OEM customizations

While OEM materials could be changed programmatically in a long run, it needs a persistent and secure storage on the endpoint. Files must be placed under the %SystemRoot%sxdata\oem folder, which is a folder that should be hardened:

During installation time
During maintenance time (when hardening is lowered)
By a trusted process bypassing hardening (either the IDAC hardening or a third party)

Configuration

A file called config.json contains the OEM information, composed as followed:

Copy

{
    "icons": {
        "default": "Endpoint.ico",
        "systray": "SysTray.ico"
    },
    "menus": {
        "systray": {
            "10001": "notification",
            "10005": "default",
            "10010": "hidden"
        }
    },
    "strings": [
        "global.xml",
        "dcext.xml",
        "rtnotify.xml"
    ]
}

Icons

Contains a list of key pairs, name to filename. The valid names are:

Name	Description
default	Company icon, used for the status window.
systray	Icon used for the RTNotify systray icon.
ac	Icon used for AC popup dialogs (local authorization).
dc	Icon used for DC wizards and dialogs (encryption related).

Menus

Contains a list of menus and for each of them a list of key pairs, id to action.

Valid actions are:

Name	Description
default	menu entry is displayed and uses the default built-in behavior
notification	menu entry is displayed and triggers notification for integrator (disabling built-in behavior) Notifications can be caught by registering with HSDCRegisterNotificationProcessor.
hidden	menu entry is not displayed

Name

Description

default

menu entry is displayed and uses the default built-in behavior

notification

menu entry is displayed and triggers notification for integrator (disabling built-in behavior)

Notifications can be caught by registering with HSDCRegisterNotificationProcessor.

hidden

menu entry is not displayed

The payload is similar to the following, and sent for the current session ID:

Copy

{
    "menu": "systray",
    "id": 10001,
    "type": "ui"
}

Valid menus and IDs are:

Name	ID	Description
systray	4112	about dialog
systray	10001	status dialog
systray	10002	check box to deny local authorization (exe)
systray	10003	check box to deny local authorization (dll)
systray	10004	check box to deny local authorization (script)
systray	10005	refresh settings
systray	10006	import maintenance ticket
systray	10010	temporary offline permission
systray	10112	endpoint maintenance

Some elements are already excluded when the installation mode is LEMSS or API to reflect serverless installation.

Translations

The integrator can extract and modify XML payloads (or be provided with an Excel file and a generation script for simple edition). The specified XML translation files are loaded before the internal resources, which enables replacement of any translated strings.

The format is not documented here. Resource files are available on request.