Tony Giangreco
asked on
Windows 2008 R2 Server: RDP Sessions remain open until manually closing
I Maintain a Windows 2008 domain with four servers. One is a Windows 2008 R2 64 bit server running RDP with 10 RDP licenses. Here is a description of the situation I'm trying to resolve.
1. Users login and I suspect they just close their session without logging off.
2. I've repeatedly trained users to logoff, but I suspect it does not happen as expected.
3. In Remote Desktop Services Manager, I find user sessions in disconnected status.
4. In RDP-TCP-Properties of RDS-Host Configuration I have the following settings:
a. Override User Settings - End a disconnected session in 1 hour
b. Active session limit: 12 hours
c. Idle session limit: 1 hour
d. Override User Settings - When session limit is reached or connection is broken, End Session
When I go to Computer Management, Shared Folder, Sessions, I see the following:
1. Many users are listed about 15 times with active sessions
2. It appears there is a session listing for every time they have logged in remotely.
3. The session listings are there until I Click the session and select Close Session or reboot the server.
I have 50 users so this list gets large. About 25 users login at different times remotely with about 4 to 8 at any one time. How do I configure the server to close the sessions after then end (logoff or closed by user).
Is there a command I can schedule to automate this so just the disconnected user sessions get closed without closing actual working RDP sessions?
1. Users login and I suspect they just close their session without logging off.
2. I've repeatedly trained users to logoff, but I suspect it does not happen as expected.
3. In Remote Desktop Services Manager, I find user sessions in disconnected status.
4. In RDP-TCP-Properties of RDS-Host Configuration I have the following settings:
a. Override User Settings - End a disconnected session in 1 hour
b. Active session limit: 12 hours
c. Idle session limit: 1 hour
d. Override User Settings - When session limit is reached or connection is broken, End Session
When I go to Computer Management, Shared Folder, Sessions, I see the following:
1. Many users are listed about 15 times with active sessions
2. It appears there is a session listing for every time they have logged in remotely.
3. The session listings are there until I Click the session and select Close Session or reboot the server.
I have 50 users so this list gets large. About 25 users login at different times remotely with about 4 to 8 at any one time. How do I configure the server to close the sessions after then end (logoff or closed by user).
Is there a command I can schedule to automate this so just the disconnected user sessions get closed without closing actual working RDP sessions?
Have you tried restricting users to a single remote session?
Please review this thread:
http://social.technet.microsoft.com/Forums/en-US/winserverTS/thread/be11e981-625c-447c-9d7e-9fcf4c7876c7
Please review this thread:
http://social.technet.microsoft.com/Forums/en-US/winserverTS/thread/be11e981-625c-447c-9d7e-9fcf4c7876c7
ASKER
Yes, when I set it up, I selected Users can have only one session.
Hmmm...the part that is puzzling is that you have "Many users listed about 15 times with active sessions" but the server is restricted to one session per user? Have you confirmed this setting actually took affect? If the setting is correct the user should get an error when they try to login their second session. Do you think users are sharing logins? I'm also not sure how all the sessions can remain active.
Can you verify the highlighted setting in this picture?
Capture.JPG
Capture.JPG
ASKER
I only see the multiple sessions in Computer Management, sessions, not in the RDP manager.
ASKER
Yes, this has been confirmed: Can you verify the highlighted setting in this picture?
Do you have any Group Policies that may be over riding these settings?
ASKER
GPO is basicly default. I only changed the number of invalid login attempts because hackers were trying to login. After the invalid attempts, the users ad account is locked out.
I see this happen to about one user every two weeks.
I see this happen to about one user every two weeks.
ASKER
Attached is a screen print from this morning.
Session-Listing.jpg
Session-Listing.jpg
That is for file shares not RDP Sessions. That is normal to have multiple sessions listed in this area. I'll upload a snapshot of the area you want to monitor RDP Sessions in a minute.
Administrative Tools > Manage Remote Desktop Session Host
Capture.JPG
Capture.JPG
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok, my RDP sessions window looks like yours. So there is no way to eliminate the multiple file share connections per user so it's limited to the last connection?
This should like a Microsoft issue...
This should like a Microsoft issue...
Here is a couple of links on limiting connections to a share:
http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/9a70af9e-c97f-4728-b195-e178a942450d
http://serverfault.com/questions/170689/window-server-2003-file-sharing-number-of-connection
http://technet.microsoft.com/en-us/library/cc738059(v=WS.10).aspx
(Limiting connections to a file share will cause issues for users. Normally if it's using a connection it needs the connection.)
http://social.technet.microsoft.com/Forums/en-US/winservergen/thread/9a70af9e-c97f-4728-b195-e178a942450d
http://serverfault.com/questions/170689/window-server-2003-file-sharing-number-of-connection
http://technet.microsoft.com/en-us/library/cc738059(v=WS.10).aspx
(Limiting connections to a file share will cause issues for users. Normally if it's using a connection it needs the connection.)
ASKER
Ok, so it looks like I shouldn't make any changes. it appears chnages could cause more problems.
I appreciate the help!
I appreciate the help!
http://www.onlinehowto.net/remote-desktop-auto-disconnect-and-auto-logoff-idle-sessions/1428