Versions Compared

Old Version 17

changes.mady.by.user Bruno Miretti (Deactivated)

Saved on

compared with

New Version Current

changes.mady.by.user Bruno Miretti (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Anchor
TOC
TOC
Include Page
KBCOMMON:KB-CSSstyle
KBCOMMON:KB-CSSstyle

...

Using the "Local Group Policy Editor", it is possible to add the execution of a Powershell script at Windows shutdown. As this operation is performed with the "system" account, some operations have to be performed if depending on the chosen mode is "rsh" or "ssh"method chosen (opa0, rsh or ssh).

Warning

Please note shutdown scripts are executed when the shutdown is executed either from the "Windows Start" menu or using the shutdown command line. They are not always executed when clicking on the "Restart" button from the Windows Update tool.

opa0 mode preparation

If the combination of username/password is used, there is no need for configuration change.

...

C:\WINDOWS\system32>whoami
nt authority\system

Run the following command to create the encrypted file:

C:\WINDOWSUsers\system32>powershell PS C:\WINDOWS\system32>Spock> powershell -command "ConvertTo-SecureString -String "'<password>" ' -AsPlainText -Force ^
More? | ConvertFrom-SecureString | Out-File "'<full path to the file>'"

Example:

C:\WINDOWSUsers\system32>powershellPS C:\WINDOWS\system32>Spock> powershell -command "ConvertTo-SecureString -String "'12345" ' -AsPlainText -Force ^
More? | ConvertFrom-SecureString | Out-File 'c:\charon\msds20vmspwd.txt'"


Div
classpagebreak


Run the Powershell script in check mode:

...

C:\WINDOWS\system32>whoami
nt authority\system

Run the Powershell script in check mode:

...

Note

It is recommended to move the psexec.exe program file to a secured folder or to remove it when it is no more needed (check completed)


Div
classpagebreak


ssh mode preparation

Execute the same operations as described in chapter "Using ssh" for Tru64 or VMS to create a key pair with "SYSTEM" user with a different identity file.

...

C:\WINDOWS\system32>whoami
nt authority\system

Create a new ssh trust as described in the "Using ssh" chapter.

...

Note

It is recommended to move the psexec.exe program file to a secured folder or to remove it when it is no more needed (check completed)


Div
classpagebreak


Windows settings - Local group policy

...