Windows banner message which prompts for user input

Dear experts,

Unlike the traditional Windows banner message, we would like the users to enter the reason as why they are accessing, before logging-in to the machine. (Usually RDP in our environment). We want save the user input, their usernames and timestamp for auditing reasons. Is this possible? Please advise.

Thanks
RAM
jramprakashAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

NVITEnd-user supportCommented:
I don't know if you can capture the info before logon via the Windows screen. However, you can do so during the process after the logon dialog.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
bbaoIT ConsultantCommented:
a customise banner message is support by desigen once the corresponding GPO has been applied.

personally never heard about any custom text field could be added at logon as this process has been highly hardened due to security concerns. or in other words, a custom logon process is NOT supported by design. that's a feature of Windows Security.

anyway, i think you may do something, such as asking for a logon reason, when the user's startup script is running.
0
bbaoIT ConsultantCommented:
sorry for the typo:  it should be "is supported", not "is support", at the beginning of my comment above.
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

RobSampsonCommented:
We used to load a HTA at logon by placing a launching command in
HKLM\Sofware\Microsoft\Windows\CurrentVersions\RunOnce

but since Windows 7, the RunOnce key no longer executes for non-domain users.  You could of course place the HTA in the Run key, but there are very easy ways around it once you get Desktop access.

I don't think it's possible with the security model of Windows these days.  You are effectively requiring that custom code be run before a user access their desktop, and I don't think this is possible.

Rob.
0
RobSampsonCommented:
Thinking of another possible way.... Say you built a SQL database with the following fields:
session_id
username
sessiontime
reason
reasontime

I'm thinking that for the session_id maybe username_hostname_logontime should be unique enough. Then you could populate the first three values at login, and then have the script show an input box for the reason code. If the user enters a reason code, you run an update query against that session_id that populates the reason and reasontime fields.

If the user cancels it, you will have null fields, and can later ask them why they didn't enter a reason. If they leave the box on the screen, and enter it before they log off, you can ask them why they took so long to enter it, based on the difference between the two times.

Something like that would at least allow you to audit in some fashion.

Regards,

Rob.
0
jramprakashAuthor Commented:
Thank you very much for your input guys.

Now I understand its not possible to capture text input before the login screen. However, is it possible to  capture input after the login dialog and also restrict the desktop until they provide the input. Thank you very much again.
0
RobSampsonCommented:
>> and also restrict the desktop until they provide the input

Only on Windows XP (maybe Windows Vista, never tried it).  Windows 7 (and Vista?) do not allow normal users (but maybe you have all local admin users?!?!?!) to run programs from the RunOnce key.

There are very easy ways around this though, namely by pressing CTRL+SHIFT+ESCAPE to bring up the Task Manager, from where you can run any program you like.

Rob.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.