Locking Workstations on Mass

by avataroftime at 2012-09-25 22:04:48

Hi Guys,

We have been given the task of creating an easy way of locking all workstations (from a list) when given a certain event (ie Fire Alarm).

We have tried using the “rundll32 user32.dll,LockWorkStation” command via different ways in powershell, but this command only works from a interactive session (ie console).

Does any one have any ideas on how this can be done?
by willsteele at 2012-09-25 23:13:18
Have you tried creating multiple PSSessions, then, piping this command to the multi-PSSession set?
by Klaas at 2012-09-25 23:36:01
what about:

invoke-command -computername (get-content HostsToLock.txt) -scriptblock {%windir%\System32\rundll32.exe user32.dll,LockWorkStation}
by RichardSiddaway at 2012-09-26 00:29:54
have a look at this post
http://blogs.technet.com/b/heyscripting … cript.aspx

it might solve your problem of performing the task remotely. its written in VBScript but should translate easily enough. Please let me know if you need help with the script
by avataroftime at 2012-09-26 20:54:25
I tried that vbs script, but it does not work.

It does copy the file and run it on the target workstation, but the command “rundll32.exe user32.dll,LockWorkStation” needs to be run from the interactive desktop (console) to work, or you get what I had, which was that nothing will happen.

The invoke-command did the same thing as the vbs script…nothing.
by poshoholic at 2012-09-27 05:24:29
According to the solution for the same problem on the older PowerShellCommunity.org forums, you can do any of the following:

If you have Remoting configured and working you can use this…
invoke-command -computer $computer -scriptblock {start-process ‘C:\Windows\System32\rundll32.exe’ -ArgumentList ‘user32.dll,LockWorkStation’}
Or, you can go the WMI way…
$newProc=([WMICLASS]"\$computer\root\cimv2:win32_Process").Create(“C:\Windows\System32\rundll32.exe user32.dll,LockWorkStation”)
by RichardSiddaway at 2012-09-27 13:06:45
I don’t have a remote machine available but these options should work just as well remotely

$computer = $env:COMPUTERNAME
Invoke-WmiMethod -Class Win32_Process -Name Create -ArgumentList “C:\Windows\System32\rundll32.exe user32.dll,LockWorkStation” -ComputerName $computer

$cimargs = @{“CommandLine” = “C:\Windows\System32\rundll32.exe user32.dll,LockWorkStation”}
Invoke-CimMethod -ClassName Win32_Process -MethodName Create -Arguments $cimargs -ComputerName $computer

Both options a bit easier to use compared to the WMICLASS accelerator in my opinion