Log users off when group policies do not apply

From Wiki

Jump to:navigation, search

Creator: FN-GreaterManchester

Script Language: VBS

Type: Logon (please read notes)

Have any of your students tried to by-pass the group polices by unplugging the network cable during logon? If so I have the answer.

This script basically detects if the wallpaper has loaded. In my setup we set wallpapers via group policy so if the wallpaper fails to apply the group policy hasn’t applied. Although you set login scripts via group policy you need to set this one in the local policy (or it will not run because the group policy hasn’t loaded)

If you don’t use wallpapers set via group policy this for your setup you may have to alter the script to suit your environment. Also our local user accounts for laptops are called “home” you may need to adapt for your environment.

This Startup script will copy the script to the local machine and load it into the local policy.

<vb> Dim objFSO, Set objFSO = CreateObject ("Scripting.FileSystemObject") Set SH = CreateObject("WScript.Shell")

'Check for GPO Checking

sub gpocheckprogram on error resume next If Not objFSO.FileExists("C:\Program Files \gpochecking.vbs") Then

  call copygpocheckprogram

End If

'Copy GPO Checking

sub copygpocheckprogram on error resume next objFSO.CopyFile "\\server\NETLOGON\gpochecking.vbs", " C:\Program Files \gpochecking.vbs" SH.RegWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GPOCheckingProgram"," C:\Program Files \gpochecking.vbs","REG_SZ" End Sub</vb>

This is the VBS code that lives in the NETLOGON folder <vb>On Error Resume Next

Dim objShell, strRegKey, objNetwork, strUserName

Set objNetwork = CreateObject("WScript.Network") Set objShell = CreateObject("WScript.Shell")

strRegKey = lcase(objShell.RegRead("HKCU\Software\Microsoft\Windows\CurrentVersion\policies\system\wallpaper")) strUserName = lcase(objNetwork.UserName)

If strRegKey = "" Then If strUserName <> "administrator" AND strUserName <> "home" Then call gpocheck End If End If

WScript.Quit

'**

sub gpocheck objShell.Popup "The system has detected an invalid logon attempt and will now log off", 5 strComputer = "." Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2") Set colItems = objWMIService.ExecQuery("Select * from Win32_OperatingSystem")

       	For Each objItem in colItems
         		objItem.Win32Shutdown(4)
       	Next

end sub wsprofiler<\vb>