-1

did some research on this, but could not find a solution working for this single-server-enviroment without DC and AD. The users in question are members of "local-non-admins" and "remote users".

The available gpo with logon-/logoff-scripts-options apperently does not work when logging in as "remote user".

Any hint on where to start further digging is highly appreciated.

Regards

Karl

Karl Kunze
  • 1
  • I'm fairly sure that C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup works. – Greg Askew Dec 31 '20 at 19:52
  • Ok, besides this there is even one more possibilty at rdp-host for starting a program when logging in from remote, but both ways do not help with logoff. – Karl Kunze Jan 01 '21 at 12:43
  • You can use a scheduled task trigger on a logoff event. – Greg Askew Jan 01 '21 at 13:49
  • Tried that, but ran into two issues.First: During login/logoff the events happened twice. Or to be more precise: In the event-log user gets logged in, gets logged off and logged in again, all in a few seconds. Second: The started program runs with %username% Administrator, what blocks the desired goal. Any further ideas on this path? – Karl Kunze Jan 02 '21 at 11:11
  • Sounds like it is triggering on the wrong event. Which event id? Also need to specify the Security Options, it should not be an account. – Greg Askew Jan 02 '21 at 15:27
  • Event-id triggered with logon is 4624 and with logoff 4634. The events happen even more. The logon-process runs through ids 4624, 4624, 4634, 4624 and 4634. The logoff-process runs through 4634 and 4634. What security-options are you looking at? I want to grab the user logging in/out, how should this work without an account-reference? – Karl Kunze Jan 03 '21 at 13:50

1 Answers1

0

After some more research I finally found out, that the login-scripts from GP do work for remote-users, you just have to allow remote-users to execute those scripts (which is not done by default when just creating simple scripts with notepad).

Hope it helps someone else.

Karl Kunze
  • 1