Ending Session when user disconnects from RDP Server Windows 2008

Question

I'd like to start by saying that I am by no means a server administrator of any kind. Basically I know the most about computers so now I get to figure this out.

Our company has a RDP server that 5 users connect to remotely. It is not a Domain Controller (No Active Directory).

My problem is when users disconnect from the RDP session, the User's session will not end after a set amount of time. I went through the Users list and manually set the 'End a Disconnected Session' field to 2 hours for every user I wanted to end(in the User's Properties, under the 'Sessions' tab). I then ended every session so that the new properties would apply upon reconnection to the server. I also ended up rebooting the server just to be sure.

The reason I am doing this is I need all users except one to have their sessions ended by midnight.

Steps I've checked:

I have checked to make sure that the RD Session Host Configuration was not overriding the user's settings. To do this, I opened the Server Management window, expanded 'Remote Desktop Services', clicked on 'RD Session Host Configuration', right clicked my server and went to properties and viewed the 'Sessions' Tab. The 'Override user settings' fields were all unchecked.

I also checked the 'Group Policy' setting by opening gpedit.msc, then going to 'Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Session Time Limits' and checking to make sure none of those options were configured (Not Configured).

From my research, these would be the two settings that would override a User session setting. But it appears there's something else as a User can stay in the 'Disconnected' state indefinitely with my current settings. If I missed something, please point me in the right direction.

Thanks for any input/help!

Answer 1

When you go to Event Viewer and navigate to: Applications and Services Logs -> Microsoft -> Windows -> TerminalServices-LocalSessionManager and open Operational you will find event 24 in Microsoft-Windows-TerminalServices-LocalSessionManager which will state Remote Desktop Services: Session has been disconnected:

We can use this as a trigger to a delayd task in task scheduler to run a script that resets all disconnected users and log the results in a log file for us to investigate later.

Create the task in Task Scheduler with these specifics configured:

The Edit Action box the Add arguments (optional): portion have this in it:

    -ExecutionPolicy Bypass c:\scripts\disconnect.ps1  

You will have to create two directories:

c:\scripts\
c:\logs\

Then create a file in c:\scripts called disconnect.ps1 and add the contents as below:

disconnect.ps1:

    #.SYNOPSIS
    #   Checks for disconnected sessions and logs off the disconnected user sessions.

    #.DESCRIPTION
    #   Checks for disconnected sessions and logs off the disconnected user sessions.

    #.NOTES
    #   File Name: Logoff-DisconnectedSession.ps1
    #   Author   : Bart Kuppens
    #   Version  : 1.1

    #.EXAMPLE
    #   PS > .\Logoff-DisconnectedSession.ps1

    function Ensure-LogFilePath([string]$LogFilePath)
    {
     if (!(Test-Path -Path $LogFilePath)) {New-Item $LogFilePath -ItemType directory >> $null}
    }

    function Write-Log([string]$message)
    {
       Out-File -InputObject $message -FilePath $LogFile -Append
    }

    function Get-Sessions
    {
       $queryResults = query session
       $starters = New-Object psobject -Property @{"SessionName" = 0; "UserName" = 0; "ID" = 0; "State" = 0; "Type" = 0; "Device" = 0;}
       foreach ($result in $queryResults)
       {
          try
          {
             if($result.trim().substring(0, $result.trim().indexof(" ")) -eq "SESSIONNAME")
             {
                $starters.UserName = $result.indexof("USERNAME");
                $starters.ID = $result.indexof("ID");
                $starters.State = $result.indexof("STATE");
                $starters.Type = $result.indexof("TYPE");
                $starters.Device = $result.indexof("DEVICE");
                continue;
             }

             New-Object psobject -Property @{
                "SessionName" = $result.trim().substring(0, $result.trim().indexof(" ")).trim(">");
                "Username" = $result.Substring($starters.Username, $result.IndexOf(" ", $starters.Username) - $starters.Username);
                "ID" = $result.Substring($result.IndexOf(" ", $starters.Username), $starters.ID - $result.IndexOf(" ", $starters.Username) + 2).trim();
                "State" = $result.Substring($starters.State, $result.IndexOf(" ", $starters.State)-$starters.State).trim();
                "Type" = $result.Substring($starters.Type, $starters.Device - $starters.Type).trim();
                "Device" = $result.Substring($starters.Device).trim()
             }
          } 
          catch 
          {
             $e = $_;
             Write-Log "ERROR: " + $e.PSMessageDetails
          }
       }
    }

    Ensure-LogFilePath($ENV:LOCALAPPDATA + "\DisconnectedSessions")
    #$LogFile = $ENV:LOCALAPPDATA + "\DisconnectedSessions\" + "sessions_" + $([DateTime]::Now.ToString('yyyyMMdd')) + ".log"
    $LogFile = "c:\Logs\DisconnectedSessions\" + "sessions_" + $([DateTime]::Now.ToString('yyyyMMdd')) + ".log"

    [string]$IncludeStates = '^(Disc)$'
    Write-Log -Message "Disconnected Sessions CleanUp"
    Write-Log -Message "============================="
    $DisconnectedSessions = Get-Sessions | ? {$_.State -match $IncludeStates -and $_.UserName -ne ""} | Select ID, UserName
    Write-Log -Message "Logged off sessions"
    Write-Log -Message "-------------------"
    foreach ($session in $DisconnectedSessions)
    {
       logoff $session.ID
       Write-Log -Message $session.Username
    }
    Write-Log -Message " "
    Write-Log -Message "Finished"  

Whenever a user session ends and the disconnect event is logged the taskscheduler will wait 2 minutes the nrun the script and reset / log-off all the disconnected users.

Hope this helps you.