Solved

Batch script/VB script to terminate Remote Desktop connection server side

Posted on 2014-02-04
8
1,377 Views
Last Modified: 2014-02-04
My company has a lot of users that run an application through remote desktop. The application has no problems, however we do run into intermittent issues with users having their remote desktop interface freeze up, and terminating the connection from their side does not end their session on the server. Our system administrators are then required to log into the server and manually reset these users connections. Is there a way to write a script with sufficiently hidden credentials that can run this command based on the logged in user (their PC account name is the same as their account name on the remote server) to disconnect their session server side? I'm ideally trying to make an icon they can double click that will save our admins the time, but if it's any more complicated than that I don't trust the users to be able to figure it out. I do however have a few tech savvy users (one that even set up a vpn to watch youtube) who I need to make sure won't be able to see the admin credentials for the remote server by opening the script in an editor. Please advise :)
0
Comment
Question by:botsadmins
  • 4
  • 4
8 Comments
 
LVL 15

Expert Comment

by:ZabagaR
ID: 39833469
Can't you just edit your RDP-TCP settings (sessions TAB) so a disconnected (or broken) session is terminated after 1 minute?
0
 

Author Comment

by:botsadmins
ID: 39833558
I have "End a disconnected session" set to 1 minute, is that supposed to cover a 'broken' session? If that is the case, then my users are experiencing inoperable sessions that are not being recognized as broken by the server. I see there is an option to "Disconnect from session" "When session limit is reached or connection is broken" but the folks who came before me saw fit to leave that 'Override user settings' unchecked. I'd like to think that was for a reason. But there's a reason they're not here anymore. We don't set session limits, active or idle, so can you tell me what potential negative results I might see by enabling that option? Again, "end a disconnected session" is set to a minute, and that feature is not recognizing the inoperable state as disconnected, even when killing the remote desktop process via the task manager.
0
 
LVL 15

Expert Comment

by:ZabagaR
ID: 39833651
What do you mean by inoperable state?

End a Disconnected Session in 1 minute is supposed to log a user off in a minute if they click the "X" in the upper-right corner of the RDP window - instead of properly logging out.

We always check the "disconnect" radio button for "When session limit is reached or connection is broken". We don't use time limits. This is going to disconnect a session if the session is broken by other means (not clicking the X) like a bad network connection for instance. It may apply in your case of an "inoperable state". I don't think you can cause a problem by using it.

Also don't forget each user account also has an RDP "session" tab with these same RDP settings. those individual settings take preference unless you override here from the server.
0
 

Author Comment

by:botsadmins
ID: 39833710
When I say inoperable state, I mean their connection freezes, they close out of it (via the 'x' rather than being able to log out) and even after a minute passes they are unable to log in as their session on the server is still active. Even with the "Override user settings end a disconnected session after a minute." I'll try activating the disconnect broken session radio button option and see what happens. Thank you Zabaga. Really good info. I usually get 3 or 4 of those requests a day, I think they're the result of a bad (overloaded on our hosts side) network connection. I think you might have my solution here. I'll keep you posted (and hopefully 'pointed' soon)
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 15

Expert Comment

by:ZabagaR
ID: 39833775
Is this just a plain full screen RDP or are you using 2008's RemoteApp RDP feature?
0
 

Author Comment

by:botsadmins
ID: 39833898
RemoteAPP RPD feature
0
 
LVL 15

Accepted Solution

by:
ZabagaR earned 500 total points
ID: 39833922
You should then consider setting the following group policy on the server:

"Set time limit for logoff of RemoteApp sessions"

Enable it then set it to immediately

It's a user policy under "administrative templates".

I use RemoteApp RDP and standard full window. I had problems with the system taking forever to log off a remoteapp session. This fixed it.

Unrelated....in computer policy go to "set compression algorithm". We set to Balanced. I think we had some app crash issues while trying to shadow/remote control users in RemoteApp before setting that.
0
 

Author Closing Comment

by:botsadmins
ID: 39834225
Everything I needed and a little extra just to help. Excellent, excellent assistance for some system administration still wet behind the ears. Thanks so much. Take all my points :)
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

How can you create a game plan that lets you focus on special projects instead of running from cubicle to cubicle every day and feeling like you’ve accomplished nothing? Try these strategies for prioritizing your tasks, offloading what you can, and …
In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now