Mainly because our students are idiots and will complain if the computer doesn’t turn off. Or worse, take independent action and hold the power button, or actually yank the power cable. Maybe I should just lean into it and convince them that the monitor is the computer.
Jokes aside, how could I implement such a policy? I’ve only found one that hides the power buttons from the start menu, but Windows still responds to ACPI.
The policy you’re looking for is in Computer Configuration->Policies->Windows Settings->Security Settings->Local Policies->User Rights Assignments->Shut down the system
This policy takes account or group names from your local or domain AD as its variable (like Domain Admins). After it’s successfully applied, only those users or groups will be able to shutdown the machine gracefully.
Create a new GPO or edit an existing one and apply it to the ADUC organizational unit containing the computer objects you need to target.
There are use-cases where a computer should not be turned off by its user for the purpose of remote management. I’m dealing with one just as I’m writing this comment.
There’s an exam in a classroom. In 20 minutes I’ll have to run an ansible script to remove this group’s work, clean up the project directory, and rollback two VMs to the prepared snapshot to get ready for the next group. I’ve put a big-ass banner on the wallpaper telling the students not to shut down the computer, and already half of them are off.
You’re a Windows shop? Why don’t you deploy a policy that prevents users from shutting down computers?
Mainly because our students are idiots and will complain if the computer doesn’t turn off. Or worse, take independent action and hold the power button, or actually yank the power cable. Maybe I should just lean into it and convince them that the monitor is the computer.
Jokes aside, how could I implement such a policy? I’ve only found one that hides the power buttons from the start menu, but Windows still responds to ACPI.
The policy you’re looking for is in Computer Configuration->Policies->Windows Settings->Security Settings->Local Policies->User Rights Assignments->Shut down the system
This policy takes account or group names from your local or domain AD as its variable (like Domain Admins). After it’s successfully applied, only those users or groups will be able to shutdown the machine gracefully.
Create a new GPO or edit an existing one and apply it to the ADUC organizational unit containing the computer objects you need to target.
Why would they be idiots for wanting to turn these computers off?
If the computers aren’t running something important while not in use, I think they should turn them off as we’re already wasting far too much energy.
I might be missing something, but it sounds like leaving your car running or leaving lights on in your home the whole year.
Most computers go into a deep power saving mode when they aren’t in use. Far less than a light bulb or power brick.
There are use-cases where a computer should not be turned off by its user for the purpose of remote management. I’m dealing with one just as I’m writing this comment.
There’s an exam in a classroom. In 20 minutes I’ll have to run an ansible script to remove this group’s work, clean up the project directory, and rollback two VMs to the prepared snapshot to get ready for the next group. I’ve put a big-ass banner on the wallpaper telling the students not to shut down the computer, and already half of them are off.
Oh my. Good luck!
Okay in such a case I understand why these machines shouldn’t be turned off.
But, for normal people using their computers for admin/gaming, I still think it’s one of the easy ways of saving a bit of energy.