• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 316
  • Last Modified:

How to disable shutdown -i via group policy

We've been having an issue where computers have been logged off or shutdown randomly. I thought it might be shutdown - i but command prompt is disabled. However, we figured out that a student was using visual pro to open command prompt then do a shutdown -i command to remotely mess with machines.

I see there's a way to disable remote shut off via the local security policy, but I haven't been able to locate it in gp.
Thanks for your help!
0
PapaSmurff
Asked:
PapaSmurff
  • 6
  • 6
1 Solution
 
Donald StewartNetwork AdministratorCommented:
It's under  User Configuration > Administrative Templates > Start Menu & Taskbar > Remove And Prevent Access To Shut Down Command.
0
 
RizzleCommented:
Try disabling access to the command prompt via Group Policy.

This is located under User Configuration\Administrative Templates\System

Does the student have any elevated privileges?
0
 
PapaSmurffAuthor Commented:
Dstewartjr - that will remove shutdown from the Start menu. I don't want the shutdown -i command to run.

Command Prompt is disabled via group policy. The students are apparently able to get into a visual pro command prompt and then run the: shutdown - i command

Students are pretty locked down.
Thanks.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
RizzleCommented:
Hi,

Another way to stop a user/student shutting down a machine remotely would be to amend the Security Policy (User Rights Assignment) via GPO to only enable certain people to shutdown machines.

Mylocalsecpol
Then when you have found the option double click on it and remove yourdomain.co.uk\user-name or user
0
 
PapaSmurffAuthor Commented:
Thanks Roshan Ejaz. Not familiar with how to set that up. Can you provide any helpful links?
Thanks again!
0
 
RizzleCommented:
Hopefully this link can help you

http://technet.microsoft.com/en-us/library/dd277307.aspx

If it doesn't help let me know and i will post a step by step on how to do it in my test lab.
0
 
PapaSmurffAuthor Commented:
Thanks again Roshan Ejaz.  I don't know where to start with that link.. Yeah a step by step would be great!
0
 
RizzleCommented:
Log onto the Domain Controller as an administrator/Domain Admin > Open Group Policy Management Console > Ensure the machines which you don't want to be shut down are located within a different OU > Create a new policy and link it here > Open Computer Config > Windows Settings > Security Settings > User Rights Assignment > Select the option Shut Down the system > Activate this policy and then put in there who you want to allow the shut down the system right to.

Once applied restart the target PC, log on as a standard user to test and see if you can shutdown the machine.

I'm not sure about the log off option because I think that would be the minimal required. Lets cross that bridge when we come to it.
0
 
PapaSmurffAuthor Commented:
My apologies its been a crazy week. I'll try this and respond when I get a chance to test it out. Thanks a lot!
0
 
RizzleCommented:
No problem :)
0
 
PapaSmurffAuthor Commented:
Hey Roshan,
 I attempted this this morning, however, I couldn't locate "user rights assignment" in gp. Also, is seems then students wouldn't be able to shutdown any machines. I would like to disable the remote shutdown feature.
Thanks,
Ron
0
 
RizzleCommented:
the only way to disable remote shutdown would be to ensure they don't have access to shutdown machines, this is defined in the User Rights Assignments.

Below is a screenshot of my test lab with the policy highlighted.

Also this will ensure only certain people can shutdown the systems you apply the policy to.

User Rights Assignment
0
 
PapaSmurffAuthor Commented:
Thanks Roshan. Unfortunately, I'm not going to block access for a local shutdown. Kinda surprised there isn't a remote shutdown option. Thanks again, Ron
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 6
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now