
  Author:         BN95

  Revision: 20.02.2012/BN95: initial version
                02.08.2012/BN95: export/import agent private/public keys also to prevent HTTP 502 issues.

  Purpose:
  - export/import McAfee Agent GUID to network share to avoid duplicate VDI systems in ePO
 
#ce ---------------------------------------------------------------------------------------

;autoit options
AutoItSetOption("ExpandEnvStrings",1)
AutoItSetOption("TrayAutoPause",0)
AutoItSetOption("TrayMenuMode",1)
AutoItSetOption("MustDeclareVars",1)

;--------------------
;variable declaration
;--------------------

Global $bErrors        ;indicates whether errors occured
Dim $bLogInit        ;indicates whether logfile has been initialized
Dim $lf          ;handle to logfile

Dim $PackageName       ;name of the current package
Dim $userdomain        ;user's domain ("FACTORYXP", "PSICH")
Dim $logfile        ;full path to logfile
Dim $inifile        ;full path to inifile

Dim $RegBase        ;registry key path (e.g. HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall)
Dim $RegKeyName        ;registry key name (e.g. {26A24AE4-039D-4CA4-87B4-2F83216013FF})
Dim $RegValueName       ;registry value name (e.g. DisplayIcon)
Dim $RegValue        ;registry value (e.g. C:\Program Files\Java\...)
Dim $i, $j, $k        ;counters
Dim $iRet         ;return value
Dim $sOperation
Dim $bError

Dim $Timeout
Const $cTimeoutLimit = 30000    ;limit to wait for processes to close [ms]

Const $cFrameworkServiceName = "McAfeeFramework"
Const $cFrameworkServiceImage = "FrameworkService.exe"
Const $cMcShieldServiceName = "McShield"
Const $cMcShieldServiceImage = "McShield.exe"
Const $cWUService = "wuauclt"
Const $cMcAfeeAgentGUIDBase = "HKLM\SOFTWARE\Network Associates\ePolicy Orchestrator\Agent"
Const $cWUAgentGUIDBase = "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate"
Const $cMcAfeeAgentKeyStoreDir = "%ALLUSERSPROFILE%\Application Data\McAfee\Common Framework\keystore\"

Dim $ConfigDir

;--------------------------
;environment initialization
;--------------------------

$userdomain = EnvGet("USERDOMAIN")

;get command line arguments
If StringLen($CmdLineRaw) = "" Then
Msgbox(0x40010, @ScriptName, "Command line argument is not optional. Provide argument 'startup' or 'shutdown'.")
Exit(-1)
Endif

$ConfigDir = @ScriptDir & "\..\config\"
$inifile = $ConfigDir & @ComputerName & ".ini"

;determine operation mode
If StringLower(StringStripWS($CmdLineRaw,3)) = 'startup' Then
$logfile = @ScriptDir & "\..\log\" & @ComputerName & "-02-" & @UserName & "-startup.log"
$sOperation = "startup"
ElseIf StringLower(StringStripWS($CmdLineRaw,3)) = 'shutdown' Then
$logfile = @ScriptDir & "\..\log\" & @ComputerName & "-01-" & @UserName & "-shutdown.log"

$sOperation = "shutdown"
Else
Msgbox(0x40010, @ScriptName, "Invalid command line argument. Provide argument 'startup' or 'shutdown'.")
Exit(-1)
EndIf

;---------
;main code
;---------

;~ If StringMid(@ComputerName,8,1) = 7 Then
;~  ;only make changes on test pool, do not touch productive clients...
;~  WriteLog("Running on VDI test pool." & @CRLF & @CRLF)

;~ Else

If $sOperation = "startup" Then
  ;startup
 
  If FileExists($inifile) Then
   ;stop McAfee Agent if running
   WriteLog("Checking for running McAfee agent...")
   If ProcessExists($cFrameworkServiceImage) <> 0 Then
    WriteLog(@Tab & $cFrameworkServiceImage  & " is running.")
    WriteLog(@Tab & "Stopping " & $cFrameworkServiceName  & "...")
    $iRet = ShellExecuteWait(@SystemDir & "\net.exe", "stop " & $cFrameworkServiceName)
    If $iRet = 0 Then
     WriteLog(@Tab & @Tab & "Service successfully stopped.")
     WriteLog(@Tab & "Waiting for '" & $cFrameworkServiceImage & "' to disappear...")
     While ProcessExists ($cFrameworkServiceImage) <> 0 and $Timeout < $cTimeoutLimit
      Sleep(250)
      $Timeout = $Timeout + 250
     WEnd
     WriteLog(@Tab & @Tab &"Success.")
    Else
     WriteLog(@Tab & @Tab & "Failed to stop service.")
     $berror = true
    EndIf ;$iRet = 0
   
   Else
    WriteLog(@Tab & "McAfee agent service is not running.")
   EndIf ;ProcessExists($cFrameworkService) <> 0 Then
  
   ;stop McShield Service if running
   WriteLog("Checking for running McShield service...")
   If ProcessExists($cMcShieldServiceImage) <> 0 Then
    WriteLog(@Tab & $cMcShieldServiceImage  & " is running.")
    WriteLog(@Tab & "Stopping " & $cMcShieldServiceName  & "...")
    $iRet = ShellExecuteWait(@SystemDir & "\net.exe", "stop " & $cMcShieldServiceName)
    If $iRet = 0 Then
     WriteLog(@Tab & @Tab & "Service successfully stopped.")
     WriteLog(@Tab & "Waiting for '" & $cMcShieldServiceImage & "' to disappear...")
     While ProcessExists ($cMcShieldServiceImage) <> 0 and $Timeout < $cTimeoutLimit
      Sleep(250)
      $Timeout = $Timeout + 250
     WEnd
     WriteLog(@Tab & @Tab &"Success.")
    Else
     WriteLog(@Tab & @Tab & "Failed to stop service.")
     $berror = true
    EndIf ;$iRet = 0
   Else
    WriteLog(@Tab & "McShield service is not running.")
   EndIf ;ProcessExists($cFrameworkService) <> 0 Then
  
   WriteLog("Importing GUID's from inifile...")
   ;import McAfee Agent GUID from inifile
   $i = IniRead($inifile,"General","McAfeeAgentGUID","")
   If $i = "" Then
    WriteLog(@Tab & "Unable to parse McAfee Agent GUID from inifile.")
    $berror = true
   Else
    ;update Agent GUID
    WriteLog(@Tab & "Found McAfee Agent GUID: '" & $i & "'")
    WriteLog(@Tab & "Updating registry...")
   
    If RegWrite($cMcAfeeAgentGUIDBase,"AgentGUID","REG_SZ",$i) = 1 Then
     WriteLog(@Tab & @Tab & "success.")
    Else
     WriteLog(@Tab & @Tab & "failed.")
     $berror = true
    EndIf
   EndIf ;$i = "" Then
  
   ;import McAfee Agent Sequence Number from inifile
   $i = IniRead($inifile,"General","McAfeeSequenceNumber","")
   If $i = "" Then
    WriteLog(@Tab & "Unable to parse McAfee Agent Sequence Number from inifile.")
    $berror = true
   Else
    ;update Agent GUID
    WriteLog(@Tab & "Found McAfee Agent Sequence Number: '" & $i & "'")
    WriteLog(@Tab & "Updating registry...")
   
    If RegWrite($cMcAfeeAgentGUIDBase,"SequenceNumber","REG_DWORD",$i) = 1 Then
     WriteLog(@Tab & @Tab & "success.")
    Else
     WriteLog(@Tab & @Tab & "failed.")
     $berror = true
    EndIf
   EndIf ;$i = "" Then
  
   ;import agent private/public keys file
   WriteLog("Importing McAfee agent private key...")
   If FileExists($ConfigDir & @computername & "\" & "agentprvkey.bin") Then
    ;copy file to config dir
    If FileCopy($ConfigDir & @computername & "\" & "agentprvkey.bin", $cMcAfeeAgentKeyStoreDir, 1+8) = 1 Then
     WriteLog(@TAB & "Imported agent private key file successfully.")
    Else
     WriteLog(@TAB & "Error importing agent private key file.")
     $bError = true
    EndIf
   Else
    ;unable to locate agent key files
    WriteLog(@TAB & "Unable to locate agent key file at '" & $ConfigDir & @computername & "\" & "agentprvkey.bin', nothing to import")
   EndIf ;FileExists($ConfigDir & @computername & "\" & "agent*.bin") Then

   WriteLog("Importing McAfee agent public key...")
   If FileExists($ConfigDir & @computername & "\" & "agentpubkey.bin") Then
    ;copy file to config dir
    If FileCopy($ConfigDir & @computername & "\" & "agentpubkey.bin", $cMcAfeeAgentKeyStoreDir, 1+8) = 1 Then
     WriteLog(@TAB & "Imported agent public key file successfully.")
    Else
     WriteLog(@TAB & "Error importing agent public key file.")
     $bError = true
    EndIf
   Else
    ;unable to locate agent key files
    WriteLog(@TAB & "Unable to locate agent key file at '" & $ConfigDir & @computername & "\" & "agentpubkey.bin', nothing to import")
   EndIf ;FileExists($ConfigDir & @computername & "\" & "agent*.bin") Then

   ;starting McAfee McShield Service
   If ProcessExists($cMcShieldServiceImage) = 0 Then
    WriteLog("Starting " & $cMcShieldServiceName  & "...")
    $iRet = ShellExecuteWait(@SystemDir & "\net.exe", "start " & $cMcShieldServiceName)
    If $iRet = 0 Then
     WriteLog(@Tab & @Tab & "Service successfully started.")
    Else
     WriteLog(@Tab & @Tab & "Failed to start service (" & $iRet & ").")
     $berror = true
    EndIf ;$iRet = 0 Then
   Else
    WriteLog($cFrameworkServiceName  & " is already running.")
   EndIf ;ProcessExists($cFrameworkService) = 0 Then

   ;starting McAfee Agent
   If ProcessExists($cFrameworkServiceImage) = 0 Then
    WriteLog("Starting " & $cFrameworkServiceName  & "...")
    $iRet = ShellExecuteWait(@SystemDir & "\net.exe", "start " & $cFrameworkServiceName)
    If $iRet = 0 Then
     WriteLog(@Tab & @Tab & "Service successfully started.")
    Else
     WriteLog(@Tab & @Tab & "Failed to start service (" & $iRet & ").")
     $berror = true
    EndIf ;$iRet = 0 Then
   Else
    WriteLog($cFrameworkServiceName  & " is already running.")
   EndIf ;ProcessExists($cFrameworkService) = 0 Then
  Else
   WriteLog("Unable to locate inifile '" & $inifile & "'. Nothing to import.")
  EndIf ;FileExists($inifile) Then
Else
  ;shutdown
 
  ;export McAfee Agent GUID to inifile
  $i = RegRead($cMcAfeeAgentGUIDBase,"AgentGUID")
  If $i <> "" Then
   WriteLog("McAfeeAgentGUID: '" & $i & "'")
  Else
   WriteLog("Unable to read AgentGUID from registry.")
  EndIf
 
  WriteLog("Exporting GUID to inifile...")
  If IniWrite($inifile,"General","McAfeeAgentGUID",$i) = 1 Then
   WriteLog(@TAB & "success.")
  Else
   WriteLog(@Tab & @Tab & "failed.")
   $berror = true
  EndIf

  ;export McAfee Agent Sequence number to inifile
  $i = RegRead($cMcAfeeAgentGUIDBase,"SequenceNumber")
  If $i <> "" Then
   WriteLog("Sequence number: '" & $i & "'")
  Else
   WriteLog("Unable to read SequenceNumber from registry.")
  EndIf
 
  WriteLog("Exporting sequence number to inifile...")
  If IniWrite($inifile,"General","McAfeeSequenceNumber",$i) = 1 Then
   WriteLog(@TAB & "success.")
  Else
   WriteLog(@Tab & @Tab & "failed.")
   $berror = true
  EndIf
 
  ;export agent private/public keys file
  WriteLog("Exporting McAfee agent private/public keys...")
 
  If Not FileExists($ConfigDir & @computername & "\") Then
   WriteLog(@TAB & "Creating '" & $ConfigDir & @computername & "\" & "'...")
   If DirCreate($ConfigDir & @computername ) = 1 Then
    WriteLog(@TAB & @TAB & "success.")
   Else
    WriteLog(@TAB & @TAB & "failed.")
    $bError = true
   EndIf ;DirCreate($ConfigDir & @computername ) = 1 Then
  EndIf ;Not FileExists($ConfigDir & @computername & "\") Then
 
  If $bError = False Then
   If FileExists($cMcAfeeAgentKeyStoreDir & "agent*.bin") Then
    ;copy file to config dir
    If FileCopy($cMcAfeeAgentKeyStoreDir & "agent*.bin", $ConfigDir & @computername & "\", 1+8) = 1 Then
     WriteLog(@TAB & "Exported agent key files successfully.")
    Else
     WriteLog(@TAB & "Error exporting agent key files.")
     $bError = true
    EndIf ;FileCopy($cMcAfeeAgentKeyStoreDir & "agent*.bin", $ConfigDir & @computername & "\", 1+8) = 1 Then
   Else
    ;unable to locate agent key files
    WriteLog(@TAB & "Unable to locate agent key files at '" & $cMcAfeeAgentKeyStoreDir & "', nothing to export")
   EndIf ;FileExists($cMcAfeeAgentKeyStoreDir & "agent*.bin") Then
  Endif ;$bError = False Then
  
EndIf ;If $sOperation = "startup" Then

;~ 
;~ Else
;~  WriteLog("Running on VDI productional pool. No changes will be done." & @CRLF)
;~ EndIf

If $bErrors then
;return "Fatal error during install operation."
QuitScript(1603,false)
Else
QuitScript(0,false)
EndIf

;---
;END
;---

;--------------------------------------------------------------------------------------------------------------------------------------------------------

Func QuitScript($returnCode, $bSilent)
If not $bSilent then WriteLog ("Exiting script (" & $returnCode & ").")
Exit($returnCode)
EndFunc

;--------------------------------------------------------------------------------------------------------------------------------------------------------

Func Now()
Return "[" & @MDAY & "." & @MON & "." & @YEAR & " " & @HOUR & ":" & @MIN & ":" & @SEC & "]"
EndFunc

;--------------------------------------------------------------------------------------------------------------------------------------------------------

Func WriteLog($Line)
If Not $bLogInit Then
  ;create/clear logfile
  $lf = FileOpen($Logfile,8+2)
  FileWriteLine ($lf, @CRLF & @CRLF & "------------------------------------------------------------------------------------------------")
  FileWriteLine ($lf, Now() & " " & @ScriptName & " running as " &$userdomain & "\"  & @UserName & " on computer " & @ComputerName)
  FileWriteLine ($lf, Now() & " AutoIt version " & @AutoItVersion & " running from " & @ScriptDir & @CRLF & @CRLF)
  $bLogInit = true
Else
  ;append to logfile
  $lf = FileOpen($Logfile,1)
EndIf

FileWriteLine($lf, Now() & @TAB & $Line)
FileClose($lf)
EndFunc

;--------------------------------------------------------------------------------------------------------------------------------------------------------
;--------------------------------------------------------------------------------------------------------------------------------------------------------