Solved

Group policy to log off all machine in Domain

Posted on 2007-11-15
11
376 Views
Last Modified: 2010-03-17
I need help configuring a group policy to log off all machines within my domain. I configured Network security: force logoff when hours expire and defined 3 AD accounts with specific logon hours. The machines weren't logged off. Any other ideas?
0
Comment
Question by:colmisdiv
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
11 Comments
 
LVL 12

Expert Comment

by:bhnmi
ID: 20289338
It does not actually "log off" the machines user. It terminates all connections to the domain and makes them inactive for the said time. You need to run a script to log off the machines.
0
 
LVL 12

Expert Comment

by:bhnmi
ID: 20289365
I am not very good with VB scripting so I use a scheduled task to run a batch file to reboot the machines.

shutdown -m \\mycomputer.mycompany.local -r -f -t 10

This is not a very effective way if you have lots of machines because you need to make an entry for each one.
0
 
LVL 11

Accepted Solution

by:
bsharath earned 250 total points
ID: 20289438
As there is no internal functionality to logoff a user.
Use this code every day at the specific time.
Create a file called "Computers.txt" put in all computers that yo need to logg off.Then run the Bat file
You can even change to restart of shutdown the computer

:: NEW VERSION
::      SET Action=S  ::For shutdown
::      SET Action=R ::For Restart
::      SET Action=L ::For Logoff
::
:: IF YOU LEAVE EMPTY (SET ACTION=) THE SCRIPT IS IN INTERACTIVE MODE
::
:: SCRIPT START
@Echo OFF
SETLOCAL
:------------------------------------------------
SET Action=
::------------------------------------------------
if +%Actions%+==++ (
rem Set the default actions if Action is empty
  set Action=L
rem ask to the user the action
  set /p Action=Shutdown/Restart/Logoff [s,r,L]?
)  
IF NOT EXIST C:\Computers.txt Goto ShowErr
FOR  %%R IN  (C:\Computers.txt) Do IF %%~zR EQU 0 Goto ShowErr
FOR /F "delims=#" %%c IN ('TYPE C:\Computers.txt') Do (
      Echo Processing: %%c
       if /i +%Action%+==+L+  ( PSShutdown \\%%c -o
      ) else (  SHUTDOWN -m \\%%c -%Action% -f -t 30 )
)
Goto EndScript
:ShowErr
Echo "C:\Computers.txt" file does not exist or file is empty!
:EndScript
ENDLOCAL
:: SCRIPT END

Hope this helps..
I do the same thing in my office every day.I got this from an expert in EE>.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20293534
...two options

a) http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/566.mspx?mfr=true

b) you use sysinternals package - psshutdown - to log them off, much nicer tool than batching (in my eyes)
0
 

Author Comment

by:colmisdiv
ID: 20321182
I'm not familiar with the tool and am terrible at scripting. What syntax would i use to log off all computers in my domain?
0
 
LVL 11

Expert Comment

by:bsharath
ID: 20325111
Use the script as it is as the Action is set to L (Logoff)
You need to change this
set Action=L
to any othe if you want
0
 
LVL 11

Expert Comment

by:bsharath
ID: 20341896
Did any of the solutions help getting what you wanted...
0
 

Author Comment

by:colmisdiv
ID: 20374872
bsharath - I've been out a few days. Sorry it took so long to get back. I don't have the recources to go to every machine and put in this script. I am looking to administer from the domain controller.
0
 

Author Comment

by:colmisdiv
ID: 20374892
Jay Jay 70- Waiting for response. Psshutdown Tool - I'm not familiar with the tool and am terrible at scripting. What syntax would i use to log off all computers in my domain from the domain controller.
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 20377916
im no good at scripting,. i make it up as i go....syntax is here
http://www.ss64.com/nt/psshutdown.html
0
 
LVL 11

Expert Comment

by:bsharath
ID: 20379492
Hi,

If scripting is fine with you then just put in the machine names in the computers.txt file then run it from a machine which has Administrative rights then all machines in the txt file will be logged off...
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
LDAPS Server 2012 R2 Error 0 6 60
Exchange Server 2013 Message Tracking log Powershell ? 11 85
Export AD group members. 1 28
ADFS MSIS7065 error 8 15
This article runs through the process of deploying a single EXE application selectively to a group of user.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question