Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Force logoff on RDP connection


  • Please log in to reply
5 replies to this topic

#1 Putrid

Putrid

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:34 PM

Posted 03 November 2017 - 02:30 PM

This is a big unanswered question. Originally found at "Windows 7 - force existing user session to logoff, not disconnect, at log on", the question, with 75k views and no solution, is as follows:

 

We're on an enterprise environment using Windows 7. Some users will connect from one workstation to another using RDP. If the target workstation has no users logged in, there are no issues. If the target workstation has a different user logged in, it will prompt the connector:

 

"Another user is currently logged on to this computer. If you continue, this user has to disconnect from this computer. Do you want to continue?"

 

When selecting "Yes", it will prompt the current connected user if they wish to disconnect now or deny the connection attempt. If they select to allow the attempt (or if the request times out), they are not logged off-- instead, their session is "disconnected" and their programs continue to run.  This behavior interferes with some programs that can not function properly when there are simultaneous sessions. The behavior we're looking to change is to have RDP force the current connected user to be logged off instead of disconnected. I know it is possible because our environment previously was set up to do exactly that, but someone somewhere changed something and this behavior reverted back to default behavior.

 

Things we are NOT LOOKING TO DO are:

  • Set a time out to automatically log a user off
  • Remotely run a log off script if a user is logged in
  • Use task manager to log a user off remotely
  • Use a constantly-running script to to log a user off automatically...

Edited by hamluis, 05 November 2017 - 06:49 AM.
Moved from Win 7 to Networking - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 Kilroy

Kilroy

  • BC Advisor
  • 3,132 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:11:34 AM

Posted 06 November 2017 - 12:03 PM

From this posting, it looks like you may be able to do it with a Group Policy.

 

Launch Local Group Policy Editor as Administrator - GPEdit.MSC

Drill down to Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Session Time Limits

Set time limit for disconnected sessions

Basically you're closing out a disconnected session after X period of time, the minimum is one minute.

 

I haven't tried it, but from the Help it sounds like what you're looking to do.



#3 Putrid

Putrid
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:34 PM

Posted 07 November 2017 - 11:45 AM

From this posting, it looks like you may be able to do it with a Group Policy.

 

Launch Local Group Policy Editor as Administrator - GPEdit.MSC

Drill down to Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Session Time Limits

Set time limit for disconnected sessions

Basically you're closing out a disconnected session after X period of time, the minimum is one minute.

 

I haven't tried it, but from the Help it sounds like what you're looking to do.

 

Thanks for the response.  Unfortunately, this GPO modifies behavior of active RDP sessions, not active local sessions.  This is a domain-connected workstation that users physically log into, that a user may use RDP to connect to remotely.  This isn't an RDP terminal server.



#4 Kilroy

Kilroy

  • BC Advisor
  • 3,132 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:11:34 AM

Posted 07 November 2017 - 01:34 PM

I guess I'm confused as what you are looking to accomplish.  Would disabling Fast User switching accomplish what you're looking to do?



#5 Putrid

Putrid
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:34 PM

Posted 07 November 2017 - 04:37 PM

I guess I'm confused as what you are looking to accomplish.  Would disabling Fast User switching accomplish what you're looking to do?

 

Disabling Fast User Switching only removes the entry points at the local machine to have simultaneous sessions, so nope that doesn't take care of it either (and we already have FUS disabled).

 

Imagine 2 windows 7 PCs named W1 and W2, and two domain users named domain\user1 and domain\user2.

 

user1 is logged into W1 and user2 is logged into W2.

 

user1 tries to RDP from W1 to W2.  The resulting behavior is user2 is prompted that someone is attempting to connect, and then (if accepting or allowing the prompt to time out) is disconnected (all apps continue to run in background) instead of getting logged off

 

The behavior we're looking to change is to log the user off on an RDP connection attempt instead of just "disconnecting" them which retains processes run by the user.



#6 Kilroy

Kilroy

  • BC Advisor
  • 3,132 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:11:34 AM

Posted 08 November 2017 - 04:15 PM

How about putting a script in the Public StartUp to log off disconnected users?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users