# SolidWorks Privacy Lockdown **Author:** Atomaste Solution **Purpose:** Block telemetry while preserving license transfer functionality ## Overview This solution blocks all telemetry, analytics, and unnecessary communications from SolidWorks to Dassault Systèmes servers while preserving the ability to: - Activate licenses - Deactivate licenses - Transfer licenses between machines ## Quick Start ### Preview Changes (Dry Run - RECOMMENDED FIRST) ```powershell # Open PowerShell as Administrator, then run: cd "C:\Users\antoi\SERVtomaste\Solidworks Licenses\scripts" .\00-install-privacy-lockdown.ps1 -DryRun ``` This shows exactly what would be changed **without modifying anything**. A report is generated. ### Install (Apply All Protections) ```powershell .\00-install-privacy-lockdown.ps1 ``` ### Uninstall (Remove All Protections) ```powershell .\00-install-privacy-lockdown.ps1 -Undo ``` ### Verify Status ```powershell .\05-verify-lockdown.ps1 -Detailed ``` ## Reports Every run generates a detailed report in `scripts/reports/`: ``` scripts/reports/ └── lockdown-report_2024-01-15_14-30-00.txt ``` ### Report Contents - **System State Before**: What was present before any changes - **Changes Made**: Every modification with before/after values - **Summary**: Count of changes by category (hosts, services, firewall, registry) ### Example Report Output ``` ================================================================================ SOLIDWORKS PRIVACY LOCKDOWN REPORT Generated: 2024-01-15 14:30:00 Computer: WORKSTATION-01 User: Antoine Mode: INSTALL ================================================================================ SYSTEM STATE BEFORE CHANGES [BEFORE] Hosts file: No SolidWorks block found [BEFORE] Services: No SolidWorks services found [BEFORE] Firewall: No SolidWorks Privacy rules found HOSTS FILE MODIFICATIONS [CHANGE] BLOCKED: telemetry.solidworks.com -> 127.0.0.1 [CHANGE] BLOCKED: analytics.3ds.com -> 127.0.0.1 ... CHANGES SUMMARY HOSTS FILE CHANGES (18) SERVICES CHANGES (0) FIREWALL CHANGES (0) REGISTRY CHANGES (0) TOTAL CHANGES: 18 ================================================================================ ``` ## What Gets Blocked ### Domains (via hosts file) | Domain | Purpose | Status | |--------|---------|--------| | telemetry.solidworks.com | Telemetry | BLOCKED | | analytics.3ds.com | Analytics | BLOCKED | | collect.3ds.com | Data collection | BLOCKED | | update.solidworks.com | Auto-updates | BLOCKED | | api.3ds.com | 3DEXPERIENCE API | BLOCKED | | swym.3ds.com | Social/community | BLOCKED | | sentry.io | Error tracking | BLOCKED | | o136956.ingest.sentry.io | Error tracking | BLOCKED | ### Services Disabled - SOLIDWORKS Update Publisher Service - SolidWorks Background Downloader - Any 3DEXPERIENCE background services ### Firewall Rules - Block outbound for: Update executables, Task schedulers, Downloaders - Allow outbound for: SLDWORKS.exe (main app), License wizard ### Registry Settings - Customer Experience Improvement Program: Disabled - Auto Check for Updates: Disabled - Send Usage Statistics: Disabled - 3DEXPERIENCE Integration: Disabled - Background Downloader: Disabled ## What Remains Accessible (Licensing) | Domain | Purpose | Status | |--------|---------|--------| | activation.solidworks.com | License activation | ALLOWED | | license.solidworks.com | License server | ALLOWED | | licensing.solidworks.com | License management | ALLOWED | ## Scripts Reference | Script | Purpose | |--------|---------| | `00-install-privacy-lockdown.ps1` | Master installer (runs all scripts) | | `01-block-telemetry-hosts.ps1` | Modifies hosts file | | `02-disable-services.ps1` | Disables Windows services | | `03-configure-firewall.ps1` | Creates firewall rules | | `04-disable-telemetry-registry.ps1` | Modifies registry settings | | `05-verify-lockdown.ps1` | Verifies lockdown status | ## Individual Script Usage Each script supports: - `-Undo` : Reverse the changes - `-ListOnly` : Preview changes without applying (where applicable) ### Examples ```powershell # Preview what hosts file changes would be made .\01-block-telemetry-hosts.ps1 -Undo # to remove .\01-block-telemetry-hosts.ps1 # to apply # List services without modifying .\02-disable-services.ps1 -ListOnly # Preview firewall rules .\03-configure-firewall.ps1 -ListOnly # Check current registry settings .\04-disable-telemetry-registry.ps1 -ListOnly ``` ## Troubleshooting ### License Activation Fails 1. Verify licensing domains are accessible: ```powershell nslookup activation.solidworks.com nslookup license.solidworks.com ``` 2. Temporarily remove hosts file block: ```powershell .\01-block-telemetry-hosts.ps1 -Undo ``` 3. Complete license operation, then re-apply: ```powershell .\01-block-telemetry-hosts.ps1 ``` ### SolidWorks Won't Launch 1. Run verification: ```powershell .\05-verify-lockdown.ps1 -Detailed ``` 2. Check if any critical service was disabled: ```powershell .\02-disable-services.ps1 -ListOnly ``` 3. Restore all settings: ```powershell .\00-install-privacy-lockdown.ps1 -Undo ``` ### Re-run After First SolidWorks Launch Some registry settings only appear after SolidWorks runs for the first time. After initial launch: ```powershell .\04-disable-telemetry-registry.ps1 ``` ## Backup Locations | Component | Backup Location | |-----------|-----------------| | Hosts file | `C:\Windows\System32\drivers\etc\hosts.backup.solidworks` | | Services | `%USERPROFILE%\solidworks-services-backup.json` | | Registry | `%USERPROFILE%\solidworks-registry-backup.reg` | ## Reverting Changes ### Complete Removal ```powershell .\00-install-privacy-lockdown.ps1 -Undo ``` ### Individual Components ```powershell .\01-block-telemetry-hosts.ps1 -Undo # Remove hosts entries .\02-disable-services.ps1 -Undo # Restore services .\03-configure-firewall.ps1 -Undo # Remove firewall rules .\04-disable-telemetry-registry.ps1 -Undo # Restore registry ``` ## Testing License Transfer After applying the lockdown, verify license operations work: 1. **In SolidWorks:** Help > Transfer License > Deactivate 2. Wait for confirmation 3. Help > Transfer License > Activate on new machine If this fails, the hosts file may be blocking a required domain. Check verification script output. ## Installation Log - ANTOINETHINKPAD **Date:** 2025-12-23 20:18:01 **Computer:** ANTOINETHINKPAD **SolidWorks Version:** SOLIDWORKS 2026 ### Changes Applied (22 total) #### Hosts File (18 domains blocked) ``` 127.0.0.1 api.3ds.com 127.0.0.1 www.3ds.com 127.0.0.1 swym.3ds.com 127.0.0.1 iam.3ds.com 127.0.0.1 cas.3ds.com 127.0.0.1 eu1-ds-iam.3dexperience.3ds.com 127.0.0.1 eu1-ds.3dexperience.3ds.com 127.0.0.1 update.solidworks.com 127.0.0.1 www.solidworks.com 127.0.0.1 sentry.io 127.0.0.1 o136956.ingest.sentry.io 127.0.0.1 telemetry.solidworks.com 127.0.0.1 analytics.3ds.com 127.0.0.1 collect.3ds.com 127.0.0.1 ifwe.3ds.com 127.0.0.1 eu1-ifwe.3dexperience.3ds.com 127.0.0.1 passport.3ds.com 127.0.0.1 3dswym.3ds.com ``` #### Services - **SolidWorks Licensing Service** - Preserved (Manual startup) - required for licensing #### Registry (4 settings disabled) - CEIP (Customer Experience Improvement Program) → 0 - Auto Check for Updates → 0 - Analytics → 0 - Telemetry → 0 #### Backups Created - Hosts file: `C:\Windows\System32\drivers\etc\hosts.backup.solidworks.2025-12-23_20-18-01` - Services: `C:\Users\antoi\solidworks-services-backup.json` #### Full Report See: `scripts/reports/lockdown-report_2025-12-23_20-18-01.txt` ## Notes - All changes persist across reboots - No third-party software required - Uses only native Windows features (hosts, services, firewall, registry) - Administrator privileges required for all operations - Changes are fully reversible