Wednesday, April 24, 2013

How to Use PowerShell to Detect Logins and Alert Through Email


The Windows Task Scheduler can automatically send email at a specific time or in response to a specific event, but its integrated email feature won’t work very well for most users.
We have already shown you how to do this using a third party tool, but who really wants to do that when you can do it with tools built right into Windows?

Enter PowerShell + Task Scheduler

The first thing we need to do is set up a scheduled task, to do so press the Win + R keyboard combination to bring up a run box then type “control schedtasks” and press enter.

When the Task Scheduler opens click on the Create Task… link.

On the General pane, provide a name and description for the task. You should also select the Run whether user is logged on or not option.

Then switch over to the Triggers tab and add a new trigger. The trigger should be set to fire at log on, which can be selected from the drop down.

Finally, you will want to switch over to the actions tab and add a new action. From there, you will want to choose to start a new program, and the program we want this trigger to start is “powershell”. You will then need to paste the following into the arguments text box.
-Command “Send-MailMessage -From “someone@gmail.com” -To “someone@gmail.com” -Body “Someone Just Logged In” -Subject “LOGIN”  -SmtpServer “smtp.gmail.com” -Port 587 -Credential $(New-Object System.Management.Automation.PSCredential (someone@gmail.com, $(ConvertTo-SecureString “PASSWORD” -AsPlainText -Force))) –UseSsl”
Note that you will need to change all occurrences of someone@gmail.com to the username of a real GMail account and PASSWORD to the password for that account. Alternatively, you can opt to use your own SMTP server.

On the Conditions tab, uncheck Start the task only if the computer is on AC power option, or you won’t get emails if your computer is a laptop and it’s unplugged.

Click the OK button and save your task. You should now receive email notifications whenever someone logs into your computer.

No comments:

Post a Comment