W2K3 AD domain, XP Pro workstations.
User A logs in to a computer, walks away, screen gets locked. User B wants to use that computer. Current options are to find someone that knows the admin password to forceably logoff user A's session, or hold the power button until the machine turns off and then wait for it to boot back up again.
I would like to allow members of the Domain Users group to force a logoff the way Domain Admins can. Is this possible?
Best Answer
I believe that in order to forceably log off another users your require local admin rights. I've never seen a way a normal user can do it. I can see too many potential problems if that wasn't the case.
One possible workaround is to have an admin send a remote log-off command. You may like to investigate psShutdown for that. You could create a batch file that prompts for the computer name and then sends the command. In that case the user wanting to use the machine only needs to make a phone call to the admin. An added advantage is that at least one admin is then aware this is happening.