Solved

Remote Desktop Compromise

Posted on 2009-05-18
3
305 Views
Last Modified: 2012-05-07
We have several servers configured according to their role.  The server in question presently is an Exchange server.  

We outsource our engineers.  They have set the sessions not to time out because they are sometimes working remotely on projects that need to continue to run even if they have to walk away from the system for a few hours - long enough for Citrix to disconnect them.

We often see the terminal services has reached its maximum number of connections error.  

How can we achieve their goal while not putting ourselves in the position to have to directly visit the server when there are several disconnected sessions?  Is there a way to see who is logged in via RDP?  Is there a way to forcefully log off RDP sessions from the server?
0
Comment
Question by:NCHCIT
3 Comments
 
LVL 82

Accepted Solution

by:
oBdA earned 350 total points
ID: 24415556
You can always use "mstsc.exe /admin" (assuming XP SP3 and W2k3 SP2, otherwise try "mstsc.exe /console") to connect directly to the console session. If the same user is logged on to the console, the existing session will be pulled over, otherwise the user currently logged on to the console session will be logged off.
Then you can use the Terminal Services Management console to connect to a remote machine and logoff/terminate sessions.
From the command line on a server, you can finally use
query session /server:<ServerName>
to see running sessons, and use
logoff <SessonID> /server:<ServerName>
with the session ID obtained from the first command.
0
 
LVL 16

Expert Comment

by:speshalyst
ID: 24415560
0
 
LVL 3

Assisted Solution

by:Cameron_S
Cameron_S earned 150 total points
ID: 24415583
If you are referring to RDP specifically, you can simply go into the Exchange Server's Task Manager > Users and see who is logged in from where. From there, if you are an administrator, you can Disconnect / Log Off the session. You can even do this via RDP if you wish.

If you are speaking specifically of Citrix, I know in the MetaFrame Console you could view the connections and what/where they were connected to.

Optionally, you may want to write up a script that simply drops the disconnected sessions based on your criteria.
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Learn about cloud computing and its benefits for small business owners.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now