Solved

Logging off a User

Posted on 2004-10-14
5
211 Views
Last Modified: 2013-12-04
Hello everyone,

I work in a very large network and we have users that use a different computer every day.  This causes much grief when the user changes their password and left themselves logged into a computer, with the old password, on the network.  Is there any way to find out what computer they are logged into or is there an equivalent command to the OLD Banyan command of "mlogout" to forcefully log the user off of every workstation they are logged into?

Thanks,
Steve
0
Comment
Question by:stevespears
  • 2
5 Comments
 
LVL 1

Accepted Solution

by:
sstoyanovich earned 125 total points
ID: 12311509
Well, if you know the name of the locked machine, from another machine you can run this vbscript to log them off.

computerName = "theMachineName"
Set objWMIService = _
     GetObject("winmgmts:{impersonationLevel=impersonate,(Shutdown)}!\\" _
     & computerName & "\root\cimv2")
Set colOperatingSystems = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")
For Each objOperatingSystem in colOperatingSystems
      ObjOperatingSystem.Win32Shutdown(0, 0)  ' log off
Next

You must run this using an account that has admin privileges on the remote machine, like a Domain Admin account.

As for finding out who is logged on where, you can have your logon script save a line with username / machineName / date in a central log file that you can search to find all logins.

Better yet, since you're in an enterprise, it calls for an enterprise solution.  Did you know that the security Event logs on the domain controller that logged the user in contain entries when the session (now running with the old password) is causing security failures?  I suggest an Event Log monitoring solution.  I use this one:  http://www.objsoftinc.com/files/Products/EventMaster.asp.  You can "subscribe" to be notified by email whenever there are Event Logs on your DC's indicating that an account is locked out.  You can then open the email, and see the Event Log entry - it indicates which account AND FROM WHICH MACHINE.  You can then use the script above to log out the user from that machine.

S
0
 
LVL 1

Expert Comment

by:sstoyanovich
ID: 14097028
Well, I tried to provide an answer.  The Asker never indicated whether it was good or not.  Cost me time though..
Thanks,
Sandra
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question