fortypoundhead.com

Logoff User After Idle

Posted On 2017-09-27 by dwirch
Keywords:
Tags: Free Stuff General Blog 
Views: 690

Download Attachment


Recently, there was a request for our team to implement a new security requirement for workstations. Specifically, If a user remains logged in, but is idle for a specific period of time, that user should be logged out. 

After consulting the interwebs for a few minutes, all I could find were hacky solutions using vbscript, PowerShell, task scheduler, or screensavers that may or may not work. I don't need weird, chained together items. I just need something that works.

Concept

So, I cracked open my favorite Rapid Application Development (RAD) environment, and built something that fits the bill.  I had a few requirements, though.

  • No installation - I don't need a setup program, which makes deployment and update just a bit easier.
  • No dependencies - Deploying this program to any version of Windows should just work. No support libraries needed, not even .Net.
  • No interface - The program should run transparently to the user.
  • Configurable idle time -  Default to five minutes (300 seconds), but accept any number of seconds.

The program that I've put together meets all the criteria above. By utilizing API calls that are standard across the Windows product line, the program will run anywhere. Heck, it might even work in WINE, but I haven't tried it.

Further, no DLLs or other extras need to be distributed with it. No registering of random DLLs or any of that.

Usage

As mentioned, the program runs without dependencies. All you need to do is drop it in to a folder on a target machine. Or you could run it from a network share (it's small!), but I would recommend against that.

Next, you need to make sure the program runs at user logon. There are multiple ways to do this, but I've used Group Policy Objects (GPO) to get this done. In your Group Policy Management console, look for:

User Configuration \ Policies \Administrative Templates \ System \ Logon \ Run this programs at user logon

In the configuration of that policy, I've given the full path and filename for the executable, as it sits on the target system, like so:

c:\spdistro\scripts\SystemIdleCheck.exe 3600

You'll notice that in the example, I've configured the only command switch for the program. This switch is the idle time, in seconds. The example shows a value of 3600 seconds, or one hour. If no value is specified, a default value of 300 seconds (five minutes) is used.

Once again, there is no interface for the app, not even in the tray. The only indicator is the presence of the executable in Task Manager.

Warning

This program will forcefully log off the currently logged on user. It is possible for the user to lose anything they were working on that was not saved.

You have been warned.  Neither I nor anyone affiliated with this site is responsible for the use or misuse of this software.  It is provided free of charge, and there are no requirements for payment of any kind.

To Do

The only thing I have to add at the moment is logging. I'll be adding the capability of logging to the Windows event log. By using the event log, a standard central log aggregation service like Splunk or SCOM will be able to pick up on the idle logoff events, for audit purposes.

If anyone has any other ideas for things to add, I'm all ears.


About the Author

dwirch has posted a total of 181 articles.

You can find more information from dwirch by visiting http://www.derekwirch.com.


Comments On This Post

No comments on this post yet!


Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.

Or you can drop a note to the administrators if you're not sure where you should post.


Your IP address is:54.81.45.122

Before you can post, you need to prove you are human. If you log in, this test goes away.




Recent Forum Posts

Advanced search added
dwirch posted on September 23, 2017 at about 13:44 in Site News

Job Spammer: Gaurav Mehta - AgreeYa Solutions
dwirch posted on September 22, 2017 at about 10:35 in Spammers

Job Spammer: Prutha Siri - Javelin Systems
dwirch posted on September 10, 2017 at about 6:15 in Spammers

New security implemented
dwirch posted on September 7, 2017 at about 7:16 in Site News

Malicious IP Checker Companion Tool
dwirch posted on August 12, 2017 at about 20:24 in Site News

Job Spammer: Steve Adams
dwirch posted on August 8, 2017 at about 7:44 in Spammers