Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 927
  • Last Modified:

Resetting RDP sessions when both are locked up

We are working with Windows 2003 virtual Servers.  We RDP into them to do our work.  We do not have Terminal Services Manager on our servers as the intel team believes this to be a security risk.  We have the standard 2 default RDP sessions.  If one session gets hung up because someone was knocked off the VPN - we know how to use a query session - get the session id and do a reset session.  Works great.  But how do we do this is both people get knocked off and both sessions are hung so no one can get on the server through RDP?  I keep reading about console access - but does this mean I hve tobe able to sign onto the server itself?  Which I cannot do.  Sorry of this is a dumb question.  I have scoured the internet looking for a solution.  Our only solution right now is to call the intel team and have them do it - but this is very incovneient and we would like to be able to reset ourselves.
0
Angela_Wilcox
Asked:
Angela_Wilcox
3 Solutions
 
Brum07Commented:
You are corrct in that you need to login as admin to access the console session, another method is to open the TS Manager from Admin tools on another server in the domain, connect to the server with the disconnected sessions and kill them off

Hope this helps.

Regards
0
 
thechaosrealmCommented:
If both sessions are used, try this command to get a remote desktop session into the server:

Start, Run,  MSTSC /v:IPADDRESSOFSERVER /console

This will remote you directly into the console as if you were sitting right in front of it.


Also, instead of querying and resetting sessions, you can alternatively just open up the Terminal Services Manager from the Administrative Tools folder and right click, reset or logoff that way. You can also perform a remote control or just connect directly to that session from the TSM console.
0
 
nixgibsCommented:
one way is to connect with consol with one of the following mstsc parameters (depending on the mstsc version) (you maybe dont have the rights to do this)

mstsc /console
or
mstsc /admin

the other way is to set up a timeout for disconected session so that the server resets the broken session
you can do this in the terminal server configuration mmc
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
daviddrivCommented:
As you mention, there is actually a third terminal session for the console.  All you need to do is run the following from the run command:

mstsc <servername> /console

That will get you into the console session and you can boot the users as you normally do.
0
 
cyberseanCommented:
I'm pretty sure if you attempt to connect to the console session remotely when you've already exceeded your maximum connections, you receive the same error.  You would have to connect to the TS Manager and boot the other users as mentioned above.  You may want to look at VNC for remote access.  It works great and its free.  (www.realvnc.com)
0
 
Angela_WilcoxAuthor Commented:
Thanks for all the responses.  I have awarded a split of points based on the following:
1.  The command line access works like a charm BUT it will boot off the intel person for which I will get in trouble - evidently they hang out on the console.  So  I will reserve that for an emergency if needed.
2.  Using the terminal Services Manager on another computer in the same domain works like a charm.  We are not supposed to have it installed - but they left it on one of our 5 servers and so that is what I will use - tested it and it works great.
3.  The time out is a good idea - followup question on that.  Does it start timing from point you are idle or from when session opens?  So we know how we want to set it...

THANKS for all the help from you EXPERTS!!!
0
 
Angela_WilcoxAuthor Commented:
Thanks for all the responses.  I have awarded a split of points based on the following:
1.  The command line access works like a charm BUT it will boot off the intel person for which I will get in trouble - evidently they hang out on the console.  So  I will reserve that for an emergency if needed.
2.  Using the terminal Services Manager on another computer in the same domain works like a charm.  We are not supposed to have it installed - but they left it on one of our 5 servers and so that is what I will use - tested it and it works great.
3.  The time out is a good idea - followup question on that.  Does it start timing from point you are idle or from when session opens?  So we know how we want to set it...

THANKS for all the help from you EXPERTS!!!
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now