atkfrg56
asked on
Script to automatically shutdown and restart a Windows XP computer on Domain - Permission Denied
I have a .bat batch file of these commands to shut down a lab of computers and a second batch file to restart them. I use the following command:
shutdown -s -m \\computername -t 0
This works very well since I am under the group "Domain Admins" because I have full power over the domain. I have teachers responsible for each computer lab, and I would appreciate them using the scripts too so they can close up shop at the end of the day. They try to run the script and get "Access Denied / Permission Denied" errors. They are part of the "users" group and do not have permission to shutdown computers remotely. How can I make it so they can remotely shutdown/restart comptuers and not give them admin priviledges? Also, they must not have priviledges to installs apps, so power users may be out too.
I abdolutely do not want to schedule the computers shutdown because there is no pattern in shutdown times.
thx
shutdown -s -m \\computername -t 0
This works very well since I am under the group "Domain Admins" because I have full power over the domain. I have teachers responsible for each computer lab, and I would appreciate them using the scripts too so they can close up shop at the end of the day. They try to run the script and get "Access Denied / Permission Denied" errors. They are part of the "users" group and do not have permission to shutdown computers remotely. How can I make it so they can remotely shutdown/restart comptuers and not give them admin priviledges? Also, they must not have priviledges to installs apps, so power users may be out too.
I abdolutely do not want to schedule the computers shutdown because there is no pattern in shutdown times.
thx
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hmm, I gave it another shot and it appears to have no effect on remote scripts, only controls local machine. This is really strange, because I cant think of a logical way to get it done via windows 1st party applications.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Naw, cant get the group policy method to work. My last post was explaining it.
Hi,
Sorry for late response....Did you solve the problem?
Sorry for late response....Did you solve the problem?
ASKER
SystmProg,
I still cant get it to work. I will give you the points for your efforts when this closes...doubt anyone will get the solution.
thx
I still cant get it to work. I will give you the points for your efforts when this closes...doubt anyone will get the solution.
thx
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
tmack,
I cannot get that option to work either. Instead of 'Access Denied' I get "not privilidged to use this command".
I gave up on this, and we now have an .asp script that a user logs in and the user has buttons to run pre-defined scripts on the server. We can track who uses the scripts (an added feature) and only the users we want can run them. Works very nice, its all windows, and i have the power i need.
Points will be split 200/300 for efforts. thx
I cannot get that option to work either. Instead of 'Access Denied' I get "not privilidged to use this command".
I gave up on this, and we now have an .asp script that a user logs in and the user has buttons to run pre-defined scripts on the server. We can track who uses the scripts (an added feature) and only the users we want can run them. Works very nice, its all windows, and i have the power i need.
Points will be split 200/300 for efforts. thx
Thanks!
ASKER
could you be more specific please...there are lots of group polices I could use. Could you locate the 'remote shutdown policy' for me please, I am unable to find it.
SystmProg ,
I gave your idea a shot before I posted because I found it in the ee archive relating to another issue. I found that this setting didnt changes any settings with remote shutdowns...but it did change the shutdown permissions for the user logged onto the computer locally. A user not in the shutdown group, such as anyone not in the 'teachers' group I used instead of 'shutdowngroup' could only 'log out' of the computers when they clicked on shutdown instead of 'restart, hibernate, standby, shutdown'. This even applied to the local administrator which is a local account and not on the domain.
I am going to follow your directions specifically when I get back to the office for another try though, I could have messed stuff up along the way.