Solved

Limit Concurrent Windows Logon Sessions

Posted on 2014-04-02
14
815 Views
Last Modified: 2014-07-25
Limit Concurrent Windows Logon Sessions

tried http://www.rlmueller.net/LogonScriptFAQ.htm 


tried rlmueller.net Logon7.vbs and Logoff7.vbs but  not working it is not stopping second session of user login
0
Comment
Question by:mash1978
  • 8
  • 3
  • 2
14 Comments
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 39973573
It wasn't meant to limit concurrent logons.. You have to go into the terminal services configuration
You can do so via a setting in the Microsoft Management Console (MMC) Terminal Services Configuration snap-in. Go to Start, Programs, Administrative Tools, Terminal Services Configuration. Select Server Settings, and in the details pane double-click Restrict each user to one session. Select the Restrict each user check box. This setting restricts each user to only one connection. If a user disconnects from a session and later tries to log on to the terminal server again, the server reconnects the user to the session that's already active. If a user is currently connected to Terminal Services and tries to initiate another Remote Desktop session, the server will disconnect the user from his or her current session and connect them to a session from their new Remote Desktop window.

Restricting Users to One Concurrent Terminal Services Session | Systems Management content from Windows IT Pro - http://goo.gl/LyHSQr
0
 

Author Comment

by:mash1978
ID: 39974074
We are not asking for Terminal Server , it is related to Normal Windows Domain local user login. for windows xp , windows 7, 8 domain user login on windows 2003 / 2008 /2012 domain controller
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 39974089
You need to install the Microsoft LimitLogin utility.
http://support.microsoft.com/kb/237282
http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359cc0842/limitlogin.exe
Prevent Same User Login to Multiple Computers Simultaneously - Spiceworks - http://goo.gl/H8fA7t
0
 

Author Comment

by:mash1978
ID: 39975705
Thanks,  but we do not want to use this tool as it will not work on windows 64bit OS

Please provide suggestions why  rlmuller.net vb script not working
0
 

Author Comment

by:mash1978
ID: 39977313
Admin need your attention on this question
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39982332
Just trying to understand your exact requirement 1st please

Do you want that if one user has logged on his win xp \ 7 workstation with domain id, he should be prevented to logon on next workstation, is that you are looking for or some thing else ?

Mahesh.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:mash1978
ID: 39982385
Yes, perfect.
0
 

Author Comment

by:mash1978
ID: 39982400
I am trying rlmueller

http://www.rlmueller.net/Logon7.htm

File Should created as login name of User and User should not be able to login on another PC/System When it is login on one PC/system. in Domain script should be applicable for Windows xp/7/8  and Domain Controller is windows 2003/2008
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39982427
Ok
I am not scripting guy to modify Mueller script
You could write \ request him so that he might be help you

However as far I know what you are trying to do is not possible with MS tools or not possible with LimitLogin utility as it won't support Windows 2008 AD

The possible way to do this with 2008 active directory is with 3rd party utility
http://www.isdecisions.com/products/userlock

Mahesh.
0
 

Author Comment

by:mash1978
ID: 39982659
isdecisions.com tool is too costly

microsoft not willing acquire and in build this tool in his Operating system. very strange thing.

Microsoft do not want to support Limit Concurrent Windows Logon Sessions in his Operating system that's why people like  Novell Netware ,Sco Unix and Linux.
0
 

Accepted Solution

by:
mash1978 earned 0 total points
ID: 39982677
Problem Resolved.....

Find below updated Mueller script  ( I will again say many many thanks to Mr. Muller)

Kindly guide me any things can be improve in this script like in login file write user name and last pc name/IP of user last login and have not logoff.

=====================================================

------------------------------------------------------------------------------------------------------------------
Logon7_Others.txt / Logon7_Others.vbs
------------------------------------------------------------------------------------------------------------------

' Logon7.vbs
' VBScript Logon script to enforce one logon session per user.
'
' ----------------------------------------------------------------------
' Copyright (c) 2010 Richard L. Mueller
' Hilltop Lab web site - http://www.rlmueller.net
' Version 1.0 - May 29, 2010
' Version 1.1 - June 3, 2010
'
' You have a royalty-free right to use, modify, reproduce, and
' distribute this script file in any way you find useful, provided that
' you agree that the copyright owner above has no warranty, obligations,
' or liability for such use.

Option Explicit

Dim objFSO, objNewFile, objNetwork
Dim intCount, objShell, intTimeout
Dim strComputerEncoded, strShare, strFlagFile, strComputer
Dim objOldFile, strLine, strValue, objChars, strErrorLog
Dim objWMIService, colOperatingSystems, objOperatingSystem
Dim strTitle, strText, intConstants, intAns
Dim strHexValue, strUserEncoded, objSysinfo, strUserDN, objUser
Dim strShare2, objErrorLog
Dim objWSHShell
Dim strLoginName1

Const B64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
Const ForReading = 1
Const ForWriting = 2
Const ForAppending = 8
Const OpenAsASCII = 0
Const CreateIfNotExist = True
Const LOGOFF = 0

' Specify shared folder.
strShare = "\\sharepath-01\LIMITLOGON$\Logs"

' Specify alternate shared folder to log errors if the first is unavailable.
strShare2 = "\\sharepath-02\LIMITLOGON$\Logs"
intTimeout = 4

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objNetwork = CreateObject("Wscript.Network")
Set objShell = CreateObject("Wscript.Shell")

' Retrieve user and computer information.
Set objSysInfo = CreateObject("ADSystemInfo")
strUserDN = objSysInfo.UserName
Set objUser = GetObject("LDAP://" & strUserDN)
strComputer = objNetwork.ComputerName
strLoginName1 = objNetwork.UserName 

' Base64 encode computer name and user GUID.
strHexValue = TextToHex(strComputer)
strComputerEncoded = HexToBase64(strHexValue)

strHexValue = TextToHex(objUser.GUID)
strUserEncoded = HexToBase64(strHexValue)
' Remove trailing "=".
strUserEncoded = Replace(strUserEncoded, "=", "")

' Create flag file based on encoded user GUID.
'strFlagFile = strShare & "\" & strUserEncoded & ".log"




strFlagFile = strShare & "\" & strLoginName1 & ".log"





' Check if flag file exists for this user.
If (objFSO.FileExists(strFlagFile) = True) Then
    ' Read encoded computer name from the flag file.
    Set objOldFile = objFSO.OpenTextFile(strFlagFile, ForReading)
    strLine = objOldFile.ReadLine
    objOldFile.Close
    ' Check encoded computer name.
    If (strLine <> strComputerEncoded) Then
        ' Does not match encode local computer name. Decode computer name.
        ' Setup dictionary object.
        Set objChars = CreateObject("Scripting.Dictionary")
        objChars.CompareMode = vbBinaryCompare
        ' Load dictionary object.
        Call LoadChars
        ' Alert user.
        strValue = Base64ToHex(strLine)
        strValue = HexToText(strValue)
        strTitle = "Too many logon Sessions"
        strText = "You must logoff (or restart) computer: " & strValue
        intConstants = vbOKOnly + vbCritical
        intAns = objShell.Popup(strText, intTimeout, strTitle, _
            intConstants)

        ' Logoff.
        Set objWMIService = GetObject("winmgmts:" _ 
            & "{impersonationLevel=impersonate,authenticationLevel=Pkt,(Shutdown)}!\\" _ 
            & strComputer & "\root\cimv2") 

        Set colOperatingSystems = objWMIService.ExecQuery _
            ("Select * from Win32_OperatingSystem")

        For Each objOperatingSystem in colOperatingSystems
            objOperatingSystem.Win32Shutdown(LOGOFF)
	
		
		ObjOperatingSystem.Win32Shutdown(0) 

Set objWSHShell = WScript.CreateObject("WScript.shell")


objWSHShell.Run "C:\windows\system32\shutdown.exe -f -l"

'objWSHShell.Run "psshutdown.exe -f -o -accepteula"

'objWSHShell.Run "\\sharepath-01\SYSVOL\Domain Name\Tools\PsTools\psshutdown.exe -f -o -accepteula"

        Next
        Wscript.Quit
    End If
End If

' Write computer name to flag file.
On Error Resume Next
Set objNewFile = objFSO.OpenTextFile(strFlagFile, _
    ForWriting, CreateIfNotExist, OpenAsASCII)
If (Err.Number = 0) Then
    On Error GoTo 0
    ' Write to flag file.
    objNewFile.WriteLine strComputerEncoded
    objNewFile.Close
Else
    On Error GoTo 0
    ' Unable to open text file. Log error to alternate location.
    strErrorLog = strShare2 & "\Error.log"
    On Error Resume Next
    Set objErrorLog = objFSO.OpenTextFile(strErrorLog, _
        ForAppending, CreateIfNotExist, OpenAsASCII)
    If (Err.Number = 0) Then
        On Error GoTo 0
        ' Make three attempts to write, in case many users are affected.
        intCount = 1
        Do Until intCount = 3
            On Error Resume Next
            objErrorLog.WriteLine "## Logon Error" _
                & vbCrLf & "Time: " & CStr(Now()) _
                & vbCrLf & "Share unavailable: " & strShare _
                & vbCrLf & "User: " & strUserDN _
                & vbCrLf & "Computer: " & strComputer _
                & vbCrLf & "Flag file not created"
            If (Err.Number = 0) Then
                On Error GoTo 0
                Exit Do
            Else
                Err.Clear
                intCount = intCount + 1
                Wscript.Sleep 200
            End If
            On Error GoTo 0
        Loop
        objErrorLog.Close
    End If
End If
On Error GoTo 0

Function TextToHex(ByVal strText)
    ' Function to convert a text string into a string of hexadecimal bytes.
    Dim strChar, k

    TextToHex = ""
    For k = 1 To Len(strText)
        strChar = Mid(strText, k, 1)
        TextToHex = TextToHex & Hex(Asc(strChar))
    Next
End Function

Function HexToBase64(ByVal strHex)
    ' Function to convert a hex string into a base64 encoded string.
    ' Constant B64 has global scope.
    Dim lngValue, lngTemp, lngChar, intLen, k, j, strWord, str64, intTerm

    intLen = Len(strHex)

    ' Pad with zeros to multiple of 3 bytes.
    intTerm = intLen Mod 6
    If (intTerm = 4) Then
        strHex = strHex & "00"
        intLen = intLen + 2
    End If
    If (intTerm = 2) Then
        strHex = strHex & "0000"
        intLen = intLen + 4
    End If

    ' Parse into groups of 3 hex bytes.
    j = 0
    strWord = ""
    HexToBase64 = ""
    For k = 1 To intLen Step 2
        j = j + 1
        strWord = strWord & Mid(strHex, k, 2)
        If (j = 3) Then
            ' Convert 3 8-bit bytes into 4 6-bit characters.
            lngValue = CCur("&H" & strWord)

            lngTemp = Fix(lngValue / 64)
            lngChar = lngValue - (64 * lngTemp)
            str64 = Mid(B64, lngChar + 1, 1)
            lngValue = lngTemp

            lngTemp = Fix(lngValue / 64)
            lngChar = lngValue - (64 * lngTemp)
            str64 = Mid(B64, lngChar + 1, 1) & str64
            lngValue = lngTemp

            lngTemp = Fix(lngValue / 64)
            lngChar = lngValue - (64 * lngTemp)
            str64 = Mid(B64, lngChar + 1, 1) & str64

            str64 = Mid(B64, lngTemp + 1, 1) & str64

            HexToBase64 = HexToBase64 & str64
            j = 0
            strWord = ""
        End If
    Next
    ' Account for padding.
    If (intTerm = 4) Then
        HexToBase64 = Left(HexToBase64, Len(HexToBase64) - 1) & "="
    End If
    If (intTerm = 2) Then
        HexToBase64 = Left(HexToBase64, Len(HexToBase64) - 2) & "=="
    End If

End Function

Function HexToText(ByVal strHex)
    ' Function to convert a string of hexadecimal bytes into a text string.
    Dim strChar, k

    HexToText = ""
    For k = 1 To Len(strHex) Step 2
        strChar = Mid(strHex, k, 2)
        HexToText = HexToText & Chr("&H" & strChar)
    Next
End Function

Function Base64ToHex(ByVal strValue)
    ' Function to convert a base64 encoded string into a hex string.
    Dim lngValue, lngTemp, lngChar, intLen, k, j, intTerm, strHex

    intLen = Len(strValue)

    ' Check padding.
    intTerm = 0
    If (Right(strValue, 1) = "=") Then
        intTerm = 1
    End If
    If (Right(strValue, 2) = "==") Then
        intTerm = 2
    End If

    ' Parse into groups of 4 6-bit characters.
    j = 0
    lngValue = 0
    Base64ToHex = ""
    For k = 1 To intLen
        j = j + 1
        ' Calculate 24-bit integer.
        lngValue = (lngValue * 64) + objChars(Mid(strValue, k, 1))
        If (j = 4) Then
            ' Convert 24-bit integer into 3 8-bit bytes.
            lngTemp = Fix(lngValue / 256)
            lngChar = lngValue - (256 * lngTemp)
            strHex = Right("00" & Hex(lngChar), 2)
            lngValue = lngTemp

            lngTemp = Fix(lngValue / 256)
            lngChar = lngValue - (256 * lngTemp)
            strHex = Right("00" & Hex(lngChar), 2) & strHex
            lngValue = lngTemp

            lngTemp = Fix(lngValue / 256)
            lngChar = lngValue - (256 * lngTemp)
            strHex = Right("00" & Hex(lngChar), 2) & strHex

            Base64ToHex = Base64ToHex & strHex
            j = 0
            lngValue = 0
        End If
    Next
    ' Account for padding.
    Base64ToHex = Left(Base64ToHex, Len(Base64ToHex) - (intTerm * 2))

End Function

Sub LoadChars
    ' Subroutine to load dictionary object with information to convert
    ' Base64 characters into base 64 index integers.
    ' Object reference objChars has global scope.

    objChars.Add "A", 0
    objChars.Add "B", 1
    objChars.Add "C", 2
    objChars.Add "D", 3
    objChars.Add "E", 4
    objChars.Add "F", 5
    objChars.Add "G", 6
    objChars.Add "H", 7
    objChars.Add "I", 8
    objChars.Add "J", 9
    objChars.Add "K", 10
    objChars.Add "L", 11
    objChars.Add "M", 12
    objChars.Add "N", 13
    objChars.Add "O", 14
    objChars.Add "P", 15
    objChars.Add "Q", 16
    objChars.Add "R", 17
    objChars.Add "S", 18
    objChars.Add "T", 19
    objChars.Add "U", 20
    objChars.Add "V", 21
    objChars.Add "W", 22
    objChars.Add "X", 23
    objChars.Add "Y", 24
    objChars.Add "Z", 25
    objChars.Add "a", 26
    objChars.Add "b", 27
    objChars.Add "c", 28
    objChars.Add "d", 29
    objChars.Add "e", 30
    objChars.Add "f", 31
    objChars.Add "g", 32
    objChars.Add "h", 33
    objChars.Add "i", 34
    objChars.Add "j", 35
    objChars.Add "k", 36
    objChars.Add "l", 37
    objChars.Add "m", 38
    objChars.Add "n", 39
    objChars.Add "o", 40
    objChars.Add "p", 41
    objChars.Add "q", 42
    objChars.Add "r", 43
    objChars.Add "s", 44
    objChars.Add "t", 45
    objChars.Add "u", 46
    objChars.Add "v", 47
    objChars.Add "w", 48
    objChars.Add "x", 49
    objChars.Add "y", 50
    objChars.Add "z", 51
    objChars.Add "0", 52
    objChars.Add "1", 53
    objChars.Add "2", 54
    objChars.Add "3", 55
    objChars.Add "4", 56
    objChars.Add "5", 57
    objChars.Add "6", 58
    objChars.Add "7", 59
    objChars.Add "8", 60
    objChars.Add "9", 61
    objChars.Add "+", 62
    objChars.Add "/", 63

End Sub

------------------------------------------------------------------------------------------------------------------

Open in new window



=====================================================

------------------------------------------------------------------------------------------------------------------
Logoff7_Others.txt / .vbs
------------------------------------------------------------------------------------------------------------------

' Logoff7.vbs
' VBScript Logoff script to enforce one logon session per user.
'
' ----------------------------------------------------------------------
' Copyright (c) 2010 Richard L. Mueller
' Hilltop Lab web site - http://www.rlmueller.net
' Version 1.0 - May 29, 2010
' Version 1.1 - June 3, 2010
'
' You have a royalty-free right to use, modify, reproduce, and
' distribute this script file in any way you find useful, provided that
' you agree that the copyright owner above has no warranty, obligations,
' or liability for such use.

Option Explicit

Dim objFSO, objNetwork, strComputer, strComputerEncoded
Dim strShare, strFlagFile, objFile, strLine, objFolder
Dim strHexValue, strUserEncoded, objSysinfo, strUserDN, objUser
Dim strShare2, objErrorLog, strErrorLog, intCount
Dim objWSHShell
Dim strLoginName1


Const B64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
Const ForReading = 1
Const ForAppending = 8
Const OpenAsASCII = 0
Const CreateIfNotExist = True

' Specify shared folder.
strShare = "\\sharepath-01\LIMITLOGON$\Logs"

' Specify alternate folder if the first is unavailable.
strShare2 = "\\sharepath-02\LIMITLOGON$\Logs"

Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objNetwork = CreateObject("Wscript.Network")

' Retrieve user and computer information.
Set objSysInfo = CreateObject("ADSystemInfo")
strUserDN = objSysInfo.UserName
Set objUser = GetObject("LDAP://" & strUserDN)
strComputer = objNetwork.ComputerName
strLoginName1 = objNetwork.UserName


' Base64 encode computer name and user GUID.
strHexValue = TextToHex(strComputer)
strComputerEncoded = HexToBase64(strHexValue)

strHexValue = TextToHex(objUser.GUID)
strUserEncoded = HexToBase64(strHexValue)
strUserEncoded = Replace(strUserEncoded, "=", "")

' Create flag file based on encoded user GUID.
'strFlagFile = strShare & "\" & strUserEncoded & ".log"

strFlagFile = strShare & "\" & strLoginName1 & ".log"

' Check if flag file exists for this user.
If (objFSO.FileExists(strFlagFile) = True) Then
    ' Read encoded computer name from the flag file.
    Set objFile = objFSO.OpenTextFile(strFlagFile, ForReading)
    strLine = objFile.ReadLine
    objFile.Close
    ' Check encoded computer name.
    If (strLine = strComputerEncoded) Then
        ' Delete the file.
        objFSO.DeleteFile strFlagFile
    End If
    Wscript.Quit
End If

' No flag file found for this user. Make sure share is available.
On Error Resume Next
Set objFolder = objFSO.GetFolder(strShare)
If (Err.Number <> 0) Then
    On Error GoTo 0
    ' Log error to alternate location.
    strErrorLog = strShare2 & "\Error.log"
    On Error Resume Next
    Set objErrorLog = objFSO.OpenTextFile(strErrorLog, _
        ForAppending, CreateIfNotExist, OpenAsASCII)
    If (Err.Number = 0) Then
        On Error GoTo 0
        ' Make trhee attempts to write, in case many users are affected.
        intCount = 1
        Do Until intCount = 3
            On Error Resume Next
            objErrorLog.WriteLine "## Logoff Error" _
                & vbCrLf & "Time: " & CStr(Now()) _
                & vbCrLf & "Share unavailable: " & strShare _
                & vbCrLf & "User: " & strUserDN _
                & vbCrLf & "Computer: " & strComputer _
                & vbCrLf & "Flag file: " & strFlagFile
            If (Err.Number = 0) Then
                On Error GoTo 0
                Exit Do
            Else
                Err.Clear
                intCount = intCount + 1
                Wscript.Sleep 200
            End If
            On Error Goto 0
        Loop
        objErrorLog.Close
    End If
End If
On Error GoTo 0

Function TextToHex(ByVal strText)
    ' Function to convert a text string into a string of hexadecimal bytes.
    Dim strChar, k

    TextToHex = ""
    For k = 1 To Len(strText)
        strChar = Mid(strText, k, 1)
        TextToHex = TextToHex & Hex(Asc(strChar))
    Next
End Function

Function HexToBase64(ByVal strHex)
    ' Function to convert a hex string into a base64 encoded string.
    ' Constant B64 has global scope.
    Dim lngValue, lngTemp, lngChar, intLen, k, j, strWord, str64, intTerm

    intLen = Len(strHex)

    ' Pad with zeros to multiple of 3 bytes.
    intTerm = intLen Mod 6
    If (intTerm = 4) Then
        strHex = strHex & "00"
        intLen = intLen + 2
    End If
    If (intTerm = 2) Then
        strHex = strHex & "0000"
        intLen = intLen + 4
    End If

    ' Parse into groups of 3 hex bytes.
    j = 0
    strWord = ""
    HexToBase64 = ""
    For k = 1 To intLen Step 2
        j = j + 1
        strWord = strWord & Mid(strHex, k, 2)
        If (j = 3) Then
            ' Convert 3 8-bit bytes into 4 6-bit characters.
            lngValue = CCur("&H" & strWord)

            lngTemp = Fix(lngValue / 64)
            lngChar = lngValue - (64 * lngTemp)
            str64 = Mid(B64, lngChar + 1, 1)
            lngValue = lngTemp

            lngTemp = Fix(lngValue / 64)
            lngChar = lngValue - (64 * lngTemp)
            str64 = Mid(B64, lngChar + 1, 1) & str64
            lngValue = lngTemp

            lngTemp = Fix(lngValue / 64)
            lngChar = lngValue - (64 * lngTemp)
            str64 = Mid(B64, lngChar + 1, 1) & str64

            str64 = Mid(B64, lngTemp + 1, 1) & str64

            HexToBase64 = HexToBase64 & str64
            j = 0
            strWord = ""
        End If
    Next
    ' Account for padding.
    If (intTerm = 4) Then
        HexToBase64 = Left(HexToBase64, Len(HexToBase64) - 1) & "="
    End If
    If (intTerm = 2) Then
        HexToBase64 = Left(HexToBase64, Len(HexToBase64) - 2) & "=="
    End If

End Function
------------------------------------------------------------------------------------------------------------------

Open in new window




=====================================================
Logon7-Others.txt
Logoff7-Others.txt
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39982922
In reality Microsoft never gives you that functionality out of the box in case of active directory because according to them one benefit of active directory is one user can logon to any machine within corporate network
0
 

Author Closing Comment

by:mash1978
ID: 40218940
VB Script working
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now