Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 382
  • Last Modified:

Group policy to log off all machine in Domain

I need help configuring a group policy to log off all machines within my domain. I configured Network security: force logoff when hours expire and defined 3 AD accounts with specific logon hours. The machines weren't logged off. Any other ideas?
0
colmisdiv
Asked:
colmisdiv
  • 4
  • 3
  • 2
  • +1
1 Solution
 
bhnmiCommented:
It does not actually "log off" the machines user. It terminates all connections to the domain and makes them inactive for the said time. You need to run a script to log off the machines.
0
 
bhnmiCommented:
I am not very good with VB scripting so I use a scheduled task to run a batch file to reboot the machines.

shutdown -m \\mycomputer.mycompany.local -r -f -t 10

This is not a very effective way if you have lots of machines because you need to make an entry for each one.
0
 
bsharathCommented:
As there is no internal functionality to logoff a user.
Use this code every day at the specific time.
Create a file called "Computers.txt" put in all computers that yo need to logg off.Then run the Bat file
You can even change to restart of shutdown the computer

:: NEW VERSION
::      SET Action=S  ::For shutdown
::      SET Action=R ::For Restart
::      SET Action=L ::For Logoff
::
:: IF YOU LEAVE EMPTY (SET ACTION=) THE SCRIPT IS IN INTERACTIVE MODE
::
:: SCRIPT START
@Echo OFF
SETLOCAL
:------------------------------------------------
SET Action=
::------------------------------------------------
if +%Actions%+==++ (
rem Set the default actions if Action is empty
  set Action=L
rem ask to the user the action
  set /p Action=Shutdown/Restart/Logoff [s,r,L]?
)  
IF NOT EXIST C:\Computers.txt Goto ShowErr
FOR  %%R IN  (C:\Computers.txt) Do IF %%~zR EQU 0 Goto ShowErr
FOR /F "delims=#" %%c IN ('TYPE C:\Computers.txt') Do (
      Echo Processing: %%c
       if /i +%Action%+==+L+  ( PSShutdown \\%%c -o
      ) else (  SHUTDOWN -m \\%%c -%Action% -f -t 30 )
)
Goto EndScript
:ShowErr
Echo "C:\Computers.txt" file does not exist or file is empty!
:EndScript
ENDLOCAL
:: SCRIPT END

Hope this helps..
I do the same thing in my office every day.I got this from an expert in EE>.
0
Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

 
Jay_Jay70Commented:
...two options

a) http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/566.mspx?mfr=true

b) you use sysinternals package - psshutdown - to log them off, much nicer tool than batching (in my eyes)
0
 
colmisdivAuthor Commented:
I'm not familiar with the tool and am terrible at scripting. What syntax would i use to log off all computers in my domain?
0
 
bsharathCommented:
Use the script as it is as the Action is set to L (Logoff)
You need to change this
set Action=L
to any othe if you want
0
 
bsharathCommented:
Did any of the solutions help getting what you wanted...
0
 
colmisdivAuthor Commented:
bsharath - I've been out a few days. Sorry it took so long to get back. I don't have the recources to go to every machine and put in this script. I am looking to administer from the domain controller.
0
 
colmisdivAuthor Commented:
Jay Jay 70- Waiting for response. Psshutdown Tool - I'm not familiar with the tool and am terrible at scripting. What syntax would i use to log off all computers in my domain from the domain controller.
0
 
Jay_Jay70Commented:
im no good at scripting,. i make it up as i go....syntax is here
http://www.ss64.com/nt/psshutdown.html
0
 
bsharathCommented:
Hi,

If scripting is fine with you then just put in the machine names in the computers.txt file then run it from a machine which has Administrative rights then all machines in the txt file will be logged off...
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 4
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now