Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

GPO To Log Off Terminal Services Users

Posted on 2009-07-07
5
1,030 Views
Last Modified: 2013-12-05
I have a Server 2003 domain controller and a Server 2000 terminal server and I am using LimitLogin to prevent users from logging in on more than one machine at a time. The users of the terminal server simply hit the X to close the window, but this does not log them off.   What I'm looking to do is force the log off for users who are logged in through the terminal server and use the X to log out.  I've been using the GPO Computer Config->Admin Template->Windows Components->Terminal Services->Sessions and set the following Set time limit for disconnected sessions; Sets a time limit for active but idle TS sessions; and Terminate session when time limits are reached.  These settings work through the terminal server manager, but it does not show as a valid log off from the limit login software.  Any ideas?
0
Comment
Question by:lakeview108
  • 3
  • 2
5 Comments
 
LVL 18

Expert Comment

by:kjanicke
ID: 24842686
Greetings:

MaxDisconnectTime is the registry key you may be looking for.
To change the value of this entry, use the Group Policy Object Editor (Gpedit.msc). The corresponding policy is located in Administrative Templates\Windows Components\Terminal Services\Sessions.  "set time for disconnected sessions"
http://technet.microsoft.com/en-us/library/cc776083(WS.10).aspx

MaxIdleTime is the key for active but idle sessions.
http://technet.microsoft.com/en-us/library/cc786098(WS.10).aspx
0
 
LVL 18

Expert Comment

by:kjanicke
ID: 24842750
This will take you to quite anumber of the registry keys and specific setting within GPO's
http://technet.microsoft.com/en-us/library/cc780857(WS.10).aspx

I use the X quite often to keep a process running, but not while I'm logged in.  It's the idle time that gets me every time.
0
 

Author Comment

by:lakeview108
ID: 24843205
Kjanicke, thanks for the response.  I tired setting both the set time to disconnect sessions and the idle time, but neither seemed to send the correct message to the 3rd party Limit Login software.  Since MS doesn't have a way to limit the logins on a per user basis this is the software that they recommend and it's free which makes it the software that the company recommends.  ;-) By setting both the GPO and registry values I am able to disconnect the terminal sessions, but it is not registering as a log off to the Limit Login software.
0
 
LVL 18

Accepted Solution

by:
kjanicke earned 500 total points
ID: 24844843
Does setting a  single session per user via terminal services  do the same thing as LimitLogin?

Key -- fSingleSessionPerUser
Location -- HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
Decsription -- Stores configuration data for the policy setting Restrict Terminal Services users to a single remote session.
0
 

Author Comment

by:lakeview108
ID: 24908324
I ended up uninstalling the software from the terminal server.  Although I would still like to find an answer to this I think the best thing to do would be upgrade the terminal server.

Thanks kjanicke for all of your suggestions and help.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question