We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now


Powershell Script User to Identify a User's Active RDP Sessions

Techop09 asked
Medium Priority
Last Modified: 2012-05-11

I am attempting to write an interactive Powershell script that accepts a username and traverses Active Directory for that user's active RDP sessions across all Windows 2003/2008 servers in the domain.  Is this possible?  Thanks.  
Watch Question

Unlock this solution and get a sample of our free trial.
(No credit card required)
I have a solution for you.

First you need to go to: http://archive.msdn.microsoft.com/PSTerminalServices/Release/ProjectReleases.aspx?ReleaseId=5479

and download and run the  PSTerminalServices_1.1.msi

Then start PowerShell
Run this command to Import the new module.
Import-Module PSTerminalServices

You will need to import the module each time you start PowerShell, unless you add it to your profile.  (That is a different topic)

Now you can run the script.

Save this script with a .ps1 extension

To run the script in powershell (incase you don't already know) the syntax is:

This script will prompt you for a username.  It will search using wildcards, so you can use a partial name if you want.

Then it finds all of the Terminal Servers in you domain and queries each one to see if there is an Active session with a matching username.

Let me know how it works for you and if you have any questions!
$erroractionpreference = "SilentlyContinue"

{ $username = $(Read-Host -prompt "Enter the username") }
until ( $username.length -gt 0 )

$tsservers = get-tsservers

foreach ($server in $tsservers)
    #Write-Host $server.servername
    get-tssession -computer $server.servername -filter { $_.ConnectionState -eq 'Active' -and $_.Username -like '*' + $username + '*' }

Open in new window

Unlock this solution and get a sample of our free trial.
(No credit card required)


Thanks for the quick responses.  To RLANDQUIST, your solution seems close to what I'm looking for, however, the Terminal Services Module seems to only give you servers with Terminal Services installed.  I'm looking for something that would give all active Remote Desktop sessions, regardless of whether the server has Terminal Services installed on it or not.  

To SOOSTIBI, when running your script I get the following error message.  

Get-WmiObject : Not found
At C:\Users\colonto.NYH\Desktop\RDP.ps1:9 char:22
+         get-wmiobject <<<<  -ComputerName $comp -Query `
    + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], Managemen
    + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.C

Thanks again for your help guys.

Have you customized the first two lines of my script?
Have you created the txt file with the servernames in it, one in each line?


Yes, I did.  I try entering FQDNs and just NETBIOS names, and still got the same error message

Copying the code from the EE interface might cause the problem. Try this, I took out the 'backtick' character from line 9.
And you have to run it as Administrator.
$user = "iqjb\soost"  
$servers = "soostpc" #get-content c:\serverlist.txt  
$servers | %{  
    $comp = $_  
    Get-WmiObject -Class win32_logonsession -Filter "Logontype=10" -ComputerName $comp |  
        $wo = $_  
        get-wmiobject -ComputerName $comp -Query "Associators of {Win32_logonSession.LogonID=$($wo.LogonId)} where AssocClass = Win32_LoggedOnUser Role=Dependent" |   
            ?{$_.caption -eq $user} |  
        Add-Member -MemberType noteproperty -Name Authentication -Value $_.AuthenticationPackage -PassThru |  
        Add-Member -MemberType noteproperty -Name LogonType -Value $_.Logontype -PassThru |  
        Add-Member -MemberType noteproperty -Name StartTime -Value ($_.converttodatetime($_.StartTime)) -PassThru  |    
        Add-Member -MemberType noteproperty -Name ServerName -Value $_.__Server -PassThru  
} | Select-Object servername, caption, logontype, authentication, starttime

Open in new window


Same result.  :(  

Strange, it works for me.
Could you copy the exact error message here?
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.