Solved

Powershell

Posted on 2016-07-21
13
20 Views
Last Modified: 2016-07-31
Hi All,

This is a compliance issue where we need to track each and every time the user has a logon/logoff, and know the date and time.

Can I have a script whaich can be deployed through appsense instead GPO.
0
Comment
Question by:Techie solution
  • 7
  • 6
13 Comments
 
LVL 8

Expert Comment

by:James Rankin
Comment Utility
0
 

Author Comment

by:Techie solution
Comment Utility
There is no ~Custom key , what should I do now
0
 
LVL 8

Expert Comment

by:James Rankin
Comment Utility
The custom key is just an area where you write the value. Create or change it as appropriate for your environment - create it with a group policy preference if necessary.
0
 

Author Comment

by:Techie solution
Comment Utility
I dont want to include registry . I need to save the login and logoff user computername and date and time in one file.
0
 
LVL 8

Expert Comment

by:James Rankin
Comment Utility
Ok, just write the data to a file instead of to the registry using Out-File or similar cmdlet
0
 
LVL 8

Expert Comment

by:James Rankin
Comment Utility
Although that script I linked to does actually write out to a file when the user logs out
0
Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

 

Author Comment

by:Techie solution
Comment Utility
Created the powershell script , working for domain admins but not for domain users.
Please help.
0
 
LVL 8

Expert Comment

by:James Rankin
Comment Utility
Can you post the script you are using? Sounds like it is trying to write to HKLM or a restricted filesystem area
0
 

Accepted Solution

by:
Techie solution earned 0 total points
Comment Utility
$LogPath = "\\X-syslog-01\D$\Logs\LogIn.log"
   
If(!(Test-Path -Path $LogPath)){
    New-Item -Path $LogPath -Value "" -ItemType File  
}
   
$LogValue = "Log In User:"+$env:username+",Time:"+(Get-Date).ToString()+",Machine:"+$env:computername
   
Add-Content -Path $LogPath -Value $LogValue
Add-Content -Path $LogPath -Value "*********************"
   



$LogPath = "\\X-syslog-01\D$\Logs\LogOff.log"
   
If(!(Test-Path -Path $LogPath)){
    New-Item -Path $LogPath -Value "" -ItemType File  
}
   
$LogValue = "Log Off User:"+$env:username+",Time:"+(Get-Date).ToString()+",Machine:"+$env:computername
   
Add-Content -Path $LogPath -Value $LogValue
Add-Content -Path $LogPath -Value "*********************"
0
 
LVL 8

Expert Comment

by:James Rankin
Comment Utility
The problem is the D ( dollar) share in your log file path is only accessible to administrators. Use a different share , you could simply share the d: drive again under a different share name and use that.
0
 

Author Comment

by:Techie solution
Comment Utility
what do you mean i am unable to get you.
0
 
LVL 8

Assisted Solution

by:James Rankin
James Rankin earned 500 total points
Comment Utility
This is your log path - $LogPath = "\\X-syslog-01\D$\Logs\LogIn.log"

The "d$" share is a hidden share which is only accessible to local Administrators. Therefore the log can only be written by a user with admin rights, hence why it is not working. The second log file path also traverses the d$ share.

Share the D: drive again, this time giving it a different name (for instance "D" instead). Allow Users Read/Write access to the share. Update the log file to $LogPath = "\\X-syslog-01\D\Logs\LogIn.log" This should now work for everyone.

There are security issues possibly attached - you may want to consider a separate file share with no sensitive information underneath, but this should get you going.
0
 

Author Closing Comment

by:Techie solution
Comment Utility
I wrote the code.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Synchronize a new Active Directory domain with an existing Office 365 tenant
Will try to explain how to use the VMware feature TAGs in the VMs and create Veeam Backup Jobs using TAGs. Since this article is too long, I will create second article for the Veeam tasks.
Teach the user how to use create log bundles for vCenter Server or ESXi hosts Open vSphere Web Client: Generate vCenter Server and ESXi host log bundle:  Open vCenter Server Appliance Web Management interface and generate log bundle: Open vCenter Se…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now