Terminating a local user session

TheMSsForum.com: The Microsoft Software Forum

I've been wondering: is there a way to force a user to automatically logoff
in the nights?. Or: is there a way to terminate a local connection at the
end of the day? . I've had problems with a user that leaves the computer all
night long downloading stuff from P2P networks. I''m using SBS2000 and the
client computer is running W2K Pro. Thanks for any advise.
Top

Re: Terminating a local user session by Jim

Jim
Fri Mar 04 08:58:54 CST 2005

I think you can make groups and use them in ISA for hours of use. I do
not know if ISA will kill an active connection though. I think in AD
there is some similar setting.

You can also ban sites in ISA. That is probably not a great option if
they keep finding new sites to go to. Set up ISA to create nightly
reports which includes users and sites visited. You can start to block
things. I have blocked mp3 downloads at one account and no one
complained. I also blocked some gaming sites and no one complained.

"Víctor Chaves" <victor_a_chaves@hotmail.com> wrote:

>I've been wondering: is there a way to force a user to automatically logoff
>in the nights?. Or: is there a way to terminate a local connection at the
>end of the day? . I've had problems with a user that leaves the computer all
>night long downloading stuff from P2P networks. I''m using SBS2000 and the
>client computer is running W2K Pro. Thanks for any advise.
>
>

Jim B. SBS MVP
Top

Re: Terminating a local user session by Dave

Dave
Fri Mar 04 10:08:32 CST 2005

A lot of P2P stuff is a huge risk to your network, not to mention the
possibility of having some enforcement organization show up at your door.
IMO this issue is more personnel than technology - in my office, it's a
question of whether or not we'd give the guy a written warning before firing
him, or just boot him out the door immediately.

You can set logon hours on the Account tab in AD Users and Computers. Then
in the default domain policy, under Security Options, there's a GPO to force
logoff when the hours expire. I'd test this first, and remember you may be
preventing the user from working OT or at some unusual time when you need
him or her there.


"Víctor Chaves" <victor_a_chaves@hotmail.com> wrote in message
news:%236RQCKMIFHA.576@TK2MSFTNGP15.phx.gbl...
> I've been wondering: is there a way to force a user to automatically
> logoff
> in the nights?. Or: is there a way to terminate a local connection at the
> end of the day? . I've had problems with a user that leaves the computer
> all
> night long downloading stuff from P2P networks. I''m using SBS2000 and the
> client computer is running W2K Pro. Thanks for any advise.
>
>
>


Top

Re: Terminating a local user session by Dave

Dave
Fri Mar 04 10:34:15 CST 2005

A useful, but limited way of preventing use of programs using group
policy...

Setting:
Don't run specified Windows applications
Setting Path:
User Configuration/Administrative Templates/System
Supported On:
At least Microsoft Windows 2000
Explanation
Prevents Windows from running the programs you specify in this setting.

If you enable this setting, users cannot run programs that you add to the
list of disallowed applications.

This setting only prevents users from running programs that are started by
the Windows Explorer process. It does not prevent users from running
programs, such as Task Manager, that are started by the system process or by
other processes. Also, if you permit users to gain access to the command
prompt, Cmd.exe, this setting does not prevent them from starting programs
in the command window that they are not permitted to start by using Windows
Explorer. Note: To create a list of disallowed applications, click Show,
click Add, and then enter the application executable name (e.g.,
Winword.exe, Poledit.exe, Powerpnt.exe).

DS


"Dave Nickason [SBS MVP]" <gwdibble@NOSPAM.frontiernet.net> wrote in message
news:OGjSrRNIFHA.2456@TK2MSFTNGP09.phx.gbl...
>A lot of P2P stuff is a huge risk to your network, not to mention the
>possibility of having some enforcement organization show up at your door.
>IMO this issue is more personnel than technology - in my office, it's a
>question of whether or not we'd give the guy a written warning before
>firing him, or just boot him out the door immediately.
>
> You can set logon hours on the Account tab in AD Users and Computers.
> Then in the default domain policy, under Security Options, there's a GPO
> to force logoff when the hours expire. I'd test this first, and remember
> you may be preventing the user from working OT or at some unusual time
> when you need him or her there.
>
>
> "Víctor Chaves" <victor_a_chaves@hotmail.com> wrote in message
> news:%236RQCKMIFHA.576@TK2MSFTNGP15.phx.gbl...
>> I've been wondering: is there a way to force a user to automatically
>> logoff
>> in the nights?. Or: is there a way to terminate a local connection at the
>> end of the day? . I've had problems with a user that leaves the computer
>> all
>> night long downloading stuff from P2P networks. I''m using SBS2000 and
>> the
>> client computer is running W2K Pro. Thanks for any advise.
>>
>>
>>
>
>


Top

RE: Terminating a local user session by TonySu

TonySu
Sun Mar 06 10:43:07 CST 2005

Victor,
The other posts to date don't appear to address your question directly, and
your question is a valid concern because policies restricting access do not
automatically apply when the time changes.

You must logoff users to enforce your new policy and this can be done by
sending the NET LOGOFF/YES command. Full syntax instructions should be found
referencing the NET LOGOFF online help or on the Net.

HTH,
Tony



"Víctor Chaves" wrote:

> I've been wondering: is there a way to force a user to automatically logoff
> in the nights?. Or: is there a way to terminate a local connection at the
> end of the day? . I've had problems with a user that leaves the computer all
> night long downloading stuff from P2P networks. I''m using SBS2000 and the
> client computer is running W2K Pro. Thanks for any advise.
>
>
>
>
Top