Remotely Shut W2K Down 1

[bluewhaleCA]

I am just guessing, but feel it logical for an admin to have a way to shut down a W2K workstation remotely built into the services... I can attach to the services of any domain PC, but can't see something which yells out " use me to shut this PC down ". We use VNC for the most part to allow me to log out/shut down PC's when users forget to do so, but occasionally VNC fails to function. PCAW is great, but I'm having to get authorization for that expense on a case by case basis.

Any thoughts on how to shut these security holes down with what Windows provides natively?


Many Thanks


Paul

 

[bcastner]

Free and part of their excellent PsTools:

http://www.sysinternals.com/ntw2k/freeware/psshutdown.shtml

 

[soaplover]

Have you tried in cmd prompt

shutdown -s -m \\computername

-s Shutdown the computer
-r Shutdown and restart the computer
-a Abort a system shutdown
-m \\computername Remote computer to shutdown/restart/abort



//Regards Soaplover

 

[bcastner]

Soap,

Not in Win2k.
There used to be a shutdown.exe in the Win2k SDK, but it was replaced by a .vbs script.

 

[soaplover]

You know best i guess ...

//Regards Soaplover

 

[bluewhaleCA]

Interesting. My post wasn't up for 8 minutes when the two of you had three posts up already.
And I thought *I* worked too much! <g>

Thank you both. I cringed in horror when I saw the tool BCastner suggested was from a small third party, even tho free. however they appear to offer their source code. ASSUMING ( don't say it ) someone actually reviewed it that means there are no surprises in store should I use it. Reminds me of the glory days of shareware, perhaps 10 years ago. These days, NOTHING free goes onto my work systems unless I know the authors home addresses, motheres maiden names, etc... I was at a SANS security conference two weeks ago and downloaded a hacking tool the instructor ( Excellent instructor, track 1 ) just mentioned.. I thought to check it with NAV before installing to my test bed... had three trojans in it.

You never know who you can trust...

Thanks again for the leads.

regrards

Paul

 

[soaplover]

So bluewhaleCA can try something like this vbScript ...

=========
'/\~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'|| SCRIPT LOGIC FLOW:
'|| Collects computername from user, calls function to ping the computername
'|| to determine if it is accessible, if not then display message and exit
'|| otherwise continue.
'|| Collects desired action to perform from the user, does error checking on
'|| the input to determine if it is acceptable, if not then display message
'|| and exit otherwise continue.
'|| Set variables and output messages based on the action chosen. Calls
'|| Win32Shutdown with the appropriate variable. Displays success message
'|| and exits
'||
'|| Uses WMI Win32Shutdown method from the Win32_OperatingSystem class
'|| to perform different logoff / powerdown / reboot functions
'||
'|| Testing found the following values to be effective on Win32Shutdown:
'|| Action decimal binary
'|| Logoff 0 0000
'|| Force Logoff 4 0100
'|| Reboot 2 0010
'|| Force Reboot 6 0110
'|| Powerdown 8 1000
'|| Force Powerdown 12 1100
'||
'|| Notice that the third bit from the right appears to be the &quot;FORCE&quot; bit.
'||
'|| A value of 1 will do a shutdown, ending at the &quot;It is safe to turn
'|| off your computer&quot; screen. I have no use for this and did not test it.
'||
'||
'||NOTES: - tested under Windows 2000 Pro. with ACPI compliant systems -
'|| SHOULD work under Windows NT4 without modification IF the
'|| system has compatible versions of WSH / WMI / VBscripting
'||
'||Logoff / Powerdown / Reboot:
'|| Does not work if a password protected screen saver is active or
'|| there is data to save. Either way the system waits for user input.
'||
'||Force Logoff / Force Powerdown / Force Reboot:
'|| Does not work if a password protected screen saver is active, will wait
'|| for user input. Otherwise will close open applications without saving data.
'||
'\/~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


'/\/\/\/\/\/\/\/\/\/\/\/\/\/\ start function /\/\/\/\/\/\/\/\/\/\/\/\/\/'\/\/\/\/\/\/\/\/\/\/\/\/\/\/\______________/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
function Ping(byval strName)
dim objFSO, objShell, objTempFile, objTS
dim sCommand, sReadLine
dim bReturn

set objShell = WScript.CreateObject(&quot;Wscript.Shell&quot
set objFSO = CreateObject(&quot;Scripting.FileSystemObject&quot

'Set default return value
bReturn = false

'Create command line to ping and save results to a temp file
sCommand = &quot;cmd /c ping.exe -n 3 -w 1000 &quot; & strName & &quot; > temp.txt&quot;

'Execute the command
objShell.run sCommand, 0, true

'Get the temp file
set objTempFile = objFSO.GetFile(&quot;temp.txt&quot
set objTS = objTempFile.OpenAsTextStream(1)

'Loop through the temp file to see if &quot;reply from&quot; is found,
'if it is then the ping was successful
do while objTs.AtEndOfStream <> true
sReadLine = objTs.ReadLine
if instr(lcase(sReadLine), &quot;reply from&quot > 0 then
bReturn = true
exit do
end if
loop

'Close temp file and release objects
objTS.close
objTempFile.delete
set objTS = nothing
set objTempFile = nothing
set objShell = nothing
set objFSO = nothing

'Return value
Ping = bReturn
end function
'/\/\/\/\/\/\/\/\/\/\/\/\/\/\ end function /\/\/\/\/\/\/\/\/\/\/\/\/\/'\/\/\/\/\/\/\/\/\/\/\/\/\/\/\______________/\/\/\/\/\/\/\/\/\/\/\/\/\/\/



'/\/\/\/\/\/\/\/\/\/\/\ Start Main body of script /\/\/\/\/\/\/\/\/\/\/\/'\/\/\/\/\/\/\/\/\/\/\/\_________________________/\/\/\/\/\/\/\/\/\/\/\/\/
'Get computer name to operate on
ComputerName=InputBox(&quot;Enter the Machine name of the computer&quot; & vbCRLF _
& &quot;you wish to Shutdown / Reboot / Logoff&quot;, _
&quot;Remote Shutdown / Reboot / Logoff&quot;, _
&quot;ComputerName&quot

'if Cancel selected - exit
If (ComputerName = &quot;&quot Then Wscript.Quit

'change the name to uppercase
ComputerName=UCase(ComputerName)

'ping the computername to see if it is accessible
bPingtest = ping(Computername)

If bPingtest = FALSE Then
y = msgbox (&quot;'&quot; & ComputerName & &quot;' is not accessible!&quot; & vbCRLF _
& &quot;It may be offline or turned off.&quot; & vbCRLF _
& &quot;Check the name for a typo.&quot; & vbCRLF, _
vbCritical, ComputerName & &quot; NOT RESPONDING&quot
Wscript.Quit
end IF

'Get the action desired
Action=InputBox( _
&quot;Select Action to perform on &quot; & ComputerName & vbCRLF & vbCRLF _
& &quot; 1 - Logoff&quot; & vbCRLF _
& &quot; 2 - Force Logoff ( NO SAVE )&quot; & vbCRLF _
& &quot; 3 - Powerdown&quot; & vbCRLF _
& &quot; 4 - Force Powerdown ( NO SAVE )&quot; & vbCRLF _
& &quot; 5 - Reboot&quot; & vbCRLF _
& &quot; 6 - Force Reboot ( NO SAVE )&quot; & vbCRLF & vbCRLF _
& &quot;NOTE:&quot; & vbCRLF _
& &quot; Using Force will close windows&quot; & vbCRLF _
& &quot; without saving changes!&quot;, _
&quot;Select action to perform on &quot; & ComputerName, &quot;&quot

'if Cancel selected - exit
If (Action = &quot;&quot Then Wscript.Quit

'error check input
If (INSTR(&quot;1234567&quot;,Action)=0) OR (Len(Action)>1) then
y = msgbox(&quot;Unacceptable input passed -- '&quot; & Action & &quot;'&quot;, _
vbOKOnly + vbCritical, &quot;That was SOME bad input!&quot
Wscript.Quit
end if

' set flag to disallow action unless proper input is achieved, 1 => go 0 => nogo
flag = 0

'set variables according to computername and action
Select Case Action
Case 1 'Logoff
x = 0
strAction = &quot;Logoff sent to &quot; & ComputerName
flag = 1
Case 2 'Force Logoff
x = 4
strAction = &quot;Force Logoff sent to &quot; & ComputerName
flag = 1
Case 3 'Powerdown
x = 8
strAction = &quot;Powerdown sent to &quot; & ComputerName
flag = 1
Case 4 'Force Powerdown
x = 12
strAction = &quot;Force Powerdown sent to &quot; & ComputerName
flag = 1
Case 5 'Reboot
x = 2
strAction = &quot;Reboot sent to &quot; & ComputerName
flag = 1
Case 6 'Force Reboot
x = 6
strAction = &quot;Force Reboot sent to &quot; & ComputerName
flag = 1
Case 7 'Test dialog boxes
y = msgbox(&quot;Test complete&quot;, vbOKOnly + vbInformation, &quot;Dialog Box Test Complete&quot
flag = 0
Case Else 'Default -- should never happen
y = msgbox(&quot;Error occurred in passing parameters.&quot; _
& vbCRLF & &quot; Passed '&quot; & Action & &quot;'&quot;, _
vbOKOnly + vbCritical, &quot;PARAMETER ERROR&quot
flag = 0
End Select

'check flag
' if equal 1 (TRUE) then perform Win32Shutdown action on remote PC
' and display a confirmation message
' if not equal 1 (FALSE) then skip the action and script ends
if flag then
Set OpSysSet=GetObject(&quot;winmgmts:{(Debug,RemoteShutdown)}//&quot; _
& ComputerName & &quot;/root/cimv2&quot.ExecQuery( _
&quot;Select * from Win32_OperatingSystem where Primary=true&quot
for each OpSys in OpSysSet
OpSys.Win32Shutdown(x)
y = msgbox(strAction,vbOKOnly + vbInformation,&quot;Mission Accomplished&quot
next
end If

'Release objects
set OpSys = nothing
set OpSysSet = nothing
'|| SCRIPT END:

//Regards Soaplover

 

[FaiTHLeSS]

You can get the shutdown.exe from the windows 2000 resource kit.

 

[soaplover]

Script is nice though giving a gui to enter computername and shutdown option .

//Regards Soaplover

 

[FaiTHLeSS]

Yeah the shutdown.exe from resource kit gives you and gui inferface as well being used from command line. They have updated the shutdown.exe in windows 2003 server adding a few extra switches you can use to it. If i remember correctly think the shutdown.exe is in windows xp to by default to.

 

[bcastner]

BlueWhale,

Sysinternals is the essentially freeware site of Winternals, which sells several popular commercial applications, including ERD Commander and their NTFS-DOS package.

Read a little bit about them on their site. As they note, their utilities are directly referenced in 31 MS KB articles.

 

[bluewhaleCA]

Bcastner:

I just visited their site. Looks good. I've got to dig a little tho: two EE's ( with imunity from prosecution if I were to complain about it ) often turn off remote monitoring software. Great to avoid being 'spied' upon, but causes problem at 10 PM when I want to log them out.

Thanks again for the help.


Paul

 

[bluewhaleCA]

Another thought from a different on line forum which is built in, tho probably not as flexible as those mentioned above. This reminds me I need to take the time to push the buttons I never use in Windows various versions to see what they do (-:

Paul

*******************************

Try this out:

Right-click My Computer and select Manage.
On the Action menu, press Connect to another computer...
Double-click a computer in the list.
Right-click Computer Management ('server-name') and press Properties.
On the Advanced tab, press Startup and Recovery settings.
Press the Shut Down button.
Select an Action:
Log off Current User
Shut Down
Restart
Power down
Select a Force Apps Closed action and press OK.

I know a few other tricks if this doesn't work...

 

[bcastner]

blue,

That works too, just a little tough to do a batch file with.

 

[wolluf]

Paul - that's an interesting feature - I've been in there before, but never noticed the shut down option!

 

[kevinnaomi]

Can someone help.

I am using the shutdown.exe seems to shutdown the PC.
However, although it shuts down the PC, it doesn`t fully shutdown and the "you can turn off power now" type message appears. Is there some way to stop this from happening?

 

[bcastner]

http://support.microsoft.com/default.aspx?scid=kb;en-us;810903

 

[kevinnaomi]

Thanks,

But I found that the PSTools shutdown utility works great.