Batch file 使用任务调度器的程序，在以管理员身份运行时回显用户_Batch File_Echo

Batch file 使用任务调度器的程序，在以管理员身份运行时回显用户

batch-file

Batch file 使用任务调度器的程序，在以管理员身份运行时回显用户,batch-file,echo,Batch File,Echo,我正在尝试创建一个echo是当前用户的程序由于程序需要使用任务计划程序以管理员身份运行，%username%始终返回admin，而不是用户最后我要寻找的是一个批次，每次用户登录、关闭、锁定、解锁、切换用户时，echo的时间戳、用户信息和pc信息，我以前遇到过类似问题，请尝试使用whoami当前用户是管理员。Windows支持多个用户（尽管一次只有一个实时用户）。您可以查询登录的用户并选择交互式用户潜在用户名单 wmic PATH Win32_SystemUsers get /format:

我正在尝试创建一个echo是当前用户的程序

由于程序需要使用任务计划程序以管理员身份运行，%username%始终返回admin，而不是用户

最后我要寻找的是一个批次，每次用户登录、关闭、锁定、解锁、切换用户时，echo的时间戳、用户信息和pc信息，

我以前遇到过类似问题，请尝试使用

whoami

当前用户是管理员。Windows支持多个用户（尽管一次只有一个实时用户）。您可以查询登录的用户并选择交互式用户

潜在用户名单

wmic PATH Win32_SystemUsers get /format:List
wmic PATH WIN32_UserAccount get /format:List
wmic PATH WIN32_Account get /format:List

所有用户都已登录，包括系统帐户。 NB管理员将有两个登录-一个作为受限用户登录，另一个作为提升用户登录

wmic PATH Win32_LoggedOnUser get /format:List

查找有关登录类型的信息

wmic PATH Win32_LogonSession get /format:list

登录类型列表-您需要2个

LogonTypeData type: uint32Access type: Read-only


Numeric value that indicates the type of logon session.



Value

Meaning

0 
Used only by the System account.

 Interactive2 
Intended for users who are interactively using the machine, such as a user being logged on by a terminal server, remote shell, or similar process.

 Network3 
Intended for high-performance servers to authenticate clear text passwords. LogonUser does not cache credentials for this logon type.

 Batch4 
Intended for batch servers, where processes can be executed on behalf of a user without their direct intervention; or for higher performance servers that process many clear-text authentication attempts at a time, such as mail or web servers. LogonUser does not cache credentials for this logon type.

 Service5 
Indicates a service-type logon. The account provided must have the service privilege enabled.

 Proxy6 
Indicates a proxy-type logon.

 Unlock7 
This logon type is intended for GINA DLLs logging on users who are interactively using the machine. This logon type allows a unique audit record to be generated that shows when the workstation was unlocked. 

 NetworkCleartext8 
Preserves the name and password in the authentication packages, allowing the server to make connections to other network servers while impersonating the client. This allows a server to accept clear text credentials from a client, call LogonUser, verify that the user can access the system across the network, and still communicate with other servers.

 NewCredentials9 
Allows the caller to clone its current token and specify new credentials for outbound connections. The new logon session has the same local identify, but uses different credentials for other network connections.

 RemoteInteractive10 
Terminal Services session that is both remote and interactive.

 CachedInteractive11 
Attempt cached credentials without accessing the network.

 CachedRemoteInteractive12

输出任何信息都不需要管理员权限。环境变量DATE、TIME、USERNAME和COMPUTERNAME似乎提供了所有要输出的数据。请发布您已经拥有的代码，并添加更多详细信息以获得更好的帮助。该代码确实需要以管理员身份运行，由于写入的txt文件存储在安全的服务器中。@echo off cls echo%date%%time%%username%%computername%%>\*****u AD\u Logon\u Timestamp\%computername%。txt此迷你脚本在以管理员身份运行时，总是以用户管理员的身份返回。我认为服务器上仅用于小日志文件的目录不需要如此只有域管理员才能访问它。可以将服务器上此特定目录的权限设置为允许所有人创建和修改现有文件，但拒绝所有其他操作，如创建子文件夹、删除文件或完全覆盖文件。使用NTFS权限可以以这种方式限制目录。也许值得考虑这种解决问题的替代方法。