Active Directory - Force users to log off

Hello everyone ,

 I need to force my AD users to log off their PC (Windows 7) at a certain time . The reason is that, when they log back on,  they need to get a GPO update which contains modified logon/logoff scripts. These scripts will point to a new Windows 2012 Storage Server , holding the company's  personal and departmental share drives

So in a nutshell , we will force everyone to logoff at 5:00 PM, move the files/folders from the old storage to the new one, modify the scripts to point to the new share , force a GPO policy. When they are back to work the script will point them to the same share drive letter but on a different hardware

I want to force this logoff process by OU (too many users to do the entire AD at once) .  I am looking for a tool/script solution to trigger this logoff at, let's say, 5:15 PM, however the trigger should not be automated

If someone did run into this kind of request before, please let me know how you solved it
Last but not least,  my AD is a mixture of W2K3 and Windows 2008  Domain Controllers  (just upgrade DC root to 2008)

Thank you in advance for your help
Who is Participating?
I'm not sure what you mean by "the trigger should not be automated".  The way I see it, either there's a trigger that when tripped kicks off the process automatically, or there's no trigger and the process has to be kicked off manually.

Here's something more in the vein of a manual process.  It's a short PowerShell script that communicates via DCOM (WMI).  Of course, anything like this relies on your DNS records being correct.  The "4" means to force logoff.  Specifying a "0" would do a logoff, but not forced.
Import-Module ActiveDirectory
Get-ADComputer -Filter * -Searchbase 'OU=SubOU,OU=TopLevelOU,DC=DOMAIN,DC=LOCAL' | Select -expand name | % { (Get-WmiObject Win32_operatingsystem -ComputerName $_).win32shutdown(4) | Out-Null }

Open in new window

R. Toby RichardsNetwork AdministratorCommented:
You can do this with Power Shell. I don't know if Windows XP has the shutdown command. Also, you have to run the script against an OU of computers not an OU of users.

foreach ($COMPUTER in $(Get-ADComputer -Filter * -Searchbase 'OU=SubOU,OU=TopLevelOU,DC=DOMAIN,DC=LOCAL')){
        write-host "Connecting to $($COMPUTER.Name)"
        Invoke-Command $COMPUTER.Name {shutdown /F /L}

shutdown /F (Force) /L (Log Off)
Paul MacDonaldDirector, Information SystemsCommented:
You can set up a Group Policy that forces users to log off after a certain time.
BibecuAuthor Commented:
Both footech and paulmacd solutions work, thank you very much .  
I have chosen footech to be the best solution because by running the script I can trigger the log off process manually anytime I want

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.