WinXP AutoShutdown QuickGuide
Configuring nightly workstation shutdowns.
Windows XP Professional
Microsoft Windows XP includes a built-in “shutdown.exe” utility located within the System32 directory. Using Shutdown.exe allows you to initiate an immediate remote or local shutdown, or to schedule a shutdown at a particular time. This utility is especially helpful in a situation where you may not wish to leave the workstation powered on and vulnerable to overnight hacker attempts.
I. Create a Batch File…
The easiest way to use the Shutdown utility, and to provide for future flexibility, is to create a batch file that can then be scheduled to run at the allotted time. Within this batch file the command for the utility may be entered, as well as any additional commands that may need to be run before shutting down the machine (just in case). Place this batch file on the local hard drive within the “C:\Windows\System32” directory of the machine (network space will not work as it needs to be accessible when there are no users logged in).
Sample batch file…
REM This file is scheduled to run nightly to turn off any machines still powered on.
shutdown.exe /s /f /t 300 /c "NIGHTLY SHUTDOWN... Please save any open files and close any running applications. To continue using this machine, turn it back on after it has finished powering off." /d p:4:1
Do not manually wrap the text in the actual batch file.
The sample batch file shown above will first display the alert window shown in Figure 1 in order to notify anyone that may still be logged in. It will then count down for 300 seconds (5 minutes) prior to shutting down the system, forcing the termination of any open applications (potential data loss).
To obtain a complete list of switches and the correct syntax for the Shutdown.exe utility, first open the Help and Support Center on a Windows XP Professional machine. Within the search field in the upper left corner, search for “shutdown.exe”. From within the results returned on the search select the “Shutdown” Full-text Search Match. This will display the help file containing various switches and syntax examples.
II. Create a Local Shutdown Account…
In order to use the shutdown utility, the account executing the command must be a member of the local Administrators group on the machine (this permission level may be addressed in future service packs – see Microsoft Knowledge Base Article 814761).
To help prevent attempts at unauthorized access using the built-in Administrator account it is suggested that a local account be created called “AutoShutdown”, and a strong password be associated with it (you will need to remember this password). When creating this new generic local account be sure to check the boxes labeled “User cannot change password” and “Password never expires”, and then add the account to the local Administrators group on the machine.
Using this generic “AutoShutdown” account will help keep any built-in renamed Administrator account names hidden from a standard user’s view (renaming the built-in Administrator account is also a suggested standard security practice).
After creating the “AutoShutdown” account, open the local group policy (gpedit.msc) and within the “User Rights Assignment” section, the account should be added to the “Deny access to this computer from the network” and “Deny logon through Terminal Services” settings to further help restrict unauthorized access.
III. Schedule a Task…
If the workstation that is being configured will be used as a clone (meaning it is going to have SysPrep run on it – such as when using Symantec Ghost), then the scheduled task that initiates the shutdown batch file must be configured after each workstation is cloned. This is because using Sysprep will remove all SIDs and their associations, thus corrupting any preconfigured scheduled tasks.
While it may be possible to change the service account that the task scheduler service runs under, this is not recommended because if the account’s password is changed, and it is not manually reentered for the service, than some of those services may stop functioning correctly. By default the Task Scheduler service runs under the LocalSystem account, which does not require a password, thus getting around the problem.
Task Scheduling: Method 1 (Manual Configuration)
Log in to each machine with administrator level privileges and execute the SCHTASKS command from the Run box, entering the desired settings (an example is shown below).
Sample SCHTASKS command…
C:\> schtasks /create /tn "NightlyTask" /tr TurnOff.cmd /sc daily /st 15:30:00 /ru AutoShutdown
The sample SCHTASKS command above will prompt for the coresponding account password, and then create a scheduled task called NightlyTask, which will run the TurnOff.cmd file located in the “C:\Windows\System32” directory (if the file is in another location the full path to the file must be entered). This task will run daily at 3:30 A.M. using the local AutoShutdown account.
If you are scheduling the task to be used with the logged in user’s credentials, then just omit the “/ru AutoShutdown” portion of the SCHTASKS command shown above. Please note that if the password associated with the username entered above is changed at a future date, then it must be changed for the Scheduled Task as well (use the Set Password button within the Scheduled Tasks applet).
Task Scheduling: Method 2 (Scripted Configuration)
A batch file script can be run by a local administrator of a workstation to change the AutoShutdown account password, and to automatically generate the nightly shutdown scheduled task. This could also be adjusted slightly in order to be entered into a login script, executing it with elevated administrative level priveleges.
@ECHO OFF
ECHO.
SET /P PW=Please enter the password to use (press Enter when finished):
SET AutoShutdownPW=%PW%*7$7*
CLS
ECHO Setting AutoShutdown password...
NET USER AutoShutdown %AutoShutdownPW%
ECHO.
ECHO.
ECHO Deleting any existing "NightlyTask" tasks...
schtasks /delete /tn "NightlyTask" /f
ECHO.
ECHO.
ECHO Creating the scheduled task...
schtasks /create /tn "NightlyTask" /tr TurnOff.bat /sc daily /st 15:30:00 /ru AutoShutdown /rp %AutoShutdownPW%
ECHO.
ECHO.
SET AutoShutdownPW=BlankOutExisting
PAUSE
EXIT
di comot dari : http://www2.uiowa.edu/clas/it/support/Windows/WinXP%20AutoShutdown%20QuickGuide.doc
No comments:
Post a Comment