Abraham Deutsch
asked on
Set a tablet to email a picture at a event
We have a kiosk tablet [Microsoft surface] when the application is running there is no way out of the application without a password so access is restricted to the OS, but there is a loophole if you attach a keyboard and press the Windows key. Is there a way to set up that if the tablet detects a UBS being connected it should email me a picture?
I created a task schedule as following
Tasktrigger: on event, Log: Microsoft-Windows-Kernel-P
But when I set @ action send email I get the following error
The task definition uses a deprecated feature, based on what I see on the internet this will not work and the workaround is to run a script I tried 3 different scripts but none worked see attached.
Also this will only send me a notification but not snap a photo, I need to know who it was that violated the company policy.
script.ps1
Sendemail.ps1
tssendemail.ps1
I created a task schedule as following
Tasktrigger: on event, Log: Microsoft-Windows-Kernel-P
But when I set @ action send email I get the following error
The task definition uses a deprecated feature, based on what I see on the internet this will not work and the workaround is to run a script I tried 3 different scripts but none worked see attached.
Also this will only send me a notification but not snap a photo, I need to know who it was that violated the company policy.
script.ps1
Sendemail.ps1
tssendemail.ps1
ASKER
1-The script should send a email thet a USB was connected,
2- when using a script I would use start a program [powershell] instead of sand a email.
3- when I use the option of start a program it will not give me any error, just not send a email, the script may not be correct, therefore I attached it
4- I did not google for a script to take a photo, since I failed with the script to send a email, i thought let me ask a expert.
2- when using a script I would use start a program [powershell] instead of sand a email.
3- when I use the option of start a program it will not give me any error, just not send a email, the script may not be correct, therefore I attached it
4- I did not google for a script to take a photo, since I failed with the script to send a email, i thought let me ask a expert.
While this is not a direct answer to your question let me address the underlying problem. I wonder if you would rather lock it down further.
1. Have you considered disabling the USB port altogether? (Group policy I believe)
2. Disable the Windows Key? https://www.thewindowsclub.com/how-to-disable-the-windows-key-in-the-keyboard-to-improve-gaming-experience
1. Have you considered disabling the USB port altogether? (Group policy I believe)
2. Disable the Windows Key? https://www.thewindowsclub.com/how-to-disable-the-windows-key-in-the-keyboard-to-improve-gaming-experience
Execute the script using the same account as set in the task and share the error. We cannot do that for you.
ASKER
This issue I face with disabling USB is that is connects to the network via USB,
disabling the windows key is a good idea I will double check if this is the only key that will give access to the OS
@McKnife I am not sure what you are Recommending, if you don't mind to give little more explanation
disabling the windows key is a good idea I will double check if this is the only key that will give access to the OS
@McKnife I am not sure what you are Recommending, if you don't mind to give little more explanation
If USB is only used for a USB network device, you should be helped by disabling installations of removable devices. See https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc753539(v=ws.10)
The network device should be excluded already since it is already installed.
The network device should be excluded already since it is already installed.
ASKER
A keyboard requires installation? (I think only a device, maybe also a wireless keyboard)
Yes, all devices do. They use generic drivers, mostly. but still, there is always an installation process.
ASKER
I ended up writing a scrip which I know works, because when I run the task manually it worked but the trigger does not seem to work, when I connect a USB device nothing happens
[Tasktrigger: on event, Log: Microsoft-Windows-Kernel-P
[Tasktrigger: on event, Log: Microsoft-Windows-Kernel-P
See the history tab in task scheduler. It will indicate whether the task tried to start or not.
ASKER
Did not start, What I noticed I tried a USB stick and it did work, [did not try a second time once the drive is already installed]
Could it be that the event will only occur when a device is installed the first time and not afterwards? When I used this trigger, I triggered a task to uninstall the device again - that would explain why it worked subsequently for me.
I can only again recommend to use the aforementioned GPO against removable devices. Tried it, yet? So easy.
I can only again recommend to use the aforementioned GPO against removable devices. Tried it, yet? So easy.
ASKER
Do you mean to block installing new USB with gp? wouldn't this have the same issue that once the device was already connected it will no longer need to install a driver?
I still come back to the disabling the keys. Here is a program that reportedly could help, but I don't know if it would interfere with your program.
https://www.rollingdata.com/Downloads/Details/ChildLock.asp (Disclaimer: I have not vetted nor used this program before, so no idea if it is a safe program or not.)
I haven't had to lock down a kiosk app in awhile. Back in early 2000s, (win9x/win2000) I wrote a kiosk app and got it to stop the errant keys by having the app tell the system that it was the running screen saver. I know that doesn't work anymore, but I wanted to let you know I have had some experience locking down a computer as well in the past.
Other options would include physically obstructing the USB port(s). If you can't screw or glue an appropriate obstruction, you could put in a tiny USB flash drive in the port and if it gets removed, take the picture at the point of removal at point as you know you can trigger on that.
The picture approach does have a flaw. Because if I was going to try to remove or insert something, I would cover the camera first.
https://www.rollingdata.com/Downloads/Details/ChildLock.asp (Disclaimer: I have not vetted nor used this program before, so no idea if it is a safe program or not.)
I haven't had to lock down a kiosk app in awhile. Back in early 2000s, (win9x/win2000) I wrote a kiosk app and got it to stop the errant keys by having the app tell the system that it was the running screen saver. I know that doesn't work anymore, but I wanted to let you know I have had some experience locking down a computer as well in the past.
Other options would include physically obstructing the USB port(s). If you can't screw or glue an appropriate obstruction, you could put in a tiny USB flash drive in the port and if it gets removed, take the picture at the point of removal at point as you know you can trigger on that.
The picture approach does have a flaw. Because if I was going to try to remove or insert something, I would cover the camera first.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@Kent I tried to disable the Windows Key as described in the article but this only disable some functions of the window key but it will still bring up the start menu.
@McKnife I found it surprising that with every new keyboard window installs a driver, but I've tested it and it works. Thank you for your help
@McKnife I found it surprising that with every new keyboard window installs a driver, but I've tested it and it works. Thank you for your help
1 what script will send? Since you have already googled one, we need the error message. Execute the script using the same account as set in the task
2 what script will use the webcam to take a photo and save it? Again, this will be quickly googled - did you try?