Solved

Disabling the shutdown option on desktop workstations through GPO in AD.

Posted on 2008-10-22
9
253 Views
Last Modified: 2012-05-05
I have searched and haven't found an option that does what I need to do.  Basically I need to disable the shutdown function of all desktop workstations (I have highlighted the OU in the picture below) so that I make sure users don't shut down thier computers at night so that nightly mandatory virii scans can kick off and complete.

Thanks in advance for you help.
desktop.ou.jpg
0
Comment
Question by:corphealth
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 2

Expert Comment

by:calepantke
ID: 22777754
Apply this setting through GPOs for that particular OU.

User, Administrative Templates, Start Menu and Taskbar, Remove and prevent access to the Shut Down command (enable)

0
 
LVL 8

Expert Comment

by:mikainz
ID: 22777812
you'd better try to implement some wake on lan scripts before scanning the machines.
The GPO prevents from shutdown via UI, but what about pressing the OFF button at the PC ?
0
 

Author Comment

by:corphealth
ID: 22777913
"Apply this setting through GPOs for that particular OU.

User, Administrative Templates, Start Menu and Taskbar, Remove and prevent access to the Shut Down command (enable)"
Won't work? I want it on a per machine basis and not per user.  I don't want a user that uses a laptop to be affected by this.  For instance if i have a user that uses both a laptop and desktop, besides that OU that is highlighted makes only references to computers and not users, therefore it won't apply to any users.

Please advise me! =)
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:corphealth
ID: 22777929

"you'd better try to implement some wake on lan scripts before scanning the machines.
The GPO prevents from shutdown via UI, but what about pressing the OFF button at the PC ?"

Good call, I will have to look into this after I sucesfully remove the shutdown option.
0
 
LVL 8

Expert Comment

by:mikainz
ID: 22778004
Why don't you just walk on to step 2 and implement the wake on lan and all your 'preventing shutdown' concerns a blown away?
0
 
LVL 2

Accepted Solution

by:
calepantke earned 500 total points
ID: 22778128
" I don't want a user that uses a laptop to be affected by this. "
You only apply that setting to a GPO that applies to the Desktop OU.

"besides that OU that is highlighted makes only references to computers and not users, therefore it won't apply to any users."
You can turn on Loopback processing mode MERGE and it will apply the user settings.
0
 

Author Comment

by:corphealth
ID: 22778145
"Why don't you just walk on to step 2 and implement the wake on lan and all your 'preventing shutdown' concerns a blown away?"
Becuase that is not what I was told to do, That is not how we want to go about it at this time.  What I want to do is stated above.

Thanks
0
 
LVL 2

Expert Comment

by:calepantke
ID: 22784633
What I mentioned above should work just fine. Let me know when you try it out.
0
 

Author Closing Comment

by:corphealth
ID: 31508788
Thanks, it worked great.  Just as an extra, I wrote a vbscript for helpdesk (just to simplify the shutdown command for them) to use in case they need to reboot a remote users pc, has been working great, thanks for the help.  
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question