Checkpoint Commander Plus
What is Checkpoint Commander Plus?
Introduction
Checkpoint Commander Plus (CPC+ to its friends) is Checkpoint Commander, with some extra functions which allow it to talk to the rest of Checkpoint - specifically, the Checkpoint Daemon, and the Checkpoint Command Centre (CPCC) which fronts it.
When you install Checkpoint, it will automatically either install CPC+ if you don't have it, or upgrade your CPC standard to CPC+. Your profiles and data aren't affected by this.
You should read the first sections of the CPCC user guide before reading the rest of this section.
These extra functions are accessed from three places, which we'll cover in turn: there are extra functions on the File menu, some more on the 'Do' menu, and finally there are extra optional command-line arguments.
Jargon junction: archives, CRAs and CDBs
Checkpoint Commander talks about "archives". CPCC talks about "CDBs". Now CPC+ talks about "CRAs". What's the difference?
Well, underneath, a CPC archive actually is a variety of CDB. The difference is that those CDBs which CPC calls archives are not registered with Checkpoint - you find them manually, and remember their passwords manually too. (This means that archive passwords tend to be the sort of weaker passwords you can remember and type easily; passwords of registered CDBs are cryptorandom binary and effectively unbreakable).
A CRA - a Checkpoint Registered Archive - is an ordinary archive which has been registered with Checkpoint. Now, instead of having to remember where the file is, and what its password is, Checkpoint remembers this for you, and provides access control. Thus the process of converting a CPC archive into a CRA consists of registering it with Checkpoint and upgrading its password to cryptorandom binary (which happens automatically as part of the registration process).
Finally, while all archives and CRAs are CDBs, there are other kinds of CDB which aren't archives or CRAs. CPCC manages all kinds of CDBs, including these others, and doesn't distinguish between those which are CRAs and those which aren't, so it just calls everything a CDB.
File Menu extras
New Checkpoint Session
Checkpoint uses sessions; the session tells Checkpoint who you are, and which subsystem you're in. This information is used for access control. If you launch CPC+ from CPCC, you're already in a session (you logged in when you started CPCC): CPC+ inherits a copy of this session, and everything Just Works.
However, if you launch CPC+ in some other way (from the desktop, say) then CPC+ does not have an active session and so cannot interact with the rest of Checkpoint. This option allows you to start a new session. It brings up a dialog to allow you to enter the required credentials and subsystem information. If you're not familiar with this, read the Introduction to Checkpoint Command Centre.
If you've already got an active session (either by starting one explicitly as above, or by inheriting it when you launched CPC+ from CPCC), then you can leave fields in the dialog blank to have them remain the same as the existing session. If you leave the user ID field blank, then both the password and token-location fields are ignored (CPC+ will use your current credentials). If you leave the subsystem ID field blank, then the same subsystem will be used.
[NOTE] Clearly, leaving all fields blank creates a new session which is just the same as the old one. This can be useful nonetheless. Firstly it makes CPC+ reload the list of available CDBs, so if new ones have been installed since you started the session, they'll come up. Equally if you've closed some CDBs and want to get them back, this'll do it.
CPC+ login dialog
'Do' Menu extras
Screenshot
The extra options are outlined in red in the figure below.
The CPC+ 'Do' Menu - Extra Options
New CRA
Creates and registers a new Checkpoint Registered Archive. See Jargon junction for background on these. Start by navigating into a disk device: the file locator dialog in the next step will use the location as a start point. You'll then get a dialog to locate the CDB's file. The dialog after that will ask you for some information:
- CDB ID: the ID that's used to refer to this CRA for access-control purposes.
- Description: a more user-friendly, verbose description of this CRA.
- Secure: In the CPAC access-control architecture, CDBs are either open (anybody can access them who can access the subsystem, unless an ACL entry forbids it) or secure (nobody can access them unless an ACL entry permits).
- Create task to browse this CRA: If checked, a task will be created in the subsystem, with the same task ID as the CDB ID, which will browse this CDB from inside CPCC.
- No encryption: Allows anybody to circumvent access-control; provided for rare circumstances when it's required, but generally not recommended.
Convert [archive] to CRA
Converts an existing archive into a CRA, by registering it with Checkpoint and (hence) upgrading its password. You will be asked for some information: see New CRA above.
Command-line arguments
In addition to the arguments supported by CPC standard (see Entryway), CPC+ supports the following extra arguments - all optional.
-cra <cdbID>
Loads the CRA with the specified CDB ID automatically (subject to access-control).
-leech
Loads all available CRAs automatically. CDBs in the subsystem which are not CRAs are ignored.
[NOTE] CPC+ will not load CRAs which belong to the global subsystem while it is logged in to any other subsystem, even if access-control permits this.
