Automated PC Audits via Logon Script


Download as PDF

Estimated time to perform these tasks: under 10 minutes.

The easiest method to run automated audits is using a scheduled task (PDF) from the domain server. If you need or prefer to do so via a logon script, this tutorial is for you.


Step 1

Create a folder and subfolder on a server all your users can access. Typically that would be your domain server, but it doesn't need to be.

Example: If user files are in the D: drive, create D:\ezaudit\audits. That would translate to \\servername\ezaudit\audits.

Share the folders to a Users Group all users belong to. Typically that would be Domain Users, but it doesn't have to be.

Give the folders Read, Write, Create, Delete, Modify, Execute permissions to your users.



Step 2

Next you run the E-Z Audit Configuration tool from the Admin Console > Tools tab.

There you can enter what you want to audit and how often as well as where to save the audits.

Put the location you just created and shared, so: \\servername\ezaudit\audits as where to run the audits from.

Save the configuration to the \\servername\ezaudit folder.

The tool will move the audit module files to the location for you.

As an advanced topic for later, you can have multiple configuration files for different purposes, but for now, all you need is the one configuration file.



Step 3

Create the logon script in Group Policy.

Create a logon script for all users via Group Policy:

Fire up gpmc.msc at your domain joined PC and do the steps as shown below:

Right-click the selection as shown and select Edit:

Configure E-Z Audit via GP Step 1

Go to User Configuration > Policies > Scripts (Logon/Logoff). Double-click Logon.

Configure E-Z Audit via GP Step 2

Click Add to enter the information information as shown:

Configure E-Z Audit via GP Step 3

Configure E-Z Audit via GP Step 4

Click Apply and Ok out.

Final note: You may want to remote into the server and do a GPUPDATE/FORCE at a command prompt to jog it to life right away.


etc.

If you write your own logon scripts, use alternatives like KixTart, or your own .bat, .vbs file etc., all you need to add is to launch \\servername\ezaudit\ezstart.exe with the parameters -a -o (and the -o is only needed if you want to make the PCs available for On-Demand audits in addition to scheduled audits).

Here's a VBScript example of what to add:

Dim WSHShell
Set WSHShell = CreateObject("WScript.Shell")
'Note below: Don't use your server IP address like \\10.0.0.1\, use the server name otherwise Windows will likely show a security alert at the user's PC.
WSHShell.Run "\\yourservername\ezaudit\ezstart.exe -a -o"

©2023 ATCONSULTING LLC