Variables

Variables can for example be used when creating a menu or executing an action. The internal handling is the same, and you will probably be able to use variables each time you specify a string configuration. Some variables require a specific token or a specific certificate, and they require that the token or certificate is available.

Variable names should be intuitive and understood without any problem. Variable names are always used within curly brackets, that is, username will have the variable name {username}.

Internal variables

application-name

application-path

certificate-auth-id

Certificate authority key identifier.

certificate-extension:<oid>

Reads an extension from the certificate. If the string is of type printable, UTF8, T61, or BMP, it will become a UTF8 string. Otherwise it will become hexadecimal encoded.

certificate-extension-present:<oid>

Checks if extension exists, and returns yes or no like others of the same type.

certificate-key-id

Certificate subject key identifier.

certificate-serialnumber

Certificate serial number.

certificate-sid

Retrieves the SID if it exists as a certificate extension, that is, the certificate-extension-present:<oid> variable above.

certificate-string

certificate-temporary

certificate-thumbprint

Certificate thumbprint.

certificate-value

component-csp

component-ksp

component-md

component-pkcs11

config-empty:<section>:<entry>

Returns no if section and entry has values.

config-value:<section>:<entry>

Checks configuration parameter value.

expire

expire:days

issuer:<oid>

keytype

keyusage

language

license-company

license-expire

license-expired

license-name

license-valid

license-value

local-time-string

once

parent-process-id

Returns parent process ID in decimal format.

process-id

Returns process ID in decimal format.

product-image

product-name

registry

Checks registry value.

registry-key

Checks if registry key exists, and returns yes or no.

slotid

slot-name

subject:<oid>

system

time

time-string

token-flags

token-empty

token-expire

token-expire:days

token-label

token-manufacturer

token-model

token-name

token-number

token-number-string

token-pin-attempts

token-pin-index

token-pin-label

token-pin-pad

token-pin-number

The variable is created by using {token-pin-index} + 1. This variable is empty for single PIN tokens.

token-pin-value

token-present

token-single-pin

token-temporary

uniqueid

upn

upn:domain

upn:user

user

user-agent-id

user:sam

GetUserNameEx (NameSamCompatible): A legacy account name (for example, Engineering\JSmith). The domain-only version includes trailing backslashes (\).

user:display

GetUserNameEx (NameDisplay): A "friendly" display name (for example, Jeff Smith). The display name is not necessarily the defining relative distinguished name (RDN).

user:uniqueid

GetUserNameEx (NameUniqueId): A GUID string that the IIDFromString function returns (for example, {4fa050f0-f561-11cf-bdd9-00aa003a77b6}).

user:canonical

GetUserNameEx (NameCanonical): The complete canonical name (for example, engineering.microsoft.com/software/someone). The domain-only version includes a trailing forward slash (/).

userid

username

Presents the variable user:sam.

valid-from

valid-from:days

valid-to

valid-to:days

version-number

version-string

wts:win-station-name

wts:user-name

wts:domain-name

Special environment variables

%SYSTEM%

64-bit processes: %WINDIR%\System32
32-bit processes: %WINDIR%\SysWOW64

%CURRENT%

Current directory for calling application.

%INSTALL%

Current installation folder.

%USERTEMP%

Windows user Temp folder. On other OS, same as %TEMP%.

%ProgramFiles32%

64-bit processes: 32-bit Program Files folder.
32-bit processes: 32-bit Program Files folder.

%ProgramFiles64%

64-bit processes: 64-bit Program Files folder.
32-bit processes: 64-bit Program Files folder but automatically converted to 32-bit by Windows.