Solved

Remote Desktop Compromise

Posted on 2009-05-18
3
312 Views
Last Modified: 2012-05-07
We have several servers configured according to their role.  The server in question presently is an Exchange server.  

We outsource our engineers.  They have set the sessions not to time out because they are sometimes working remotely on projects that need to continue to run even if they have to walk away from the system for a few hours - long enough for Citrix to disconnect them.

We often see the terminal services has reached its maximum number of connections error.  

How can we achieve their goal while not putting ourselves in the position to have to directly visit the server when there are several disconnected sessions?  Is there a way to see who is logged in via RDP?  Is there a way to forcefully log off RDP sessions from the server?
0
Comment
Question by:NCHCIT
3 Comments
 
LVL 84

Accepted Solution

by:
oBdA earned 350 total points
ID: 24415556
You can always use "mstsc.exe /admin" (assuming XP SP3 and W2k3 SP2, otherwise try "mstsc.exe /console") to connect directly to the console session. If the same user is logged on to the console, the existing session will be pulled over, otherwise the user currently logged on to the console session will be logged off.
Then you can use the Terminal Services Management console to connect to a remote machine and logoff/terminate sessions.
From the command line on a server, you can finally use
query session /server:<ServerName>
to see running sessons, and use
logoff <SessonID> /server:<ServerName>
with the session ID obtained from the first command.
0
 
LVL 16

Expert Comment

by:speshalyst
ID: 24415560
0
 
LVL 3

Assisted Solution

by:Cameron_S
Cameron_S earned 150 total points
ID: 24415583
If you are referring to RDP specifically, you can simply go into the Exchange Server's Task Manager > Users and see who is logged in from where. From there, if you are an administrator, you can Disconnect / Log Off the session. You can even do this via RDP if you wish.

If you are speaking specifically of Citrix, I know in the MetaFrame Console you could view the connections and what/where they were connected to.

Optionally, you may want to write up a script that simply drops the disconnected sessions based on your criteria.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question