lakeview108
asked on
GPO To Log Off Terminal Services Users
I have a Server 2003 domain controller and a Server 2000 terminal server and I am using LimitLogin to prevent users from logging in on more than one machine at a time. The users of the terminal server simply hit the X to close the window, but this does not log them off. What I'm looking to do is force the log off for users who are logged in through the terminal server and use the X to log out. I've been using the GPO Computer Config->Admin Template->Windows Components->Terminal Services->Sessions and set the following Set time limit for disconnected sessions; Sets a time limit for active but idle TS sessions; and Terminate session when time limits are reached. These settings work through the terminal server manager, but it does not show as a valid log off from the limit login software. Any ideas?
This will take you to quite anumber of the registry keys and specific setting within GPO's
http://technet.microsoft.com/en-us/library/cc780857(WS.10).aspx
I use the X quite often to keep a process running, but not while I'm logged in. It's the idle time that gets me every time.
http://technet.microsoft.com/en-us/library/cc780857(WS.10).aspx
I use the X quite often to keep a process running, but not while I'm logged in. It's the idle time that gets me every time.
ASKER
Kjanicke, thanks for the response. I tired setting both the set time to disconnect sessions and the idle time, but neither seemed to send the correct message to the 3rd party Limit Login software. Since MS doesn't have a way to limit the logins on a per user basis this is the software that they recommend and it's free which makes it the software that the company recommends. ;-) By setting both the GPO and registry values I am able to disconnect the terminal sessions, but it is not registering as a log off to the Limit Login software.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I ended up uninstalling the software from the terminal server. Although I would still like to find an answer to this I think the best thing to do would be upgrade the terminal server.
Thanks kjanicke for all of your suggestions and help.
Thanks kjanicke for all of your suggestions and help.
MaxDisconnectTime is the registry key you may be looking for.
To change the value of this entry, use the Group Policy Object Editor (Gpedit.msc). The corresponding policy is located in Administrative Templates\Windows Components\Terminal Services\Sessions. "set time for disconnected sessions"
http://technet.microsoft.com/en-us/library/cc776083(WS.10).aspx
MaxIdleTime is the key for active but idle sessions.
http://technet.microsoft.com/en-us/library/cc786098(WS.10).aspx