Man, I haven’t posted in ages! Well, here’s something I want to remember for later. Force a computer to logoff at a particular time, but still allow logons later. Using Active Directory, I think, will force a logon schedule and dissallow users from logon if not within scheduled times.

On the computer you want to force logoff, open the C: drive and create a text file. Then rename it to, force-logoff.bat
Be sure you can view the extensions, or it will hide the .txt at the end and this wont work. (it can’t be force-logoff.bat.txt, which is what you’ll get if you have “hide extensions of known file types” selected)
Then right click, edit.
Put this in the file and save it.

PsShutdown.exe -o -f

After that, find PsShutdown.exe and copy/paste it into the C:\Windows dir on that system. Get it from here:
http://download.sysinternals.com/Files/PsTools.zip
You’ll have to unzip that and get the Psshutdown tool out of it.  I usually just put all the Pstools in the Windows directory anyway, it’s handy to have.
Then to test, just double click the force-logoff.bat file and it should log you out.  NOTE: The first time you run any of the PSTools, you’ll get a little EULA and you’ll need to agree to the terms.  Not big deal, then after that you won’t get a popup.

Last, make a schedule for it to run every day at your desired time.

Here’s the link to the Microsoft site regarding PsShutdown command line usage.

http://technet.microsoft.com/en-us/sysinternals/bb897541.aspx

Uber quick howto:  (based on Debian)
1. Make sure ssh, rsync and sudo are installed and working.
2. Add a user account,  on remote system.
2.a Add a certificate with openssl or ssh-keygen (look that up elsewhere)
2.b Make sure the cert is unencrypted with no password. Yes,  that is a slight security concern, HOWEVER, if you are very careful to secure that private key, you are ok.  In other words, don’t share it or let it out!
2.c Add your public key to your new users /home/username/.ssh/authorized_keys file.  (how to’s for this stuff are on the web)
2.d Test this user’s login and make sure it logs you in from your local machine.
3.  Now, this new user is unprivileged, so you need to use sudo for running the remote rsync command.  Add this to your remote machine /etc/sudoers file:

 nameofnewuser	remotemachinename=NOPASSWD:/usr/bin/rsync

Above, you replace with the appropriate names.

4. Copy your private key from the remote machine and save it on the local machine where you will be backing up to.  For example, save it in the local user’s .ssh directory.  /home/localuseraccount/.ssh/private.key

5. You need to create a script.  In the example below, I have an exclude.txt file also, so I can exclude directories and files.  Look that up in the rsync how-to’s.

#!/bin/bash

rsync -avz --rsync-path="sudo /usr/bin/rsync" 	

	--exclude-from=exclude.txt -e

 	"ssh -p 22 -i /home/localuseraccount/.ssh/private.key"

  	remoteuseraccount@remote.server.com:/ /backup/to/path

In case you didn’t catch that, the section above with the rsync command is all one line!