Patrick,
Thanks for your insight. I'm not a programmer/scripter by trade, but will
definitely do the research to see if I make this work as you described.
Gotta pack the suitcase for a red-eye flight. Will monitor this NG
tomorrow.
Thanks again,
HP sends
Patrick J. LoPresti said:
Another possibility:
The Win32_Desktop WMI class has a "ScreenSaverActive" property. You
can use WMI events to monitor the state of that property.
Roughly... You would use ExecNotificationQuery with a query string
like "SELECT * FROM __InstanceModificationEvent WHERE TargetInstance
ISA 'Win32_Desktop'". The result of that query would be an
SWbemEventSource on which you would repeatedly call NextEvent with a
timeout.
That call, in turn, would either time out or give you an
__InstanceModificationEvent (whose TargetInstance is a Win32_Desktop).
Thus, you have a loop which you can use to keep track of the screen
saver state, waking up if that state does not change for a while. You
just need to combine this with a mechanism for logging off the current
user.
This idea needs some refinement; e.g., to make the WQL query apply
only to the Win32_Desktop of the current user. But I believe the
basic idea is sound.
- Pat
http://unattended.sourceforge.net/
is
on
me
that there MUST be an internal clock/process/service/daemon running on W2K
that determines inactivity. No surprise here, screensaver and Power Scheme
functions [Control Panel/Power Options] obviously are triggered by some
keypad or mouse activity timer. Terminal services on W2K Server has
inactivity function too (bounces users if not activitely using TS).
If anyone has insight on the process/service/daemon that determines keyboard
and/or mouse inactivity on W2K and how to exploit it, any guidance or points
will be much appreciated.
HP sends
Thanks again!
1) Trying to find the JT.exe tool in the W2K ResKit, but no luck. Unable
to download for some reason from MS site (FTP down?)
2) LOGOFF.exe is another W2K ResKit tool. Using your command line code,
I'd replace the Sysinternals tool with LOGOFFexe.
3) I gotta pack up for business trip, fly out tonight. Will monitor this
NG when I get to destination.
Here's a hack to make SCHTASKS.exe run on Windows 2000:
http://www.jsifaq.com/SUBK/tip5300/rh5335.htm
HP sends
:
:
:----- Original Message -----
: From: "Torgeir Bakken (MVP)" <
[email protected]>
: Newsgroups:
:
microsoft.public.security,microsoft.public.security.toolkit,microsoft.public..win2000.security,microsoft.public.windows.server.security,microsoft.public.windowsxp.security_admin,microsoft.public.win2000.general,microsoft.public.w
in2000.termserv.clients
Sent: Saturday, November 15, 2003 4:38 PM
Subject: Re: Force Logoff if Inactive
:
: Hi
:
: I was able to to this now on a WinXP client using WinXP built in command
line
: task scheduler "manipulator" SCHTASKS.exe and the psshutdown.exe utility
from
: the free PSTools suite found at
http://www.sysinternals.com.
:
: This will create a scheduled task running with the credentials of the
local
: Administrator (with password xxx in the example) that logs the *console*
user
: off after 16,65 hours inactivity (999 minutes is the max value):
:
: SCHTASKS.exe /Create /RU "%COMPUTERNAME%\Administrator" /RP xxx
: /SC ONIDLE /I 999 /TN "IdleLogoff" /TR "C:\psshutdown.exe -o -f"
:
: Note that the way this configures the task scheduler, if you set it to
reboot
: the computer it will reboot the computer even if nobody is logged in (when
the
: computer is idle at the logon screen). Logoff or shutdown/poweroff will be
a
: better choice I think.
:
: Note that you can use SCHTASKS.exe to configure a scheduled task on a
remote
: computer (if that will work against a Win2k computer I do not know). Run
: SCHTASKS /? in a command prompt for more help.
:
: I was not able to use WinXP's shutdown.exe utility, it looks like it is
not able
: to log off another user than the one user that is defined as the "task"
user.
: However, Sysinternals's psshutdown utility was able to do this. I also
tried to
: use /RU "NT AUTHORITY\SYSTEM" instead of using the Administrator user, but
I
: could not get the scheduled task to run psshutdown.exe then.
:
:
: For Win2k, it may be that JT.EXE is able to create a scheduled task like
: SCHTASKS.exe is for WinXP:
:
:
http://www.jsiinc.com/SUBF/TIP2600/rh2621.htm
: ftp://ftp.microsoft.com/reskit/win2000/jt.zip
:
:
: --
: torgeir
: Microsoft MVP Scripting and WMI, Porsgrunn Norway
: Administration scripting examples and an ONLINE version of the 1328 page
: Scripting Guide:
http://www.microsoft.com/technet/scriptcenter
:
:
:
Thanks for feedback.
Just now I checked out the Scheduled Task Wizard on W2K client. I
believe
I
could do what you're suggesting, but the missing piece to the puzzle is the
'inactivity timer'. Did a little more research on this and it dawned on me
that there MUST be an internal clock/process/service/daemon running on W2K
that determines inactivity. No surprise here, screensaver and Power Scheme
functions [Control Panel/Power Options] obviously are triggered by some
keypad or mouse activity timer. Terminal services on W2K Server has
inactivity function too (bounces users if not activitely using TS).
If anyone has insight on the process/service/daemon that determines keyboard
and/or mouse inactivity on W2K and how to exploit it, any guidance or points
will be much appreciated.
HP sends
Torgeir Bakken (MVP) said:
Harry Paratestes wrote:
Hi
You can't do this detection from the DC, it will have no idea about if the
workstations are idle or not, you need to do this on the local computer.
I don't know of any way with a script to determine idle time, but the solution
Steve suggested should work, creating a Scheduled Tasks on every
computer
that
kicks in after x minutes of idle time and runs a logoff script/program.
--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide:
http://www.microsoft.com/technet/scriptcenter
Thanks, read something similar on a bulletin board after my ng post. The
"scheduling" of the logoff was kind of the first thought we had. We
may
end
up just having to go with that. In a perfect world, we'd like an "event
trigger" where logoff only occurs if certain condition exists (i.e.
inactivity after X# of hours/minutes). I've found off-the-shelf products
that can do exactly this, so I'm thinking it can be done, not to
mention
our
IT budget is a joke and the thought of buying these products is OOQ. Out of
frustration, we're moving away from GPO or ResKit tools and towards
script-writing. We're thinking to implement the LOGOFF.EXE tool,
but
not
sure what mechanism is available to determine 'idle time' on the
workstation. And when inactivity condition = TRUE, how does the DC trigger
the LOGOFF.EXE on the workstation / luser account?
You might look at using Scheduled Tasks to run logoff.exe or shutdown.exe
after a certain period of idle time - up to 999 minutes though I don't know
of a good way offhand to implement it on a large number of omputers. ---
Steve
Anyone know of tool/script/CMD that will automagically log
off lusers after timeout has expired? Situation we have
is lusers habitually locking their workstations and never
logging off. Most recently, we've found out that a couple
lusers from a remote office are currently on-travel and
left their workstations powered on with screens locked.
We have password locked screensaver implemented to kick
off after 15 minutes of inactivity. We'd like ability to
subsequently force logoffs after 24-36 hours of inactivity
(weekends, business travel, etc.). We do NOT want to
change our current screensaver set up (i.e. don't want to
use Winexit.scr or something similar).
I looked at Winexit.scr and also for a GPO security
setting. No luck on GPO and Winexit didn't seem to do
what I wanted. Don't want to implement the "working
hours" GPO either which would log off or lockout lusers
during certain hours of the day (we occassionally have
shift work, also some lusers travel to various timezones).
Summary: Luser locks workstation or password-protected
screensaver kicks in. If no activity for 24hrs, luser
gets bounced (and/or system reboots).
Any tips? Is this even feasible?
HP sends
