Code: Select all
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v "fDenyTSConnections" /t REG_DWORD /d "1" /f
REM ** Disable new logons
change logon /disable
REM ** Throw out all existing sessions by resetting the listener session
for /f "tokens=2" %%i in ('qwinsta ^| find /i "listen"') do echo y | rwinsta %%i
REM ** Maintenance jobs like backup comes here
REM ** start /wait ensures that this job waits until the command
REM ** is executed completely before going on to the next command
start /wait <your maintenance command comes here>
REM ** Maintenance is finished. Let users in again
change logon /enable
netsh advfirewall firewall add rule name="BlockRemAdminIN" protocol=TCP
dir=in remoteport=3389 action=block
netsh advfirewall firewall add rule name="BlockRemAdminOUT" protocol=TCP
dir=out remoteport=3389 action=block
Remote admin is a scary idea if you don't want that port open. Uninstalling it should be easy to look up, but this will prevent someone from using it on you. I suggest if you have worries, also look for the teamviewer uninstaller / remover. There's illegitimate versions of teamviewer that make it cheap to snoop on fellow musicians who made bling with frightening ease, even means of remotely controlling your computer, too.