87 lines
3.3 KiB
PowerShell
87 lines
3.3 KiB
PowerShell
#Zebra - 5/21/2023
|
|
#Activity Status tracker script. Queries activity status of the currently logged in user.
|
|
#Works for both Console and Terminal Services sessions
|
|
|
|
Add-Type @"
|
|
using System;
|
|
using System.Diagnostics;
|
|
using System.Runtime.InteropServices;
|
|
|
|
public static class UserInput {
|
|
[DllImport("user32.dll")]
|
|
static extern bool GetLastInputInfo(ref LASTINPUTINFO plii);
|
|
|
|
[StructLayout(LayoutKind.Sequential)]
|
|
struct LASTINPUTINFO {
|
|
public uint cbSize;
|
|
public uint dwTime;
|
|
}
|
|
|
|
public static TimeSpan GetIdleTime() {
|
|
LASTINPUTINFO lastInput = new LASTINPUTINFO();
|
|
lastInput.cbSize = (uint)Marshal.SizeOf(lastInput);
|
|
if (!GetLastInputInfo(ref lastInput)) {
|
|
throw new Exception("Unable to get last input time.");
|
|
}
|
|
return TimeSpan.FromMilliseconds(Environment.TickCount - lastInput.dwTime);
|
|
}
|
|
}
|
|
"@
|
|
|
|
$windowsEdition = (Get-CimInstance Win32_OperatingSystem).Caption
|
|
|
|
|
|
if ($windowsEdition -match "Pro" -or $windowsEdition -match "Enterprise" -or $windowsEdition -match "Server") {
|
|
Write-Host "Windows Pro or Enterprise Edition detected."
|
|
|
|
$session = @(qwinsta /server:localhost 2> $null | Select-String "Active")
|
|
|
|
if ($session) {
|
|
#$idleTime = [UserInput]::GetIdleTime()
|
|
#$session = $session | Where-Object { $_ -notmatch 'console' }
|
|
$localSession = $session | Where-Object { $_ -match 'console' }
|
|
$rdpSession = $session | Where-Object { $_ -match 'rdp' }
|
|
if ($localSession) {
|
|
$username = ($localSession -split "\s+")[2]
|
|
#$sessionId = ($localSession -split "\s+")[3]
|
|
$idleTime = [UserInput]::GetIdleTime()
|
|
if ($idleTime.TotalMinutes -gt 15) {
|
|
$lastActive = (Get-Date).add(-$idleTime)
|
|
Write-Host "($username) [console] logged in and inactive since $lastActive."
|
|
} else {
|
|
Write-Host "($username) [console] is logged in and active."
|
|
}
|
|
} elseif ($rdpSession) {
|
|
$username = ($rdpSession -split "\s+")[2]
|
|
# $sessionId = ($rdpSession -split "\s+")[3]
|
|
$idleTime = [UserInput]::GetIdleTime()
|
|
if ($idleTime.TotalMinutes -gt 15) {
|
|
$lastActive = (Get-Date).add(-$idleTime)
|
|
Write-Host "($username) [mstsc] logged in and inactive since $lastActive."
|
|
} else {
|
|
Write-Host "($username) [mstsc] currently logged in and active."
|
|
}
|
|
}
|
|
|
|
} else {
|
|
Write-Host "No user is currently logged on."
|
|
}
|
|
}
|
|
else {
|
|
|
|
Write-Host "Windows Pro or Enterprise not detected."
|
|
|
|
$username = (Get-WmiObject -Class Win32_ComputerSystem).UserName
|
|
|
|
if ($username) {
|
|
$idleTime = [UserInput]::GetIdleTime()
|
|
if ($idleTime.TotalMinutes -gt 15) {
|
|
$lastActive = (Get-Date).add(-$idleTime)
|
|
Write-Host "($username) [console] logged in and inactive since $lastActive"
|
|
} else {
|
|
Write-Host "($username) [console] currently logged on and active."
|
|
}
|
|
} else {
|
|
Write-Host "No user is currently logged on."
|
|
}
|
|
} |