I came across a scenario where I needed to shutdown and lock one or more Microsoft Windows PCs remotely. This should work automatically, without VNC / Remote desktop or similar tools, so that it can be scheduled in some way. Applications for this would be:
- Shutting down a number of PCs, e.g. in an Internet Cafe or the like
- Locking down one or more PCs (for instance to limit access for kids)
- Force a shutdown in case some Virus / Worm is detected at the Internet firewall
After considering various solutions, I decided to write it by myself:
- Write a little Windows service that can be installed on the system
- Let this service check at a specific web address for some string, e.g. “LOCK” periodically (e.g. every 10 seconds)
- In case this string is detected, shut down the computer.
- As this service comes up automatically, the system will be shut down immediately after coming up, so that users are practically locked out.
The disadvantage of this solution is that users with administrator rights and the required knowledge will be able to remove the service. However, in many scenarios this will not be the case.
Download + Install
Download / installation is as follows:
- First download the service from here: syshalt.exe
- Put it in C:\Windows (this is necessary as the service will not start otherwise)
- Next download a sample configuration file from here: syshalt.cfg
- Put this configuration file also in C:\Windows
Web Page:
You will need some kind of web page which is used to control the service / computer shutdown. This web page should contain a simple string only (no HTML, just text), which reads something like “OPEN” or “LOCK”. This page can reside on any server of your choice, but it could also be automatically generated by some simple web service.
Configuration:
Before actually installing the service, let’s configure it appropriately:
- First open the configuration file with a text editor (e.g. notepad)
- Set “auth_server” to the server name (e.g. myserver.com)
- Set the web server port in “auth_port” (normally 80)
- Specify the URL in “auth_url”, something like “my/url/shutdown.html”
- Specify the strings which will trigger a shutdown in auth_string_open / auth_string_lock
- Select the logic: “auth_logic_negative = yes” means that the system will only shut down in case it gets the shutdown command from the web server. In case it is not found, the system will not shut down – this will also happen in case the web server is down, the PC has no network link etc. In case “auth_logic_negative = no” means that the system will shut down unless the positive string, e.g. “OPEN” is received from the server. The second case is more secure, however, if something goes wrong you will have trouble unlocking your PC again.
- Via “reboot_msg” you can set some custom string that is displayed to the user when the system shuts down.
Install the service:
After configuration, the service can be installed and started on the command line:
Now the service is up and running. In case the text on the controlling web page changes to the shutdown command, the system will shut down like this:
It will moreover make sense to enable the service automatically during startup, which can be easily set in the Windows service manager.
Source Code
The service is written in Python and the source code is relatively simple.
The source code can be downloaded from my public SVN repository:
https://himmelbauer-it.at/svn/qwer/syshalt/
Or simply check it out via SVN:
svn co https://himmelbauer-it.at/svn/qwer/syshalt/