Solved

Logging off a User

Posted on 2004-10-14
5
206 Views
Last Modified: 2013-12-04
Hello everyone,

I work in a very large network and we have users that use a different computer every day.  This causes much grief when the user changes their password and left themselves logged into a computer, with the old password, on the network.  Is there any way to find out what computer they are logged into or is there an equivalent command to the OLD Banyan command of "mlogout" to forcefully log the user off of every workstation they are logged into?

Thanks,
Steve
0
Comment
Question by:stevespears
  • 2
5 Comments
 
LVL 1

Accepted Solution

by:
sstoyanovich earned 125 total points
ID: 12311509
Well, if you know the name of the locked machine, from another machine you can run this vbscript to log them off.

computerName = "theMachineName"
Set objWMIService = _
     GetObject("winmgmts:{impersonationLevel=impersonate,(Shutdown)}!\\" _
     & computerName & "\root\cimv2")
Set colOperatingSystems = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")
For Each objOperatingSystem in colOperatingSystems
      ObjOperatingSystem.Win32Shutdown(0, 0)  ' log off
Next

You must run this using an account that has admin privileges on the remote machine, like a Domain Admin account.

As for finding out who is logged on where, you can have your logon script save a line with username / machineName / date in a central log file that you can search to find all logins.

Better yet, since you're in an enterprise, it calls for an enterprise solution.  Did you know that the security Event logs on the domain controller that logged the user in contain entries when the session (now running with the old password) is causing security failures?  I suggest an Event Log monitoring solution.  I use this one:  http://www.objsoftinc.com/files/Products/EventMaster.asp.  You can "subscribe" to be notified by email whenever there are Event Logs on your DC's indicating that an account is locked out.  You can then open the email, and see the Event Log entry - it indicates which account AND FROM WHICH MACHINE.  You can then use the script above to log out the user from that machine.

S
0
 
LVL 1

Expert Comment

by:sstoyanovich
ID: 14097028
Well, I tried to provide an answer.  The Asker never indicated whether it was good or not.  Cost me time though..
Thanks,
Sandra
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video discusses moving either the default database or any database to a new volume.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now