Remote Logoff inactive user profiles

This topic contains 5 replies, has 2 voices, and was last updated by Profile photo of Sam Boutros Sam Boutros 2 years, 3 months ago.

  • Author
    Posts
  • #17827
    Profile photo of Nobody
    Nobody
    Participant

    I'm looking for a way to Remote logoff all loaded profiles EXCEPT the currently active user. We often have users that "Switch User" and I'd like to log off the inactive user profiles without disrupting the active user. win32Shutdown() only takes care of the active user and I'd like to find a way to target specific users. Worst case I'd like to log off all loaded profiles.

    I'm currently using win32UserProfile to identify loaded profiles

    Get-WmiObject -Class Win32_UserProfile -computername "$computer"|? {$_.Special -eq 0}|sort-object $_.LastUseTime
  • #17832
    Profile photo of Sam Boutros
    Sam Boutros
    Participant

    I would typically configure RDP to end disconnected sessions after a fixed amount of time like 30 minutes. This is also settable via GPO
    [url]http://technet.microsoft.com/en-us/library/cc754272.aspx[/url]

    • #17848
      Profile photo of Nobody
      Nobody
      Participant

      GPO isn't really an option since I want add this functionality to some existing powershell scripts that I've created. You did put me on the right track though. I found I can use quser.exe and logoff.exe to accomplish my task, but it's going to be ugly. It seems there must be a better way to accomplish this via WMI or something.

  • #17851
    Profile photo of Sam Boutros
    Sam Boutros
    Participant

    I'm working on a function to do just that.. will update you shortly

  • #17852
    Profile photo of Nobody
    Nobody
    Participant

    I got it. I found this script which nicely converts quser.exe output to objects. Saved a few hours!
    http://gallery.technet.microsoft.com/scriptcenter/Get-LoggedOnUser-Gathers-7cbe93ea

    I had to modify it to use Invoke-Command to run quser.exe. From there I just passed results on to logoff.exe via another Invoke-Command.

    I'm curious to see what you come up with!

    param(
        [CmdletBinding()] 
        [Parameter(ValueFromPipeline=$true,
                   ValueFromPipelineByPropertyName=$true)]
        [string[]]$ComputerName = 'localhost'
    )
    
    process {
        foreach ($Computer in $ComputerName) {
            invoke-command -computername $computer -scriptblock {quser} | Select-Object -Skip 1 | ForEach-Object {
                $CurrentLine = $_.Trim() -Replace '\s+',' ' -Split '\s'
                $HashProps = @{
                    UserName = $CurrentLine[0]
                    ComputerName = $Computer
                }
    
                # If session is disconnected different fields will be selected
                if ($CurrentLine[2] -eq 'Disc') {
                        $HashProps.SessionName = $null
                        $HashProps.Id = $CurrentLine[1]
                        $HashProps.State = $CurrentLine[2]
                        $HashProps.IdleTime = $CurrentLine[3]
                        $HashProps.LogonTime = $CurrentLine[4..6] -join ' '
                } else {
                        $HashProps.SessionName = $CurrentLine[1]
                        $HashProps.Id = $CurrentLine[2]
                        $HashProps.State = $CurrentLine[3]
                        $HashProps.IdleTime = $CurrentLine[4]
                        $HashProps.LogonTime = $CurrentLine[5..7] -join ' '
                }
    
                New-Object -TypeName PSCustomObject -Property $HashProps |
                Select-Object -Property UserName,ComputerName,SessionName,Id,State,IdleTime,LogonTime
            }
        }
    }
    "computer1"|.\get-loggedonuser.ps1|Where-Object {$_.state -eq "Disc"}|Foreach-Object {Invoke-command -computername $_.computername -scriptblock {logoff.exe "$args"} -args "$($_.id)"}
  • #17864
    Profile photo of Sam Boutros
    Sam Boutros
    Participant

    Great, check out the function Get-SBRDPSession in the SBTools module at [url]http://gallery.technet.microsoft.com/scriptcenter/SBTools-module-adds-38992422[/url]

     .Synopsis
      Function to get RDP sessions on one or more computers
    
     .Description
      Function to get RDP sessions on one or more computers. Returns object collection, each corresponding to a session. 
      object properties: ComputerName, UserName, SessionName, ID, State
      ID refers to RDP session ID. State refers to RDP session State
    
     .Parameter ComputerName
      If absent, function assumes localhost.
    
     .Parameter State
      Filters result by one or more States
      Valid options are:
        Disc
        Conn
        Active
        Listen
    
     .EXAMPLE
      Get-SBRDPSession -ComputerName MyPC -State Disc | FT
    
      This example lists disconnected RDP sessions on the computer MyPC in table format.
    
      Sample output:
    
        UserName                State                   SessionName             ID                      ComputerName
        --------                -----                   -----------             --                      ------------
                                Disc                    services                0                       MyPC
    
     .EXAMPLE
      Get-SBRDPSession -state Active,Disc | FT
    
      This example lists RDP sessions on the local machine, and returns those with State Active or Disc in table format.
    
      Sample output:
    
        UserName                State                   SessionName             ID                      ComputerName
        --------                -----                   -----------             --                      ------------
                                Disc                    services                0                       PC1
        samb                    Active                  rdp-tcp#73              2                       PC1
    
     .Example
      Get-SBRDPSession xhost11,xhost12 | FT
    
      This example lists RDP sesions on the computers xHost11 and xHost12 and outputs the result in table format.
    
      Sample output:
    
        UserName                State                   SessionName             ID                      ComputerName
        --------                -----                   -----------             --                      ------------
                                Disc                    services                0                       xhost11
                                Conn                    console                 1                       xhost11
        samb                    Active                  rdp-tcp#10              2                       xhost11
                                Listen                  rdp-tcp                 65536                   xhost11
                                Disc                    services                0                       xhost12
                                Conn                    console                 1                       xhost12
                                Listen                  rdp-tcp                 65536                   xhost12
    
     .EXAMPLE
      Get-SBRDPSession (Get-Content .\computers.txt) Disc -Verbose |  FT
    
      This example reads a computer list from the file .\computers.txt and displays disconnected sessions
      In this example .\computers.txt contains:
        PC1
        PC2
        PC3
    
      Sample output:
    
        VERBOSE: Computer name(s): "xhost13" "xhost14" "xhost16"
        VERBOSE: Filtering on state(s): Disc
        VERBOSE: Reading RDP sessions on computer "xhost13"
        VERBOSE: Reading RDP session: ==> services                                    0  Disc
        VERBOSE: Reading RDP session: ==> console                                     1  Conn
        VERBOSE: Reading RDP session: ==> rdp-tcp                                 65536  Listen
        VERBOSE: Reading RDP sessions on computer "xhost14"
        VERBOSE: Reading RDP session: ==> services                                    0  Disc
        VERBOSE: Reading RDP session: ==> console                                     1  Conn
        VERBOSE: Reading RDP session: ==>                   samb                      2  Disc
        VERBOSE: Reading RDP session: ==> rdp-tcp                                 65536  Listen
        VERBOSE: Reading RDP sessions on computer "xhost16"
        VERBOSE: Reading RDP session: ==> services                                    0  Disc
        VERBOSE: Reading RDP session: ==> console                                     1  Conn
        VERBOSE: Reading RDP session: ==> rdp-tcp#73        samb                      2  Active
        VERBOSE: Reading RDP session: ==> rdp-tcp                                 65536  Listen
    
        UserName                State                   SessionName             ID                      ComputerNam
        --------                -----                   -----------             --                      -----------
                                Disc                    services                0                       PC1
                                Disc                    services                0                       PC2
        samb                    Disc                                            2                       PC2
                                Disc                    services                0                       PC3
    

You must be logged in to reply to this topic.