I have scripted LimitLogonDefine.bat and LimitLogon.bat to limit the logon minutes of a specific user on a specific workstation.
NOTE: LimitLogon.bat uses PsShutdown.exe and PsLoggedOn.exe freeware, which must be located in a folder that is in your PATH.
NOTE: You can run these scripts on Windows 2000 if you:
- Install the Support Tools from the Windows CD-ROM.
- Implement Can I use the Windows XP command line scheduler in Windows 2000?
- Defines the user(s) and their logon limits by creating a HKEY_LOCAL_MACHINE\Software\LimitLogon\<User Logon Name> key
with the following Value Names:
Limit - contains the logon limit.
Minutes - contains the number of minutes used today.
Today - contains today's date. - Creates a LimitLogon account that is a member of the local Administrators group.
- Creates a LimitLogon Scheduled Task that starts when anyone logs on, and runs in the LimitLogon context.
The syntax for using LimitLogonDefine.bat is:
LimitLogonDefine A|D UserName1 Limit1 \[A|D UserName2 Limit2 ...\]
Where:
A Adds a user. D Deletes a user. UserNamei is the <User Logon Name> Limiti is the UserNamei logon limit in minutes.NOTE: When deleting a user, no Limiti should be specified.
LimitLogonDefine.bat contains:
@echo off setlocal if /i \{%1\} EQU \{A\} goto OK1 if /i \{%1\} EQU \{D\} goto OK1 :error @echo Syntax: LimitLogonDefine A^|D UserName1 Limit1 \[A^|D UserName2 Limit2 ...\] endlocal goto :EOF :OK1 if /i \{%1\} EQU \{D\} goto loop if \{%3\}\{\} goto error set work=%3 call :minutes>nul 2>&1 if "%work%" NEQ "%minute%" goto error :loop if \{%1\}
\{\} goto finish set code=%1 set user=%2 set work=%3 if /i "%code%" EQU "A" goto add if /i "%code%" EQU "D" goto del @echo Error %code% goto error :finish call :addLL>nul 2>&1 endlocal goto :EOF :addLL set OK=N for /f "Tokens=1,2*" %%a in ('net user LimitLogon^|FIND "User"^|FIND "LimitLogon"') Do ( set OK=Y ) if "%OK%" EQU "Y" goto :EOF net user LimitLogon LimitLogon /add net localgroup Administrators LimitLogon /add schtasks /Create /S \\%ComputerName% /U %ComputerName%\LimitLogon /P LimitLogon /RU LimitLogon /RP LimitLogon /SC ONLOGON /TN LimitLogon /TR %SystemRoot%\LimitLogon.bat goto :EOF :add set user=%user:"=% set work=%3 call :minutes>nul 2>&1 if "%work%" NEQ "%minute%" goto error call :adduser>nul 2>&1 shift shift shift goto loop :del set user=%user:"=% set OK=N for /f "Tokens=1" %%l in ('reg query "HKLM\Software\LimitLogon\%user%" /V Limit^|FIND "Limit"') do ( set OK=Y ) if "%OK%" EQU "N" @echo User not found&goto error call :deluser>nul 2>&1 shift shift goto loop :deluser reg delete "HKLM\Software\LimitLogon\%user%" /F goto :EOF :adduser reg add "HKLM\Software\LimitLogon\%user%" /V Limit /T REG_SZ /D %minute% /F reg add "HKLM\Software\LimitLogon\%user%" /V Today /T REG_SZ /D %DATE% /F reg add "HKLM\Software\LimitLogon\%user%" /V Minutes /T REG_SZ /D 0 /F goto :EOF :minutes set /a minute=1000%work%%%1000
LimitLogon.bat contains:
@echo off setlocal set /a loopsecs=121 set /a loopmins=(%loopsecs%) / 60 if %loopmins% LSS 1 set /a loopmins=1 if exist "%TEMP%\LimitLogon.log" del /q "%TEMP%\LimitLogon.log" for /f "Tokens=3* Delims=\" %%a in ('reg query HKLM\software\LimitLogon /s') do ( if "%%b" NEQ "" @echo %%b>>"%TEMP%\LimitLogon.log" ) :loop ping -n %loopsecs% 127.0.0.1>nul for /f "Tokens=1* Delims=\" %%a in ('psloggedon -l -x^|FINDSTR /I "%ComputerName% %USERDOMAIN%"^|FINDSTR /I /G:"%TEMP%\LimitLogon.log"') do ( call :testuser "%%a" "%%b" ) goto loop :testuser set dom=%1 set dom=%dom: =% set dom=%dom:" =% set dom=%dom:"=% if /i %2 EQU "LimitLogon" goto :EOF set user=%2 set user=%user:"=% call :getLimit>nul 2>&1 if "%OK%" EQU "N" goto :EOF for /f "Tokens=1,3" %%a in ('reg query "HKLM\Software\LimitLogon\%user%" /V Today^|FIND "Today"') do ( set Today=%%b ) for /f "Tokens=1,3" %%a in ('reg query "HKLM\Software\LimitLogon\%user%" /V Minutes^|FIND "Minutes"') do ( set /a Minutes=1000%%b%%1000 ) set /a elapse=0 If /i "%DATE%" NEQ "%Today%" call :ZMin>Nul 2>&1 set /a elapse=%Minutes% for /f "Tokens=1,2* Delims=:" %%i in ('@echo %TIME%') do ( set /a hour=100%%i%%100 set /a mins=100%%j%%100 set work1=%%k ) set work2=%work1:PM=% if "%work1%" NEQ "%work2%" set /a hour=%hour% + 12 set /a now=(%hour% * 60) + %mins% for /f "Tokens=1-3*" %%i in ('net user "%user%"^|FIND "Last"^|FIND "logon"') do ( set logonD=%%k set LogonT=%%l ) for /f "Tokens=1* Delims=: " %%i in ('@echo %LogonT%') do ( set /a logHours=100%%i%%100 set logMins=%%j ) set logMins=%logMins: =% set work=%logMins:AM=% if "%logMins%" NEQ "%work%" set /a logMins=100%work%%%100&goto elapsed set work=%logMins:PM=% if "%logMins%" EQU "%work%" set /a logMins=100%work%%%100&goto elapsed set /a logMins=100%work%%%100 set /a logHours=%logHours% + 12 :elapsed set /a since=(%logHours% * 60) + %logMins% set /a elapse=%elapse% + %now% - %since% :Upd call :ZMin>nul 2>&1 if %elapse% LSS %Limit% goto :monitor call :ZMin>nul 2>&1 net send "%user%" Your logon limit has expired. You have 2 minutes to save your work and log off. ping -n 121 127.0.0.1>nul PsShutdown -o -f goto loop :monitor ping -n %loopsecs% 127.0.0.1>nul set OK=N for /f "Tokens=*" %%a in ('psloggedon -l -x^|FINDSTR /I /L /C:"%dom%\%user%"') do ( set OK=Y ) If "%OK%" EQU "N" goto :EOF set /a elapse=%elapse% + %loopmins% goto :Upd :getLimit set OK=N for /f "Tokens=1,3" %%a in ('reg query "HKLM\Software\LimitLogon\%user%" /V Limit^|FIND "Limit"') do ( set OK=Y set /a Limit=1000%%b%%1000 ) goto :EOF :ZMin reg add "HKLM\Software\LimitLogon\%user%" /V Today /T REG_SZ /D %DATE% /F reg add "HKLM\Software\LimitLogon\%user%" /V Minutes /T REG_SZ /D %elapse% /F set /a Minutes=0
0 comments
Hide comments