Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Disabling the shutdown option on desktop workstations through GPO in AD.

Posted on 2008-10-22
9
Medium Priority
?
266 Views
Last Modified: 2012-05-05
I have searched and haven't found an option that does what I need to do.  Basically I need to disable the shutdown function of all desktop workstations (I have highlighted the OU in the picture below) so that I make sure users don't shut down thier computers at night so that nightly mandatory virii scans can kick off and complete.

Thanks in advance for you help.
desktop.ou.jpg
0
Comment
Question by:corphealth
  • 4
  • 3
  • 2
9 Comments
 
LVL 2

Expert Comment

by:calepantke
ID: 22777754
Apply this setting through GPOs for that particular OU.

User, Administrative Templates, Start Menu and Taskbar, Remove and prevent access to the Shut Down command (enable)

0
 
LVL 8

Expert Comment

by:mikainz
ID: 22777812
you'd better try to implement some wake on lan scripts before scanning the machines.
The GPO prevents from shutdown via UI, but what about pressing the OFF button at the PC ?
0
 

Author Comment

by:corphealth
ID: 22777913
"Apply this setting through GPOs for that particular OU.

User, Administrative Templates, Start Menu and Taskbar, Remove and prevent access to the Shut Down command (enable)"
Won't work? I want it on a per machine basis and not per user.  I don't want a user that uses a laptop to be affected by this.  For instance if i have a user that uses both a laptop and desktop, besides that OU that is highlighted makes only references to computers and not users, therefore it won't apply to any users.

Please advise me! =)
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 

Author Comment

by:corphealth
ID: 22777929

"you'd better try to implement some wake on lan scripts before scanning the machines.
The GPO prevents from shutdown via UI, but what about pressing the OFF button at the PC ?"

Good call, I will have to look into this after I sucesfully remove the shutdown option.
0
 
LVL 8

Expert Comment

by:mikainz
ID: 22778004
Why don't you just walk on to step 2 and implement the wake on lan and all your 'preventing shutdown' concerns a blown away?
0
 
LVL 2

Accepted Solution

by:
calepantke earned 2000 total points
ID: 22778128
" I don't want a user that uses a laptop to be affected by this. "
You only apply that setting to a GPO that applies to the Desktop OU.

"besides that OU that is highlighted makes only references to computers and not users, therefore it won't apply to any users."
You can turn on Loopback processing mode MERGE and it will apply the user settings.
0
 

Author Comment

by:corphealth
ID: 22778145
"Why don't you just walk on to step 2 and implement the wake on lan and all your 'preventing shutdown' concerns a blown away?"
Becuase that is not what I was told to do, That is not how we want to go about it at this time.  What I want to do is stated above.

Thanks
0
 
LVL 2

Expert Comment

by:calepantke
ID: 22784633
What I mentioned above should work just fine. Let me know when you try it out.
0
 

Author Closing Comment

by:corphealth
ID: 31508788
Thanks, it worked great.  Just as an extra, I wrote a vbscript for helpdesk (just to simplify the shutdown command for them) to use in case they need to reboot a remote users pc, has been working great, thanks for the help.  
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question