How to see users' idle time on RDP server
How to see users' idle time on RDP server
Query User / QUSER.exe
Using the quser command, you can view when a user RDP session was started, how long it was idle and the current session state.
Syntax
QUERY USER [/server:ServerName]
QUERY USER UserName [/server:ServerName]
QUERY USER [SessionName | SessionID] [/server:ServerName]
quser [<username> | <sessionname> | <sessionID>] [/server:<servername>]
Parameter | Description |
---|---|
<username> |
Specifies the logon name of the user that you want to query. |
<sessionname> |
Specifies the name of the session that you want to query. |
<sessionID> |
Specifies the ID of the session that you want to query. |
/server:<servername> |
Specifies the Remote Desktop Session Host server that you want to query. Otherwise, the current Remote Desktop Session Host server is used. This parameter is only required if you're using this command from a remote server. |
/? | Displays help at the command prompt. |
-
To use this command, you must have Full Control permission or special access permission.
-
If you don't specify a user using the <username>, <sessionname>, or sessionID parameters, a list of all users who are logged on to the server is returned. Alternatively, you can also use the query session command to display a list of all sessions on a server.
-
When quser returns information, a greater than
(>)
symbol is displayed before the current session.
Display information about user sessions on a Terminal server or a Remote Desktop Session Host (RD Session Host) server.
Key UserName The logon username of the user whose sessions you want to query. SessionName The name of the session that you want to query. SessionID The ID of the session that you want to query. /server:ServerName The Remote Desktop Session Host server to query. The default is the current server. /? Display help.
QUERY USER is a synonym for QUSER.exe
Available to 64 bit sessions only, there are no 32 bit implementations of QUSER.exe (QUERY USER).
Query User returns the following information:
- The name of the user
- The name of the session on the RD Session Host server
- The session ID
- The state of the session (active or disconnected)
- The idle time (the number of minutes since the last keystroke or mouse movement at the session)
- The date and time the user logged on
If you do not specify a user by using UserName, SessionName, or SessionID, a list of all users who are logged on to the server is returned. Alternatively, use query session to display a list of all sessions on the server. When information for multiple users is returned, a greater than > symbol is displayed before the current session.
A user can always query the session to which the user is currently logged on. To query other sessions, the user must have Query Information special access permission.
The User Access permission type grants the following special permissions: Query Information, Logon, and Connect. These special permissions allow a user to: Log on to a session on the terminal server. Query information about a session. Send messages to other user sessions. Connect to another session.
Permissions are set under:
Terminal Services Configuration ➞ Connections ➞ Properties ➞ Permissions ➞ Advanced ➞ Permissions
PowerShell
When running quser under PowerShell it is useful to split the output into rich objects, this can be done with a regex and ConvertFrom-Csv:
(quser) -replace '\s{2,}', ',' | ConvertFrom-Csv
Alternatively the script Get-LoggedOnUser.ps1 will also show disconnected sessions.
Examples
Display information about all users logged on the system:
C:\> query user
Display information about the user ursula on server64:
C:\> quser ursula /server:Server64
RDCMan zarządza wieloma połączeniami pulpitu zdalnego
Firma Microsoft znalazła dziurę w aplikację Menedżer połączeń pulpitu zdalnego (RDCMan) po wykryciu luki CVE-2020-0765.
Jeżeli używasz tego programu warto zaktualizować go do najnowszej wersji wydanej 27 stycznia 2022 - v2.90
RDCMan zarządza wieloma połączeniami pulpitu zdalnego. Jest to przydatne do zarządzania laboratoriami serwerowymi, w których potrzebny jest regularny dostęp do każdej maszyny, takiej jak zautomatyzowane systemy kontroli i centra danych.
The Menu
W programie RDCMan znajduje się kilka menu najwyższego poziomu:
- Plik — ładowanie, zapisywanie i zamykanie grup plików RDCMan
- Edytuj - dodawaj, usuwaj i edytuj właściwości serwerów i grup.
- Sesja - łączenie, rozłączanie i wylogowywanie sesji
- Widok - opcje kontroli widoczności drzewa serwerów, grup wirtualnych i wielkości obszaru klienta
- Pulpity zdalne - umożliwia dostęp do grup i serwerów w sposób hierarchiczny, podobny do drzewa serwerów; przydatne przede wszystkim wtedy, gdy drzewo serwerów jest ukryte
- Narzędzia - zmiana właściwości aplikacji
- Pomoc - dowiedz się więcej o RDCMan
Tryb pełnoekranowy
Aby pracować z serwerem w trybie pełnoekranowym, zaznacz serwer, na którym ma być aktywny, a następnie naciśnij Ctrl+Alt+Break (ten można konfigurować, patrz skrótów). Aby wyjść z trybu pełnoekranowego, ponownie naciśnij Ctrl+Alt+Break lub użyj przycisków minimalizuj/przywracaj na pasku tytułu połączenia. Wiele monitorów może być łączonych, jeśli jest włączone przez opcję łączenia monitorów.
Uwagi
Narzędzie RDCMan pobiera informacje o zasadach z klucza rejestru.HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\RDCMan
DisableLogOff
- Utwórz tę wartość jako niezerową, aby wyłączyć polecenie wylogowywania w całym RDCMan.DWORD
Narzędzie można pobrać z następującego linku:
Enable or Disable RDP - Registry (Windows)
nable or Disable RDP - Registry (Windows)
Method 1: CMD
You can use the change logon command to display the status of current logons or to disable and enable logons from Terminal Services clients.
When you disable logons, current users are NOT affected, but new client sessions will NOT connect to the server.
NOTE: You must have administrative privileges to use the change logon command.
When you open a CMD prompt on the terminal server and type change logon /?, you receive:
Enable or disable session logins. CHANGE LOGON \{/QUERY | /ENABLE | /DISABLE\} /QUERY Query current session login mode. /ENABLE Enable user login from sessions. /DISABLE Disable user login from sessions.
NOTE: Logons from the console session are not affected.
NOTE: If you restart the server, logons are enabled.
NOTE: If you disable logons from a client session and then log off, you must log on to the console to enable further logons.
NOTE: When you disable logons, you receive: Session logins are currently DISABLED. When you enable logons, you receive: Session logins are currently ENABLED.
NOTE: When logons are disabled, a client attempting to connect will receive:
Remote logins are currently disabled.
Method 2: Using Registry
Allow or prohibit Remote Desktop connections to your Windows machine through Command Prompt or PowerShell.
Run the required command from shell with Administrative privileges.
To enable RDP:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
To disable RDP:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f
Solution
Often administrators need to have exclusive access to the server and be able to block such access by users. In such situations, it is required to temporarily disable logging in via the RDP protocol. We do this with the commands shown.
Method 2: Using PowerShell
To enable RDP with the PowerShell, use the following steps.
Option 1
To enable RDP:
- Launch PowerShell as Administrator.
- Type the following command and create a script block and use the Invoke-Command cmdlet:
1
|
Invoke-Command –Computername “server1”, “Server2” –ScriptBlock {Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 0}
|
NOTE: Enabling RDP through PowerShell will not configure the Windows Firewall with the appropriate ports to allow RDP connections.
Type the following:
To disable RDP with the PowerShell, use the following steps.
- Launch PowerShell as Administrator.
- Type the following command:
1
|
Invoke-Command –Computername “server1”, “Server2” –ScriptBlock {Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 1}
|
Method 3: Use Group Policy
If you have numerous Servers and/or Workstations that you need to enable RDP on and they are in the same Organization Unit structure in Active Directory you should enable RDP through Group Policy.
To enable RDP Using Group Policy.
- Launch the Group Policy Management Console (GPMC)
- Either edit an existing Group Policy Object (GPO) or create a new GPO.
- Navigate to the following GPO node:
Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections
Best remote desktop software of 2020
Best remote desktop software of 2020
RemotePC
Zoho Assist
LogMeIn Pro
Connectwise Control
Parallels Access
TeamViewer
Chrome Remote Desktop
Remote Desktop Manager
Splashtop
RemoteUtilities for Windows