kill all RDP sessions from all domain joined servers for a specific user in AD
Posted on 2016-08-29
I have a customer who his admin account is being locked from AD very random. After checking all security logs, more specifically for 4740 events, we can identify the source of the locked accounts appears to be a domain controller in Azure. My client has a hybrid AD-Azure and Office 365- Exchange 2010.
So, I've been looking for a tool that can kill all RDP sessions of a user named Jdoe for all Windows servers in a domain.
Are you aware of such as that tool, script, or PowerShell cmdlet that kills all RDP sessions from all windows servers in a domain?
If so, can you please provide instructions step by step to perform the tasks
Please, make sure to test your script, cmdlet, or tool, and send screenshots with results