Run a powershell script on every user login/unlock

Similar Messages

• How to generate an alert box with some message by Apple Script after every user login

  Hi,
  I am looking into an automation where whenever a user comes and does a login on his/her mac. It should pop an alert message to him.
  I want to achieve this in applescript.
  Is this possible?
  Thanks in advance for your suggestions and help!
  Abhishek

  Do you want it to run on any, unspecified user account? or specific users?
  If specific users, save the script as an application and save it in their Login Items.
  If you want all users then a hybrid AppleScript/shell script combo might be your best bet.
  Create a shell/AppleScript:
  #! /usr/bin/osascript
  tell application "Finder" to display dialog "welcome"
  Then create a launchd agent in
  /Library/LaunchAgents
  that will cause the script to load whenever any user logs in. Get yourself a copy of Lingon if you're not famiiar with creating launchd .plists

• Running a Powershell script via IIS on client machine

  Hello,
  I have a Powershell script that I want to serve to clients that will access my site.
  The script is simple - it will terminate Outlook and Communicator and restart in Cleanfreebusy mode.
  Researching this has noted that there is an IIS plugin that will allow the running of Powershell scripts?
  I would like to ask you, colleagues, is there a way I may be able to do this? That is to allow my clients run this Powershell script without downloading locally.
  Many many thanks,

  I have somewhat of a similar process, where I asked on the ASP.NET forums, as I needed my users of an Intranet site to be able to have a script run with the click of the button. I was told that it was not possible, as the browser is built to not allow stuff
  like this for security reasons.
  I haven't heard of a plugin so maybe there are other ways, but what I actually had to do, was create a batch file, and than on my webpage I added an IFrame
  <iframe id="myIframe" runat="server"></iframe>
  Than either in the html markup you can set the src attribute (I did mine in the code behind), to the directory where the file is at, so for instance \\myserver\fileishere
  Obviously the location needs to be shared and allow all users read/execute. This will display the file on the web page, and then the users, just double click it and it executes.
  You can possibly have a batch file that calls powershell and the script, but the script will need to be downloaded to the users machine, so it may be easier to find a batch equivallent of your powershell script and use DOS commands
  If you find that my post has answered your question, please mark it as the answer. If you find my post to be helpful in anyway, please click vote as helpful.
  Don't Retire Technet

• Installer launching command prompt that should run a powershell script and remain open

  I am using the Microsoft Visual Studio Installer Projects extension for VS 2013. This installer is designed to place a windows app in a directory and then launch a powershell script to prompt the user to sideload the application. From what I read online,
  you can make a windows console application and then add that .exe under the install custom actions to have the exe run after the installation is done. My installer is running the executable, but not in the way I want it to. This is the code that the console
  application has:
  static void Main(string[] args)
  Process.Start(@"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe", @"-ExecutionPolicy bypass -NoExit -File Application\Add-AppDevPackage.ps1");
  One key thing to note here is the -NoExit. I want the prompt to remain open. If I run this console application directly, the powershell console does indeed stay open. You can see here where I have added the .exe as part of the install custom action.
  One additional thing to note is when I looked at the exe in the directory after the install, it is different than the one generated when I compile the console application project. I wouldn't know why the installer is physically changing the binary when I
  expect it to just copy the output from that compiled project/copy that file.
  If anyone has any additional input on how to make this process easier to have an installer (.msi) to place my windows app in a directory and run a powershell script to prompt the user to sideload it, then I welcome that too.

  Hello,
  I am afraid this issue is beyond the scope of our support.
  The current forum you posted to is used to discuss general issues about developing applications for Windows.
  Regards.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• How to change the Default login script and the USER login script in Netware3.12

  I need to cut down the disk map from Neware 3.12 in Win98 client's PC.
  please tell me
  how to change the Default login script and the USER login script in
  Netware3.12 ?
  Or is there any other ways to do this thing?
  Thanks a lot!

  On 4/6/2006 [email protected] wrote:
  > how to change the Default login script and the USER login script in
  > Netware3.12 ?
  Please repost in the discontinued.forums.
  Edison Ortiz
  Novell Product Support Forum SysOp
  (No Email Support, Thanks !)

• What is the best way to run a powershell script with parameters in the Task Scheduler?

  Hello, 
  Want to run the following from a scheduled task in the Task Scheduler on a server.  What is the best approach?
  .\pscript.ps1 -csvfile "\\Srv1\Share\File.txt"
  Thanks for your help! SdeDot

  Hi,
  To run a powershell script with parameters in the Task Scheduler:
  Program: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
  Add argument (optional): -Command "& c:\scripts\test.ps1 -par1 2 -par2 3"
  Hope the below two articles be helpful for you:
  Schedule PowerShell Scripts that Require Input Values
  https://blogs.technet.com/b/heyscriptingguy/archive/2011/01/12/schedule-powershell-scripts-that-require-input-values.aspx
  How to Schedule a PowerShell Script
  http://dmitrysotnikov.wordpress.com/2011/02/03/how-to-schedule-a-powershell-script/
  Regards,
  Yan Li
  Regards, Yan Li

• Force obiee Reload Server Metadata when every users login

  hi, how to force obiee Reload Server Metadata when every users login?
  because I use this method
  [http://oraclebizint.wordpress.com/2007/10/29/oracle-bi-ee-101332-presentation-layer-translation/]
  to do the translation.
  but I found that if the server metadata is not reloaded. the presentation column names keeps previous one (language).

  Not sure about what authentication and web services EBS or Siebel have, but here is what we are doing at the State of Minnesota for PeopleSoft and OBIEE single-signon (no LDAP or SSO server required).
  Two web services in PeopleSoft are used for user authentication. One web service simply requires valid PeopleSoft username & password in web service request SOAP header. Second web services determines the username of the PeopleSoft PS_TOKEN cookie (cookie is hashed string which is unique to user’s current PeopleSoft browser session).
  BI Presentation Server in configured for single signon to pass PS_TOKEN cookie to BI Server as :USER variable.
  Users can also connect directly to BI Server using JDBC or ODBC by providing valid PeopleSoft username & password. JDBC/ODBC tool which sends PeopleSoft credentials to BI Server :USER and :PASSWORD variables.
  BI Server initialization blocks execute PL/SQL functions which invoke web services using either the PS_TOKEN cookie from :USER or the PeopleSoft username & password from :USER and :PASSWORD.
  A user can login in directly to BI Answers/Dashboards by including a valid PeopleSoft username & password in the nqUser & nqPassword parameters of the Analytics URL. This requires PeopleSoft credentials in URL which poses a security risk. Separate Presentation Server without single signon configuration could be used for direct access.
  Mark

• Run a powershell script with domain credentials during task sequence

  I have a powershell script that adds the computer it is run on to a security group.  If I log onto the computer with a domain account it works perfectly.  However, if it is run while logged on as the local admin account it fails with an error message
  that says the domain either doesn't exist or cannot be reached.
  This is a problem because when a computer is being imaged the process runs with the local admin account.  Is there a way to run this script with domain credentials in the task sequence?
  Thanks,
  Andy

  How are you running the Powershell script? If you use a Run Command Line step, you can specify an account to run as. Something like "powershell %scriptroot%\psscript.ps1" where the psscript.ps1 is located in your Scripts folder in your deployment
  share.
  -Nick O.

• I'm trying to run a scheduled task as system, but it will not run my powershell script

  I have a powershell script I created that uses credentials within the script to connect to a network resource to copy files every night. It works fine if I just run the script manually. but I need to run this as a scheduled task, preferably as system. I
  have checked "run with highest privileges" still no luck. 
  If I change the user to my account it works fine, but I need it to work without the use of my account. Is this some kind of security policy problem or what would cause this? I figure having the credentials within the script would work, but not so much.
  Paul Arbogast

  I have a powershell script I created that uses credentials within the script to connect to a network resource to copy files every night. It works fine if I just run the script manually. but I need to run this as a scheduled task, preferably as system. I
  have checked "run with highest privileges" still no luck. 
  If I change the user to my account it works fine, but I need it to work without the use of my account. Is this some kind of security policy problem or what would cause this? I figure having the credentials within the script would work, but not so much.
  Paul Arbogast
  Is the Execution Policy set for the script?
  With this information it sounds to be.....
  Take a look @
  http://technet.microsoft.com/en-us/library/ee176961.aspx
  Best Wishes,

• How can I setup a scheduled task to run a Powershell Script delivered as a Group Policy Preference

  I have a Powershell script I want to run only once when a user logs onto their system. This script would move all the PST files from the Local drive and the Home drive to a folder location within the users profile. I wanted to run this as a Windows 7 Scheduled Task using Group Policy Preferences. How can I get this to happen short of a logon script? I have updated all the machines to WMF 4.0 so could I use a Scheduled Job instead? I wanted to run the script as the logon user but elevated.#Start Outlook and Disconnect attached PST files.
  $Outlook = New-Object -ComObject Outlook.Application
  $namespace = $outlook.getnamespace("MAPI")
  $folder = $namespace.GetDefaultFolder("olFolderInbox")
  $explorer = $folder.GetExplorer()
  $explorer.Display()
  $myArray= @()
  $outlook.Session.Stores | where{ ($_.FilePath -like'*.PST') } | foreach{[array]$myArray+= $_.FilePath}
  for
  ($x=0;$x-le$myArray.length-1;$x++)
  $PSTPath= $myArray[$x]
  $PST= $namespace.Stores | ?{$_.FilePath -like$PSTPath}
  $PSTRoot= $PST.GetRootFolder() #Get Root Folder name of PST
  $PSTFolder= $Namespace.Folders.Item($PSTRoot.Name) #Bind to PST for disconnection
  $Namespace.GetType().InvokeMember('RemoveStore',[System.Reflection.BindingFlags]::InvokeMethod,$null,$Namespace,($PSTFolder)) #Disconnect .PST
  #Move All PST files to the default location while deleting the PST files from their original location.
  $SourceList = ("$env:SystemDrive", "$env:HOMEDRIVE")
  $Destination = ("$env:USERPROFILE\MyOutlookFiles")
  (Get-ChildItem -Path $SourceList -Recurse -Filter *.PST) | Move-Item -Destination $Destination
  #Attach all PST files from the default location.
  Add-type -assembly "Microsoft.Office.Interop.Outlook" | out-null
  $outlook = new-object -comobject outlook.application
  $namespace = $outlook.GetNameSpace("MAPI")
  dir “$env:USERPROFILE\MyOutlookFiles\*.pst” | % { $namespace.AddStore($_.FullName) }

  Mike,
  I do not understand what appears to be a regular expression above. I did add the PowerShell script to the HKCU RunOnce Key as suggested.
  Windows Registry Editor Version 5.00
  C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -noprofile -sta -WindowStyle Hidden -ExecutionPolicy RemoteSigned -File "C:\scripts\Windows PowerShell\Move-PST.ps1"
   I'm delivering this using Group Policy Preferences. It seems to fail or time out when run because the behavior is different if I run the script from within the PowerShell IDE. I added the parameters to the script and will try it again in the morning.

• PowerShell Script to Clean User Profiles File Location

  Hello,
  I have been searching around to accomplish what I am trying to do. It is pretty basic so I am hoping someone can point me in the right direction. I want to write a powershell script to clean out two locations in all the user profiles on a Citrix server.
  Here are the steps I'd like to accomplish.
  1. Find all user profiles on the Citrix server
  2. Delete all the files from these two locations; "\Local Settings\Application Data\Mozilla\*.*" and "\Local Settings\Application Data\Microsoft\OneNote\*.*"
  This will run on a weekly basis via a scheduled task. A nice to have would be to add any profile over 60 days old.
  I have a pretty good start, but I am still learning PowerShell, so any help would be appreciated.
  Thanks in advance!
  Thanks, Jeremy

  Hello mbwc,
  how about showing us what you got so far and detail where you have trouble?
  That way, we can help you understand your problems and find the solution yourself (= good for learning), instead of having one of us simply provide the solution (= bad for learning).
  Cheers,
  Fred
  There's no place like 127.0.0.1

• [SOLVED] Running a startup script as a user at boot once

  Hello!
  So, as the title suggests, I am trying to start a script as a specific user at boot. To avoid accidentally starting it multiple times, I don't want it to run every time to user logs in. So far I've looked into creating a custom systemd service to call a script as root then using 'sudo -u user script' to run said script.
  This almost worked, the script must have executed but, because it was starting a new task in a screen, it created a dead screen. Although I'm not entirely sure why (I suspect it has something to do with not running screen as the logged in user), I figured I would ask if anyone knew of a better way to do this. My solution so far is pretty convoluted.
  Side notes: This is running on a GUI-less server (hence the possibility of a user logging in multiple times or having multiple sessions open at once)
  Last edited by Lindenk (2013-07-09 15:33:45)

  Sure,
  Here's essentially the unit file -
  [Unit]
  Description=Runs a script to run a script to start a script to start a server
  [Service]
  ExecStart=/absolute/path/to/a/rootScript.sh
  [Install]
  WantedBy=multi-user.target
  And the root script
  #!/bin/bash
  #This script will run another script as the user 'server'
  sudo -u server /path/to/userScript.sh
  And the user script
  #insert possible setup stuff here
  screen -S serv -d -m /path/to/server/start.py
  #insert possible cleanup stuff here
  Also as a side note, I did already allow root to run commands as server without a password.
  EDIT: Another side note, the root script and user script do in fact work as intended when started individually. When running through systemd (at boot or not), the screen created is dead.
  Last edited by Lindenk (2013-07-09 14:36:54)

• How to specify default desktop and/or startup items for EVERY user login?

  Hi
  My work iMac is

  +Oops! User error! Anyway, here's the rest of my message...+
  The iMac I use at the university where I work connects to Active Directory for authentication - there are no local user logins (apart from the admin account of course).
  I'd like to know how to set the default items for all user logins. Specifically, I'd like the system to automatically create an alias on the desktop to a shared folder for every new user login, or automatically open that folder in Finder when logged in.
  Though I'm the main user, if I'm not around other people may require access to the stuff I do for the multitude of projects I work on for a department of 30 people, and as everyone else uses a PC and only a few are Mac savvy, I'd like to make it as easy as possible for the poor dears to find the files. (We have a shared network drive where I can put some stuff but unfortunately our allocation is not very big!)
  Thanks.

• PowerShell Script Get the User's Active Directory Fully Qualified Login Name for Specific Locked Out Accounts

  I have a script which displays locked out accounts. It works great.
  I'd like to display the fully qualified Active Directory Login Name instead of the LastName, First Name:
  Example: Davis, Susan
  Want instead: Domain\Susan.Davis
  I'd also like to include an additional filter to look for only Domain\Susan.Davis OR Domain\Robin.Givens
  Here is my script:
  $objDomain = New-Object System.DirectoryServices.DirectoryEntry
  $objSearcher = New-Object System.DirectoryServices.DirectorySearcher
  $objSearcher.SearchRoot = $objDomain
  $objSearcher.PageSize = 1000
  $objSearcher.Filter = "(&(objectClass=User)(lockoutTime>=1))"
  $colProplist = "name","samaccountname"
  foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i) | out-null}
  $colResults = $objSearcher.FindAll()
  foreach ($objResult in $colResults) {
  $domainname = $objDomain.name
  $samaccountname = $objResult.Properties.samaccountname
  $user = [ADSI]"WinNT://$domainname/$samaccountname"
  $ADS_UF_LOCKOUT = 0x00000010
  if(($user.UserFlags.Value -band $ADS_UF_LOCKOUT) -eq $ADS_UF_LOCKOUT) {
  $objResult.Properties.name
  John
  John

  Sorry, I should have mentioned that the cmdlets I'm using are part of the Active Directory module. You'll need to install the RSAT (Win7+) to use them.
  If you'd rather stick with your DirectorySearcher methods instead of moving to the AD module, you can adjust your output by using something like this instead:
  if(($user.UserFlags.Value -band $ADS_UF_LOCKOUT) -eq $ADS_UF_LOCKOUT) {
  "$domainname\$($objResult.Properties.samaccountname)"
  $domainname might not be what you're expecting, just FYI.
  As for filtering, you can add to the if statement and check for your known usernames only.
  Don't retire TechNet! -
  (Don't give up yet - 12,700+ strong and growing)

• Powershell script for when user last used their AD account to login or unlock a computer.

  I want to create a method for determining when a users account would expire after 35 days of inactivity.
  The issue would be not when they last logged on, as many of our users just lock their machines, but when they last logged on or unlocked any computer in the domain.
  I am thinking a combination of last logon with a session unlock parameter.
  In the system logs:
  Event viewer id for logon unlock is 7.
  SessionSwitchEventArg - SessionSwitchReason is SessionUnlock.
  Is this feasible?

  dsget user -inactive 30
  Don't reinvent the wheel.
  http://technet.microsoft.com/en-us/library/cc725702.aspx
  ¯\_(ツ)_/¯