EventSentry Blog

Automatically shutting down workstations

November 8, 2007January 10, 2017 ingmar.koecher 0 Comment EventSentry, Tips & Tricks save power shutdown conserve

There has been a lot of talk lately about “green” computing, it seems
like every other IT magazine covered this topic over the last few
months.

Since power isn’t free, companies are fortunately interested in saving power for the sake of saving money, if not for the environment as well.

A lot of attention has been given to the power consumption of data centers and how to save money with blade servers and newer processors, but I feel that not enough attention is being paid to workstations, of which there are many more than servers.

Now there are a lot of power-save options available for workstations and software to centrally manage those settings, but how many users are not shutting down their workstations when they leave for the day?

I don’t have the resources to calculate how much power is being wasted every day by computers that are running over night across the US – when they really don’t have to be – but I imagine it’s a good amount.

True, there are some advantages to keeping computers running over night. For example, you might have software and patches pushed to workstations after hours (and we can get around that as well) and it’s always nice to come into the office in the morning without having to wait for the computer to boot up.

If you’re in charge of managing workstations then I recommend that you take a look to see how many workstations are running after most of the employees have left for the day. If you have a lot of idle PCs sitting on the floor sucking power then please read on. 😉

Using third-party tools we can automatically schedule a workstation shutdown using the shutdown.exe utility that ships with Windows XP and Vista. The tool is flexible enough to give users a grace period where they can abort the shutdown. And if you have a software management solution in place that pushes updates to your workstations, then you should be able to adjust the schedule so that the shutdown occurs after the deployment of any packages you might have. You can also limit the shutdown to particular weekdays, for example Mon-Thu only.

If you are using EventSentry to monitor not only your servers but also workstations, then you are lucky and setting this sort of scheme up shouldn’t take longer than 5 minutes.

EventSentry includes the Application Scheduler feature, which allows you to schedule tasks (similar to the task scheduler in Windows) on one or more computers. Simply create a new system health package, add an application scheduler object and create a new schedule. The command line you want to run can be similar to this:

shutdown.exe -s -f -c “To conserve power, this computer will now be shut down. To abort, click START – RUN and enter SHUTDOWN -A” -t 300

This will give the user 5 minutes before the computer will actually be shutdown. Then, assign the package to your workstations and you are set to go.

If you are not using EventSentry then you can also write a batch script and schedule the script to run from the server as well, the shutdown.exe tool supports shutting down remote computers as well.

If you are still scared about shutting computers down, then take a look at the WakeOnLan feature from the EventSentry Web Reports Hardware Inventory. If the web reports are installed on the same collision domain than your workstations, then you can wake up computers (that support the WakeOnLan feature) with the click of a button from there. Or, you can use wakeonlan.exe from the free NTToolkit to accomplish the same thing from the command-line. You could even write a batch script to wake computers up every morning!

I hope this gives you some ideas on how you can save power, save money and conserve the environment with little effort.

P.S.: Don’t forget to tell your fellow coworkers that you will be shutting down their computers at night so that those hard-working individuals won’t be caught by surprise!

Setting Service permissions with subinacl.exe

November 2, 2007January 10, 2017 ingmar.koecher 3 Comments Tips & Tricks, Tools & Utilities service security subinacl permission

I recently stumbled across a lesser known Microsoft utility (again) called subinacl.exe that you should take a look at if you haven’t already done so. It can be downloaded for free from Microsoft.

The tool is incredibly versatile and lets you change permissions of various system objects, such as files, printers, shares, services, registry keys and more from the command line.

I came across it because we needed a way to change the permission of the EventSentry service to allow a particular user account to read the current service status. So I’m only going to cover the service aspect of the tool in this post.

So how is this useful? Imagine you have a junior admin that you want to allow to manage a particular service on one or more of your servers. You don’t want the guy to be a local admin or be able to control all services but instead only be able to control one (or more) particular service.

In this case Windows doesn’t actually offer any native way of doing this without using a third party tool – with the exception of using group policy.

So let’s say you have user “Johnny” and you want Johnny to be able to stop and start the World Wide Web Publishing service. Simply run the following subinacl.exe command:

subinacl /service W3SVC /GRANT=YOURDOMAIN\Johnny=TO

Obviously you will want to replace YOURDOMAIN with the name of your domain. The TO at the end are the identifiers that tell subinacl which actions you actually want grant to Johnny. T is used for “Start Service” and O is for “Stop Service”. The complete list is here:

   F : Full Control
   R : Generic Read
   W : Generic Write
   X : Generic eXecute
   L : Read controL
   Q : Query Service Configuration
   S : Query Service Status
   E : Enumerate Dependent Services
   C : Service Change Configuration
   T : Start Service
   O : Stop Service
   P : Pause/Continue Service
   I : Interrogate Service 
   U : Service User-Defined Control Commands

So after running the command, Johnny will be able to stop and start the service without having any other permissions on the system.

But don’t stop there. Run subinacl.exe /help to see all the other options that are available to you. Of course you can also run the tool remotely by specifying the remote computer name.

You should also check out the MS KB article 288129 that has information on how to accomplish the same thing with group policies and security templates. This might be a better way especially if you have a large number of servers you want to apply this to.

Hope this is useful!

Inauguration

November 2, 2007March 1, 2017 ingmar.koecher 0 Comment Announcements

When Ryan (one of our web developers) first talked about starting an official company blog, I wasn’t too amused by the idea. Don’t get me wrong, I thought that having a blog would be great! But the thought of creating yet more content on a regular basis just didn’t seem to appealing – after all I keep myself pretty busy with lots of other things in relation with the EventSentry project, not even to mention my involvement with all the other content we have on our web sites (knowledge base, documentation, www.myeventlog.com, etc.).

Well, this was many months ago. I’m not sure how and why, but somehow I slowly started liking the idea of starting a blog where we could share ideas, useful tips & tricks, news about our product and personal thoughts. So after dismissing the original idea it got to a point where I was actually begging Ryan to setup the blog on our web site after I reserved the www.eventlogblog.com domain this week. I even have topics lined up already in my ToDo list!

So here it is: The Event Log Blog.

So, stop by and let us know what you think – suggestions for topics and comments are – as always – very welcome.