Solved

Remote Desktop Compromise

Posted on 2009-05-18
3
316 Views
Last Modified: 2012-05-07
We have several servers configured according to their role.  The server in question presently is an Exchange server.  

We outsource our engineers.  They have set the sessions not to time out because they are sometimes working remotely on projects that need to continue to run even if they have to walk away from the system for a few hours - long enough for Citrix to disconnect them.

We often see the terminal services has reached its maximum number of connections error.  

How can we achieve their goal while not putting ourselves in the position to have to directly visit the server when there are several disconnected sessions?  Is there a way to see who is logged in via RDP?  Is there a way to forcefully log off RDP sessions from the server?
0
Comment
Question by:NCHCIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 84

Accepted Solution

by:
oBdA earned 350 total points
ID: 24415556
You can always use "mstsc.exe /admin" (assuming XP SP3 and W2k3 SP2, otherwise try "mstsc.exe /console") to connect directly to the console session. If the same user is logged on to the console, the existing session will be pulled over, otherwise the user currently logged on to the console session will be logged off.
Then you can use the Terminal Services Management console to connect to a remote machine and logoff/terminate sessions.
From the command line on a server, you can finally use
query session /server:<ServerName>
to see running sessons, and use
logoff <SessonID> /server:<ServerName>
with the session ID obtained from the first command.
0
 
LVL 16

Expert Comment

by:speshalyst
ID: 24415560
0
 
LVL 3

Assisted Solution

by:Cameron_S
Cameron_S earned 150 total points
ID: 24415583
If you are referring to RDP specifically, you can simply go into the Exchange Server's Task Manager > Users and see who is logged in from where. From there, if you are an administrator, you can Disconnect / Log Off the session. You can even do this via RDP if you wish.

If you are speaking specifically of Citrix, I know in the MetaFrame Console you could view the connections and what/where they were connected to.

Optionally, you may want to write up a script that simply drops the disconnected sessions based on your criteria.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question