Individual user group policies in Windows 7 (stand-alone machine).

This may also work in Vista, but it’s only on 7 that I’ve been bothered by it. Anyway, to access individual user group policies in Windows 7, run cmd.exe as admin, start mmc from this dos box, the add the Group Policy snap in. Instead of accepting the default, click the “Browse” button and then choose the User tab. You then have access to a policy for every different user on the PC- quite useful if there are multiple admin accouns but you don’t want all admins to be equal!

Advertisements

Powershell to forcibly log a user off

Recently, a shared PC has been left logged in as a user which is not ideal. I wondered if there was anyway that powershell could get a user’s idle time, but after failing to find how to do this I decided to just do an enforced logoff after a set period (tho’ “(get-wmiobject win32_operatingsystem).Win32Shutdown(0)” is actually a normal logoff; (get-wmiobject win32_operatingsystem).Win32Shutdown(4) would be the forced version))

It’s harsh, but this script logs someone off after 2 hours, basically by keeping their login time as one variable then comparing it to a time variable that is updated every 30 seconds. It also stops some services, but bear in mind that for this bit to work you have to be running the script “As Administrator”. Fortunately, Windows task scheduler allows tasks to be run at logon and “As Administrator”.

===================

$atLogon = get-date -displayhint time

do {

$now = get-date -displayhint time
$difference = $now – $atLogon

if ($difference.minutes -eq 120)
{
#Define hub transport server
$smtp_server = “you-mail-server-your-domain.com”

#Define email sender and recipient
$sender = “Your Sender your.sender@yourdomain.com
$recipient = “Your Recipient your.recipient@yourdomain.com

#Define email subject and body
$msg_subject = “Some PC xxx”
$msg_body_text = “Some PC xxx has been logged off at $now”

#Send it
Send-MailMessage -to $sender -from $recipient -subject $msg_subject -body $msg_body_text -smtpserver $smtp_server

# Writing an event
$EventLog = New-Object System.Diagnostics.EventLog(‘Application’)
$EventLog.MachineName = “.”
$EventLog.Source = “your Event”
$EventLog.WriteEntry(“Now stopping SomeService”,”Information”, $EventID)

stop-service “SomeService” -force
start-service “SomeService”

(get-wmiobject win32_operatingsystem).Win32Shutdown(0)
}

if ($difference.minutes -eq 115)
{
$MsgBox = New-Object -ComObject wscript.shell
$MsgBox.Popup(“Reminder: you will be logged off in 5 minutes. Service “SomeService” will also be restarted.”)

}

if ($difference.minutes -eq 90)
{
$MsgBox = New-Object -ComObject wscript.shell
$MsgBox.Popup(“Reminder: you will be logged off in 30 minutes.”)
}

if ($difference.minutes -eq 60)
{
$MsgBox = New-Object -ComObject wscript.shell
$MsgBox.Popup(“Reminder: you will be logged off in 1 hour.”)
}

Start-Sleep -Seconds 30

} while ($true)

=================

Tesco value network monitor

Ok, this isn’t really a network monitor, but it is “free” ‘cos it’s written in powershell.

Essentially, it just loops using test-connection against a list servers (literally just a plaintext file, one server per line with no punctuation).

test-connection is easier than using powershell’s “Ping” command because actually, you need to latch onto errors which is hard in ping (example: “Destination host unreachable” is a valid ping response, not an error).

Also, you need to wrap left- and- right chevrons around the email addresses below, but I can’t type them because that’s HTML code…

=========

do {

get-content c:\Support\Scripts\server_list.txt | Foreach-Object {

$ComputerName=$_
$Result = test-connection $_ -Quiet

if ($Result -eq $False)
{
#Define hub transport server
$smtp_server = “you-mail-server-your-domain.com”

#Define email sender and recipient
$sender = “Your Sender your.sender@yourdomain.com
$recipient = “Your Recipient your.recipient@yourdomain.com

#Define email subject and body
$msg_subject = “Important! Server $ComputerName is not responding to ping requests”
$msg_body_text = “Server $ComputerName is not responding to a ping request. Please investigate urgently.”

#Send it
Send-MailMessage -to $recipient -from $sender -subject $msg_subject -body $msg_body_text -smtpserver $smtp_server
}

}

} while ($true)

====================

Not very sophisticated, but it will tell you if something has switched off/ rebooted accidentally (you can probably add process monitoring in but this wasn’t my intention).