Re: Force Logoff if Inactive

• Previous message: Patrick J. LoPresti: "Re: Force Logoff if Inactive"
• In reply to: Torgeir Bakken (MVP): "Re: Force Logoff if Inactive"
• Next in thread: Patrick J. LoPresti: "Re: Force Logoff if Inactive"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 15 Nov 2003 18:16:39 -1000

Thanks again!

1) Trying to find the JT.exe tool in the W2K ResKit, but no luck. Unable
to download for some reason from MS site (FTP down?)

2) LOGOFF.exe is another W2K ResKit tool. Using your command line code,
I'd replace the Sysinternals tool with LOGOFFexe.

3) I gotta pack up for business trip, fly out tonight. Will monitor this
NG when I get to destination.

Here's a hack to make SCHTASKS.exe run on Windows 2000:
http://www.jsifaq.com/SUBK/tip5300/rh5335.htm

HP sends

----- Original Message -----
From: "Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@hydro.com>
Newsgroups:
microsoft.public.security,microsoft.public.security.toolkit,microsoft.public
.win2000.security,microsoft.public.windows.server.security,microsoft.public.
windowsxp.security_admin,microsoft.public.win2000.general,microsoft.public.w
in2000.termserv.clients
Sent: Saturday, November 15, 2003 4:38 PM
Subject: Re: Force Logoff if Inactive
:
: Hi
:
: I was able to to this now on a WinXP client using WinXP built in command
line
: task scheduler "manipulator" SCHTASKS.exe and the psshutdown.exe utility
from
: the free PSTools suite found at http://www.sysinternals.com.
:
: This will create a scheduled task running with the credentials of the
local
: Administrator (with password xxx in the example) that logs the *console*
user
: off after 16,65 hours inactivity (999 minutes is the max value):
:
: SCHTASKS.exe /Create /RU "%COMPUTERNAME%\Administrator" /RP xxx
: /SC ONIDLE /I 999 /TN "IdleLogoff" /TR "C:\psshutdown.exe -o -f"
:
: Note that the way this configures the task scheduler, if you set it to
reboot
: the computer it will reboot the computer even if nobody is logged in (when
the
: computer is idle at the logon screen). Logoff or shutdown/poweroff will be
a
: better choice I think.
:
: Note that you can use SCHTASKS.exe to configure a scheduled task on a
remote
: computer (if that will work against a Win2k computer I do not know). Run
: SCHTASKS /? in a command prompt for more help.
:
: I was not able to use WinXP's shutdown.exe utility, it looks like it is
not able
: to log off another user than the one user that is defined as the "task"
user.
: However, Sysinternals's psshutdown utility was able to do this. I also
tried to
: use /RU "NT AUTHORITY\SYSTEM" instead of using the Administrator user, but
I
: could not get the scheduled task to run psshutdown.exe then.
:
:
: For Win2k, it may be that JT.EXE is able to create a scheduled task like
: SCHTASKS.exe is for WinXP:
:
: http://www.jsiinc.com/SUBF/TIP2600/rh2621.htm
: ftp://ftp.microsoft.com/reskit/win2000/jt.zip
:
:
: --
: torgeir
: Microsoft MVP Scripting and WMI, Porsgrunn Norway
: Administration scripting examples and an ONLINE version of the 1328 page
: Scripting Guide: http://www.microsoft.com/technet/scriptcenter
:
:
:
>"Harry Paratestes" <harryp@newz-grp-reader.com> wrote in message news:...
> Thanks for feedback.
>
> Just now I checked out the Scheduled Task Wizard on W2K client. I believe
I
> could do what you're suggesting, but the missing piece to the puzzle is
the
> 'inactivity timer'. Did a little more research on this and it dawned on
me
> that there MUST be an internal clock/process/service/daemon running on W2K
> that determines inactivity. No surprise here, screensaver and Power
Scheme
> functions [Control Panel/Power Options] obviously are triggered by some
> keypad or mouse activity timer. Terminal services on W2K Server has
> inactivity function too (bounces users if not activitely using TS).
>
> If anyone has insight on the process/service/daemon that determines
keyboard
> and/or mouse inactivity on W2K and how to exploit it, any guidance or
points
> will be much appreciated.
>
> HP sends
>
>
> "Torgeir Bakken (MVP)" <Torgeir.Bakken-spam@hydro.com> wrote in message
> news:3FB68D9C.8F3D9AC3@hydro.com...
> > Harry Paratestes wrote:
> > Hi
> >
> > You can't do this detection from the DC, it will have no idea about if
the
> > workstations are idle or not, you need to do this on the local computer.
> >
> > I don't know of any way with a script to determine idle time, but the
> solution
> > Steve suggested should work, creating a Scheduled Tasks on every
computer
> that
> > kicks in after x minutes of idle time and runs a logoff script/program.
> >
> >
> > --
> > torgeir
> > Microsoft MVP Scripting and WMI, Porsgrunn Norway
> > Administration scripting examples and an ONLINE version of the 1328 page
> > Scripting Guide: http://www.microsoft.com/technet/scriptcenter
> >
> >
> >
> >
> >
> > > Thanks, read something similar on a bulletin board after my ng post.
> The
> > > "scheduling" of the logoff was kind of the first thought we had. We
may
> end
> > > up just having to go with that. In a perfect world, we'd like an
"event
> > > trigger" where logoff only occurs if certain condition exists (i.e.
> > > inactivity after X# of hours/minutes). I've found off-the-shelf
> products
> > > that can do exactly this, so I'm thinking it can be done, not to
mention
> our
> > > IT budget is a joke and the thought of buying these products is OOQ.
> Out of
> > > frustration, we're moving away from GPO or ResKit tools and towards
> > > script-writing. We're thinking to implement the LOGOFF.EXE tool, but
> not
> > > sure what mechanism is available to determine 'idle time' on the
> > > workstation. And when inactivity condition = TRUE, how does the DC
> trigger
> > > the LOGOFF.EXE on the workstation / luser account?
> >
> >
> >
> >"Steven L Umbach" <sumbach55@ameritech.net> wrote in message
> >news:crstb.2199$4X4.551206@newssrv26.news.prodigy.com...
> >
> >
> > You might look at using Scheduled Tasks to run logoff.exe or
shutdown.exe
> > after a certain period of idle time - up to 999 minutes though I don't
> know
> > of a good way offhand to implement it on a large number of
omputers. ---
> > Steve
> >
> >
> >
> > "Harry Paratestes" <anon_usr@discussions.microsoft.com> wrote in message
> > news:046301c3ab10$3dba6cc0$a401280a@phx.gbl...
> > >
> > > Anyone know of tool/script/CMD that will automagically log
> > > off lusers after timeout has expired? Situation we have
> > > is lusers habitually locking their workstations and never
> > > logging off. Most recently, we've found out that a couple
> > > lusers from a remote office are currently on-travel and
> > > left their workstations powered on with screens locked.
> > >
> > > We have password locked screensaver implemented to kick
> > > off after 15 minutes of inactivity. We'd like ability to
> > > subsequently force logoffs after 24-36 hours of inactivity
> > > (weekends, business travel, etc.). We do NOT want to
> > > change our current screensaver set up (i.e. don't want to
> > > use Winexit.scr or something similar).
> > >
> > > I looked at Winexit.scr and also for a GPO security
> > > setting. No luck on GPO and Winexit didn't seem to do
> > > what I wanted. Don't want to implement the "working
> > > hours" GPO either which would log off or lockout lusers
> > > during certain hours of the day (we occassionally have
> > > shift work, also some lusers travel to various timezones).
> > >
> > > Summary: Luser locks workstation or password-protected
> > > screensaver kicks in. If no activity for 24hrs, luser
> > > gets bounced (and/or system reboots).
> > >
> > > Any tips? Is this even feasible?
> > >
> > > HP sends
> > >

• Previous message: Patrick J. LoPresti: "Re: Force Logoff if Inactive"
• In reply to: Torgeir Bakken (MVP): "Re: Force Logoff if Inactive"
• Next in thread: Patrick J. LoPresti: "Re: Force Logoff if Inactive"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]