1
0
Sometimes I run against the problem that someone has locked its PC but I need to look and see if I can reboot that PC.
Is there a remote way to unlock the PC without logging out the user that is logged on ?
I was thinking about something like "kill program lockscreen"
Spidfire
Posted 2010-09-30T16:48:42.493
Reputation: 133
1
Look at Systinternals Tools. you might use pskill to terminate a remote process
datatoo
Posted 2010-09-30T16:48:42.493
Reputation: 3 162
actually look at all of the sysinternals tools, PsExec will let you execute processes remotely also , and depending upon what you need to do, maybe that will even do all you need. For instance you could open ports, and lots of cool stuff. – datatoo – 2010-09-30T20:32:01.610
1
When a workstation is locked (using Win+L or LockWorkStation()), there is no way to unlock it without the password. Winlogon won't allow that, and there is no additional process that could be terminated.
You can, however, force a logout by entering the credentials of an administrator account (in the Administrators group) to the "Unlock workstation" screen.
Remote reboots can also be done using shutdown -m \\pcname from the command-line of another computer (net rpc shutdown -S pcname from Linux). This also requires Administrator privileges (more precisely, SeRemoteShutdownPrivilege).
user1686
Posted 2010-09-30T16:48:42.493
Reputation: 283 655
1
I am working in a lawyer's firm in Canada. We are 300 lawyers here and we NEVER kill an active session (local). We also had meetings regarding the same question as this thread but even with PsExec (and so many other way to see if we can safely log a user out) showing open processes won't help telling if IT can logout users.
By Example, nothing's open except Outlook.exe. Ho, this sound ok to kill. NO! Maybe the user is writing an important email to someone important and by that, can't, in any conditions log him out.
So basically, there's none you can do when a user is logged on except if you have his password or a confirmation you can close the session.
r0ca
Posted 2010-09-30T16:48:42.493
Reputation: 5 474
Have to agree. I wouldn't kill a session either, but the question was asked if there was a way to do this. If there was a task that needed to be run as admin, or a service restarted this may be necessary, but I would agree it is not safe to kill a session. For instance the person is away and needs a port opened for access without killing the existing session – datatoo – 2010-09-30T22:00:07.070
1
I read an article where a programmer figured out how to do it on an XP system.
http://www.codeproject.com/Articles/16197/Remotely-Unlock-a-Windows-Workstation
It required Administrative access. It used a remote started service firing off a dll to hit winlogin. I have been hunting around for the source and binary myself.
rjhawkin
Posted 2010-09-30T16:48:42.493
Reputation: 11
1
If you only want to see what processes are running without dropping the user's session, log in as an Administrator to a command-line console (like with telnet) and run wmic process or wmic process | findstr notepad replacing "notepad" with the executable in question.
If it's a serious matter, you could also reset the user's password and log in as them. My favorite way to do this is through the console:
net user user_goes_here password_goes_here /logonpasswordchg:yes /domain
durette
Posted 2010-09-30T16:48:42.493
Reputation: 243
2What operating system(s) are we talking about here? What kind of domain environment? – Shinrai – 2010-09-30T16:57:52.150
Windows 2003 domain with windows xp pro clients. – Spidfire – 2010-10-01T13:43:54.680
Some extra info: I mean to login without using the users password. and look if someone is doing something. and than i can diside if the user can be logged out or not. – Spidfire – 2010-10-01T13:46:06.310