Anto01
57bcfa4a9a
- Add Solidworks license files and install guides - Add PowerShell privacy lockdown scripts for Solidworks telemetry - Add Siemens License Server v5.1 binary for NX - Update DALIDOU-SERVER.md with storage layout, backup system, and DNS fixes - Add MEGA-PLAN-BRAIN-SYSTEM.md for unified knowledge management - Add Claude Code local settings 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
282 lines
9.5 KiB
PowerShell
282 lines
9.5 KiB
PowerShell
#Requires -RunAsAdministrator
|
|
<#
|
|
.SYNOPSIS
|
|
Verifies that SolidWorks privacy lockdown is properly configured.
|
|
|
|
.DESCRIPTION
|
|
Checks all components of the privacy lockdown:
|
|
- Hosts file entries
|
|
- Disabled services
|
|
- Firewall rules
|
|
- Registry settings
|
|
- Licensing server connectivity
|
|
|
|
.NOTES
|
|
Author: Atomaste Solution
|
|
Requires: Administrator privileges
|
|
#>
|
|
|
|
param(
|
|
[switch]$Detailed # Show detailed information for each check
|
|
)
|
|
|
|
$script:passed = 0
|
|
$script:failed = 0
|
|
$script:warnings = 0
|
|
|
|
function Write-Check {
|
|
param(
|
|
[string]$Name,
|
|
[string]$Status, # PASS, FAIL, WARN
|
|
[string]$Message
|
|
)
|
|
|
|
$icon = switch ($Status) {
|
|
"PASS" { "[OK]"; $color = "Green"; $script:passed++ }
|
|
"FAIL" { "[!!]"; $color = "Red"; $script:failed++ }
|
|
"WARN" { "[??]"; $color = "Yellow"; $script:warnings++ }
|
|
default { "[--]"; $color = "Gray" }
|
|
}
|
|
|
|
Write-Host " $icon " -ForegroundColor $color -NoNewline
|
|
Write-Host "$Name" -ForegroundColor White -NoNewline
|
|
if ($Message) {
|
|
Write-Host " - $Message" -ForegroundColor Gray
|
|
} else {
|
|
Write-Host ""
|
|
}
|
|
}
|
|
|
|
function Test-HostsFile {
|
|
Write-Host "`n=== HOSTS FILE CHECK ===" -ForegroundColor Cyan
|
|
|
|
$hostsPath = "C:\Windows\System32\drivers\etc\hosts"
|
|
$content = Get-Content $hostsPath -Raw -ErrorAction SilentlyContinue
|
|
|
|
$markerStart = "# === SOLIDWORKS TELEMETRY BLOCK START ==="
|
|
|
|
if ($content -match [regex]::Escape($markerStart)) {
|
|
Write-Check -Name "Telemetry block installed" -Status "PASS"
|
|
} else {
|
|
Write-Check -Name "Telemetry block installed" -Status "FAIL" -Message "Block not found in hosts file"
|
|
}
|
|
|
|
# Check specific domains
|
|
$telemetryDomains = @(
|
|
"telemetry.solidworks.com",
|
|
"analytics.3ds.com",
|
|
"collect.3ds.com",
|
|
"update.solidworks.com"
|
|
)
|
|
|
|
foreach ($domain in $telemetryDomains) {
|
|
if ($content -match "127\.0\.0\.1\s+$([regex]::Escape($domain))") {
|
|
if ($Detailed) {
|
|
Write-Check -Name " $domain" -Status "PASS" -Message "Blocked"
|
|
}
|
|
} else {
|
|
Write-Check -Name " $domain" -Status "WARN" -Message "Not blocked"
|
|
}
|
|
}
|
|
}
|
|
|
|
function Test-LicensingConnectivity {
|
|
Write-Host "`n=== LICENSING SERVER CHECK ===" -ForegroundColor Cyan
|
|
|
|
$licensingDomains = @(
|
|
"activation.solidworks.com",
|
|
"license.solidworks.com",
|
|
"licensing.solidworks.com"
|
|
)
|
|
|
|
foreach ($domain in $licensingDomains) {
|
|
try {
|
|
$dns = Resolve-DnsName -Name $domain -Type A -ErrorAction Stop -DnsOnly
|
|
if ($dns) {
|
|
Write-Check -Name "$domain" -Status "PASS" -Message "Reachable ($($dns[0].IPAddress))"
|
|
}
|
|
} catch {
|
|
Write-Check -Name "$domain" -Status "FAIL" -Message "Cannot resolve DNS"
|
|
}
|
|
}
|
|
}
|
|
|
|
function Test-Services {
|
|
Write-Host "`n=== SERVICES CHECK ===" -ForegroundColor Cyan
|
|
|
|
$services = Get-Service -DisplayName "*SOLIDWORKS*" -ErrorAction SilentlyContinue
|
|
|
|
if (-not $services -or $services.Count -eq 0) {
|
|
Write-Check -Name "SolidWorks services" -Status "PASS" -Message "No services found/installed"
|
|
return
|
|
}
|
|
|
|
foreach ($svc in $services) {
|
|
$isUpdateService = $svc.DisplayName -match "update|download|background"
|
|
|
|
if ($isUpdateService) {
|
|
if ($svc.StartType -eq "Disabled") {
|
|
Write-Check -Name $svc.DisplayName -Status "PASS" -Message "Disabled"
|
|
} else {
|
|
Write-Check -Name $svc.DisplayName -Status "WARN" -Message "Should be disabled ($($svc.StartType))"
|
|
}
|
|
} else {
|
|
if ($Detailed) {
|
|
Write-Check -Name $svc.DisplayName -Status "PASS" -Message "$($svc.StartType) (kept)"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
function Test-FirewallRules {
|
|
Write-Host "`n=== FIREWALL RULES CHECK ===" -ForegroundColor Cyan
|
|
|
|
$rulePrefix = "SolidWorks Privacy - "
|
|
$rules = Get-NetFirewallRule -DisplayName "$rulePrefix*" -ErrorAction SilentlyContinue
|
|
|
|
if (-not $rules) {
|
|
Write-Check -Name "Firewall rules" -Status "WARN" -Message "No SolidWorks firewall rules found"
|
|
return
|
|
}
|
|
|
|
$blockRules = $rules | Where-Object { $_.Action -eq "Block" }
|
|
$allowRules = $rules | Where-Object { $_.Action -eq "Allow" }
|
|
|
|
Write-Check -Name "Block rules configured" -Status "PASS" -Message "$($blockRules.Count) rule(s)"
|
|
Write-Check -Name "Allow rules configured" -Status "PASS" -Message "$($allowRules.Count) rule(s)"
|
|
|
|
if ($Detailed) {
|
|
foreach ($rule in $rules) {
|
|
$status = if ($rule.Enabled -eq "True") { "Active" } else { "Disabled" }
|
|
Write-Check -Name " $($rule.DisplayName -replace $rulePrefix, '')" -Status "PASS" -Message "$($rule.Action) - $status"
|
|
}
|
|
}
|
|
}
|
|
|
|
function Test-Registry {
|
|
Write-Host "`n=== REGISTRY CHECK ===" -ForegroundColor Cyan
|
|
|
|
$regChecks = @(
|
|
@{
|
|
Name = "Customer Experience Program"
|
|
Path = "HKCU:\Software\SolidWorks\SOLIDWORKS *\Performance"
|
|
ValueName = "CustomerExperienceImprovementProgram"
|
|
ExpectedPattern = "OptInStatus"
|
|
DisabledValue = 0
|
|
}
|
|
)
|
|
|
|
# Find actual SolidWorks version paths
|
|
$swBasePath = "HKCU:\Software\SolidWorks"
|
|
|
|
if (-not (Test-Path $swBasePath)) {
|
|
Write-Check -Name "SolidWorks registry" -Status "WARN" -Message "Not found (SW may not be installed/run yet)"
|
|
return
|
|
}
|
|
|
|
$swVersions = Get-ChildItem -Path $swBasePath -ErrorAction SilentlyContinue |
|
|
Where-Object { $_.PSChildName -like "SOLIDWORKS *" }
|
|
|
|
if (-not $swVersions) {
|
|
Write-Check -Name "SolidWorks versions" -Status "WARN" -Message "No version keys found"
|
|
return
|
|
}
|
|
|
|
foreach ($version in $swVersions) {
|
|
Write-Host "`n $($version.PSChildName):" -ForegroundColor White
|
|
|
|
# Check Performance subkey
|
|
$perfPath = Join-Path $version.PSPath "Performance"
|
|
if (Test-Path $perfPath) {
|
|
$props = Get-ItemProperty -Path $perfPath -ErrorAction SilentlyContinue
|
|
|
|
if ($props.PSObject.Properties.Name -contains "OptInStatus") {
|
|
if ($props.OptInStatus -eq 0) {
|
|
Write-Check -Name " CEIP OptInStatus" -Status "PASS" -Message "Disabled"
|
|
} else {
|
|
Write-Check -Name " CEIP OptInStatus" -Status "FAIL" -Message "Enabled ($($props.OptInStatus))"
|
|
}
|
|
} else {
|
|
Write-Check -Name " CEIP OptInStatus" -Status "WARN" -Message "Not set"
|
|
}
|
|
}
|
|
|
|
# Check General subkey
|
|
$generalPath = Join-Path $version.PSPath "General"
|
|
if (Test-Path $generalPath) {
|
|
$props = Get-ItemProperty -Path $generalPath -ErrorAction SilentlyContinue
|
|
|
|
if ($props.PSObject.Properties.Name -contains "Auto Check for Updates") {
|
|
if ($props."Auto Check for Updates" -eq 0) {
|
|
Write-Check -Name " Auto Updates" -Status "PASS" -Message "Disabled"
|
|
} else {
|
|
Write-Check -Name " Auto Updates" -Status "FAIL" -Message "Enabled"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
function Test-TelemetryConnectivity {
|
|
Write-Host "`n=== TELEMETRY BLOCK VERIFICATION ===" -ForegroundColor Cyan
|
|
|
|
$telemetryDomains = @(
|
|
"telemetry.solidworks.com",
|
|
"analytics.3ds.com"
|
|
)
|
|
|
|
foreach ($domain in $telemetryDomains) {
|
|
try {
|
|
$result = Resolve-DnsName -Name $domain -Type A -ErrorAction Stop -DnsOnly
|
|
$ip = $result[0].IPAddress
|
|
|
|
if ($ip -eq "127.0.0.1") {
|
|
Write-Check -Name "$domain" -Status "PASS" -Message "Blocked (resolves to 127.0.0.1)"
|
|
} else {
|
|
Write-Check -Name "$domain" -Status "FAIL" -Message "NOT blocked (resolves to $ip)"
|
|
}
|
|
} catch {
|
|
Write-Check -Name "$domain" -Status "WARN" -Message "Cannot resolve (may be blocked at DNS level)"
|
|
}
|
|
}
|
|
}
|
|
|
|
function Show-Summary {
|
|
Write-Host "`n========================================" -ForegroundColor Cyan
|
|
Write-Host " VERIFICATION SUMMARY" -ForegroundColor Cyan
|
|
Write-Host "========================================" -ForegroundColor Cyan
|
|
|
|
Write-Host ""
|
|
Write-Host " Passed: " -NoNewline; Write-Host "$script:passed" -ForegroundColor Green
|
|
Write-Host " Failed: " -NoNewline; Write-Host "$script:failed" -ForegroundColor Red
|
|
Write-Host " Warnings: " -NoNewline; Write-Host "$script:warnings" -ForegroundColor Yellow
|
|
Write-Host ""
|
|
|
|
if ($script:failed -eq 0) {
|
|
Write-Host " [SUCCESS] Privacy lockdown is properly configured!" -ForegroundColor Green
|
|
} elseif ($script:failed -le 2) {
|
|
Write-Host " [PARTIAL] Most protections are in place, minor issues found." -ForegroundColor Yellow
|
|
} else {
|
|
Write-Host " [INCOMPLETE] Privacy lockdown needs attention." -ForegroundColor Red
|
|
}
|
|
}
|
|
|
|
# Main execution
|
|
Write-Host "========================================" -ForegroundColor Cyan
|
|
Write-Host " SolidWorks Privacy Lockdown Verifier" -ForegroundColor Cyan
|
|
Write-Host " Atomaste Solution" -ForegroundColor Cyan
|
|
Write-Host "========================================" -ForegroundColor Cyan
|
|
Write-Host "`nRunning verification checks..." -ForegroundColor White
|
|
|
|
Test-HostsFile
|
|
Test-LicensingConnectivity
|
|
Test-Services
|
|
Test-FirewallRules
|
|
Test-Registry
|
|
Test-TelemetryConnectivity
|
|
|
|
Show-Summary
|
|
|
|
Write-Host "`n[TIP] Use -Detailed for more information on each check" -ForegroundColor Gray
|
|
Write-Host "[DONE] Verification completed." -ForegroundColor Green
|