[THIN] Re: Logging which user shut server down

• From: "Andrew M Stemen" <lists@xxxxxxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Sat, 26 Mar 2005 01:05:43 -0500

I would have *sworn* that you could tell who initiated shutdown by the event
viewer. I know that I was able to tell one time, but I can't remember the
circumstances around it.

 

Aren't the users also able to go to Start --> Settings --> Windows Security,
and then click on Shut Down? I managed a server in which I know that was
done a few times. we had more problems with people using programs that
required reboots (and unfortunately, we weren't able to do anything about
that software).

 

Andrew

 

  _____  

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Joe Shonk
Sent: Saturday, March 26, 2005 12:03 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Logging which user shut server down

 

That's why I like to take the shutdown command off of the start menu and
leave only the Logoff button.  If an administrator really wants to
shutdown/restart a computer, he or she will have to select Start->Run and
type in Shutdown /r (or something similar)

 

Joe

 

  _____  

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of PETERSON, DAVID
Sent: Friday, March 25, 2005 4:55 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Logging which user shut server down

 

My Citrix server went down today, and when I got there it was powered off.
It looks like a graceful shutdown. My security logs show a few admins logged
in that have shutdown rights, but can't tell if any of them did it. Is there
a way to determine which user initiated the shutdown? If not for this
instance to catch the info if it ever happens again?



NOTICE: This electronic mail transmission from the law firm of Dinsmore &
Shohl may constitute an attorney-client communication that is privileged at
law. It is not intended for transmission to, or receipt by, any unauthorized
persons. If you have received this electronic mail transmission in error,
please delete it from your system without copying it, and notify the sender
by reply e-mail, so that our address record can be corrected.

• References:
  • [THIN] Re: Logging which user shut server down
    • From: Joe Shonk

Other related posts:

• » [THIN] Logging which user shut server down
• » [THIN] Re: Logging which user shut server down
• » [THIN] Re: Logging which user shut server down
• » [THIN] Re: Logging which user shut server down
• » [THIN] Re: Logging which user shut server down

1. Home
2. thin
3. Archive
4. 03-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---