<

Automated PC Audits via Logon Script using EZ Audit®


IMPORTANT: You need to have a Domain to do automated audits be it on prem or cloud. PCs need to be joined and have access to shared folders on a server. Workgroup or Samba/SMB won't do it.



If you have Azure AD or Azure AD Domain Services (Azure AD DS) or [enter new branding name Microsoft cooks up yet again here], you're good to get up and running with EZ Audit.

It's as simple as creating a shared folder on the domain, and triggering an app at user logon via Group Policy, which can be handled via Intune.

Here is the Microsoft documentation for creating shares using AD DS


Here is the Microsoft documentation for Group Policy in an Azure Active Directory Domain Services managed domain

 

The method below is for traditional on-prem domains.

The easiest method to run automated audits is using a scheduled task from the domain server. If you need or prefer to do so via a logon script, keep reading.


Step 1

Create a folder and subfolder on a server all your users can access. Typically that would be your domain server, but it doesn't need to be.

Example: If user files are in the D: drive, create D:\ezaudit\audits. That would translate to \\servername\ezaudit\audits.

Azure equivalent would be in this format: \accountname.file.core.windows.net\ezaudit\audits.  Same applies to subsequent paths in this document.

Share the folders to a Users Group all users belong to. Typically that would be Domain Users, but it doesn't have to be.

Give the folders Read, Write, Create, Delete, Modify, Execute permissions to your users.



Step 2

Next you run the EZ Audit Configuration tool from the Admin Console > Tools tab.

There you can enter what you want to audit and how often as well as where to save the audits.

Put the location you just created and shared, so: \\servername\ezaudit\audits as where to run the audits from.

Save the configuration to the \\servername\ezaudit folder.

The tool will move the audit module files to the location for you.

As an advanced topic for later, you can have multiple configuration files for different purposes, but for now, all you need is the one configuration file.



Step 3

Create the logon script in Group Policy.

Create a logon script for all users via Group Policy:

Fire up gpmc.msc at your domain joined PC and do the steps as shown below:

Right-click the selection as shown and select Edit:

Configure EZ Audit via GP Step 1

Go to User Configuration > Policies > Scripts (Logon/Logoff). Double-click Logon.

Configure EZ Audit via GP Step 2

Click Add to enter the information information as shown:

Configure EZ Audit via GP Step 3

Configure EZ Audit via GP Step 4

Click Apply and Ok out.

Final note: You may want to remote into the server and do a GPUPDATE/FORCE at a command prompt to jog it to life right away.


etc.

If you write your own logon scripts, use alternatives like KixTart (if you like to party like it's 1999!), or your own .bat, .VBS file etc., all you need to add is to launch \\servername\ezaudit\ezstart-a -o (the -o is only needed if you want to make the PCs available for On-Demand audits(PDF) in addition to scheduled audits).

Here's a VBScript example of what to add:

Dim WSHShell
Set WSHShell = CreateObject("WScript.Shell")

Note below: Don't use your server IP address like \\10.0.0.1\, use the server name otherwise Windows will likely show a security alert at the user's PC.

WSHShell.Run "\\yourservername\ezaudit\ezstart.exe -a -o"



Copyright ©2024 ATCONSULTING LLC