Friday, July 16, 2010

QWINSTA and RWINSTA

If you need to RDP a remote Windows server and all the sessions seem to be unavailable, you may use two utilities to kill offending/exceeding sessions: qwinsta and rwinsta

Here’s the procedure:

  • Type “Psexec \\servername –u username –p password –c cmd”
  • Type “qwinsta”
  • Choose a session to kill and note its id
  • Type “rwinsta id”

... because the real sysadm can do it via the command line!

Additional notes:

QWINSTA.EXE: queries the sessions

qwinsta /?

Display information about Terminal Sessions.

QUERY SESSION [sessionname | username | sessionid]
[/SERVER:servername] [/MODE] [/FLOW] [/CONNECT] [/COUNTER]

sessionname Identifies the session named sessionname.
username Identifies the session with user username.
sessionid Identifies the session with ID sessionid.
/SERVER:servername The server to be queried (default is current).
/MODE Display current line settings.
/FLOW Display current flow control settings.
/CONNECT Display current connect settings.
/COUNTER Display current Terminal Services counters information.

RWINSTA.EXE: removes the sessions

rwinsta /?

C:\Documents and Settings\stever>rwinsta /?
Reset the session subsytem hardware and software to known initial values.

RESET SESSION {sessionname | sessionid} [/SERVER:servername] [/V]

sessionname Identifies the session with name sessionname.
sessionid Identifies the session with ID sessionid.
/SERVER:servername The server containing the session (default is current).
/V Display additional information.

Publié par Carlo à l'adresse 6:14 AM
Libellés : ,

9 comments:

  3. Thanks for sharing! It's a good information about query and remove the Remote session.

    ReplyDelete

  4. thank you great help.

    ReplyDelete

  5. Thanks for this, exactly what I needed!

    ReplyDelete

  6. Why bother with PSEXEC? QWINSTA and RWINSTA both have a server parameter to do it remotely...

    ReplyDelete
    Replies

    1. Good of you to contribute your comment, poor of you to not include the servr parameters....

      Delete

    2. qwinsta /server:[hostname]
      rwinsta /server:[hostname] [session id] oughta do it.

      Delete

    3. use logoff to log them off by the username instead of needing session ID or "sessionname"

      QWinSta /server:[Server]
      Logoff [Username] /Server:[Servername]

      Or use this to do it all in one go:

      FOR /F "tokens=1" %A IN ('QWinSta /server:[ServerName] | FIND /I /V "SESSIONNAME" ^| FIND /I "Disc" ^| FIND /I /V "services" ^| FIND /I /V "console" ') DO @(Logoff %%~A /Server[ServerName] )

      Delete

Subscribe to: Post Comments (Atom)
Related Posts Plugin for WordPress, Blogger...