Mail gets sent on remote login to a machine only by a particular user not by all users
I have written a VBScript that sends mail when a user logs in to a machine:
Set objMessage = CreateObject("CDO.Message")
objMessage.Subject = "Example CDO Message"
objMessage.From = "admin@domain.com"
objMessage.To = "admin@domain.com"
Set objNet = CreateObject("WScript.NetWork")
strInfo1 = " " & objNet.UserName & "@" & objNet.UserDomain & " is logged on to machine: " & objNet.ComputerName & " on " & Date() & " " & Time() & "." & vbCRLF
objMessage.TextBody = " " & strInfo1
'specify mechanism to send mail -2 for using port
objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
'specifying exchange server machine as smtp server
objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "exchangeserver.domain.com"
'port for SMTP server
objMessage.Configuration.Fields.Item("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
'end message configuration
objMessage.Configuration.Fields.Update
objMessage.Send
I have specify this vbs to execute on remote login session by create event task scheduler as shown below
I have configured it to execute it for any users' remote logon:
After clicking OK on above window, I got below window asking for user account to use for this task:
But I am getting mail only after remote login of user that I specified in above window, even though I have specified to execute the event for any user as can be seen in 2nd image.
Q.1 How can I auto-send mail on user login of any user, why it is sending mail on login of only one user that I specified in 3rd image
Q.2 Also I find this way insecure as it is configured on the machine for which I want to monitor remote logins. This machine is in AD managed by Windows Server 2008. How can I do configuration on server (not on client machine) to send mail when remote login occurs on client machine.
In fact, you are sending a mail message after any use login. But, as
the scheduled task is running under the credentials of a especific user, and
your script gets the user name of the session in which the script is running, and
this session is the configured one in task scheduler, and
this is your especific user,
... can you see it? The script can't. It doesn't see the real user.
The best option is probably configure a login script, which runs under the real user account, and call the script from it.
Or you can enable audits and record login events in Security event log. Then you can analyze the logs.
- Find Task-Manager Description Column from CMD?
- How do I find out which process is listening on a TCP or UDP port on Windows?
- WINMAIN and main() in C++ (Extended)
- How to install ripgrep on Windows?
- CryptographicException: Access denied - How to give access on User store?
- How to set the UDP packet reassembly timeout in Windows 10
- Unable to create Symlink - cannot create a file when that file already exists
- How can I open a cmd window in a specific location?
- When running flutter app on window it show following error
- Can I use NotifyIcon in WPF?
- Python: How to open a folder on Windows Explorer(Python 3.6.2, Windows 10)
- ANSI In Terminal (Windows 10)
- How to get "valid data length" of a file?
- Check CMake version using python
- How do I update golang from command prompt on Windows?
- in powershell, set affinity in start-process
- Crypto++ library link error using Visual Studio 2017
- Limit python script RAM usage in Windows
- Powershell script throws error (80040154 Class not registered) only when it is executed from codedeploy, Why?
- How to change default scheduled task process priority in Windows
- How can I tile horizontally certain windows programmatically?
- C# get good color for label
- install gitlab on Windows with Docker
- Faking an RS232 Serial Port
- Rename all files in a directory with a Windows batch script
- An attempt was made to load a program with an incorrect format. VS2022 Service-based database
- How to set adminstrator privilege using manifest for Windows 10?
- Is it possible to modify a registry entry via a .bat/.cmd script?
- Quasar dev PSSecurityException
- How do I add a gzip command to Windows CMD?