Some of my Users are trying to act smart by disabling their admin share, This stoping me to access their P.C's, NT is recreating when they boot thre P.C but this guys are not booting their P.C for long time. Can I dible this feeture threw script ? or is their any other way ??

Thanx in Advance.

Thanks,

- Kent

------------------
Moderator/Admin
Get/Post Scripts
http://www.win-scripts.com

------------------
Laziness is the mother of invention.

Les Ligetfalvy

Unfortunately, when you give people the tools to do their work, you have to, in some sense, give them the power to abuse these tools. I think this true with any tool or any job. If management wants to give out tools & to take no responsibilty for possible abuse, then it is frustrating but your only solution is to develop a tough skin & cover your ass.

Trying to become "Dirty Harry" and doing it on your own, only works in movies. If you clamp down too tight, these rogues may be able to convince managent you are the problem and that you are preventing them from doing their work.

[This message has been edited by JackLothian (edited 25 June 2001).]

Or

Create a script on their PC's to stop and start server service. Then use psexec to run it.

i.e

net stop server
net start server

PS don't stop the service remotely otherwise you will lose connection.

psexec is avail from Wininternals.com

------------------
Sincerely,
Stephen.G.Collopy
I.T Infrastructure Designer

If I had the inclination, I believe I could prevent administrators from accessing my NT machine no matter what they tried. Maybe some of these users have both the inclination & knowledge to lock you out. I think this is a losing and unproductive game.

[This message has been edited by JackLothian (edited 25 June 2001).]

Thanx..

I would test out this idea carefully before I implemented it. The admin shares are effectively the whole drive and such an action could have repercussions you don't expect. You could negatively effect some vital directories & files.

I would take a stance that if they don't want you on their machine consider them as not supported and go work with the user population that arn't mucking you about.

In some countries it is against the law to force yourself into a users admin group, be careful that you are working within the law of what ever country these machines reside.

+ Force log offs from network within every 24-hour period for all users. Then,
+ Edit login script to check for presence of Admin share, recreate (net share ...) if not there.
+ If shares not there, have network message sent to administrator - log, then tackle with solid evidence of the changes taking place either w/end-user or their manager.
+ Try renaming the 'net.exe' or 'share.exe' files, and/or hiding, and/or changing permissions to prevent users from changing things on the command line (will not affect clients using 'Server Manager', however).
+ fire the clowns and let them play with their own systems with all their free time.

Bill