If you need to RDP a remote Windows server and all the sessions seem to be unavailable, you may use two utilities to kill offending/exceeding sessions: qwinsta and rwinsta
- Type “Psexec \\servername –u username –p password –c cmd”
- Type “qwinsta”
- Choose a session to kill and note its id
- Type “rwinsta id”
qwinsta /?
Display information about Terminal Sessions.
QUERY SESSION [sessionname | username | sessionid]
[/SERVER:servername] [/MODE] [/FLOW] [/CONNECT] [/COUNTER]
sessionname Identifies the session named sessionname.
username Identifies the session with user username.
sessionid Identifies the session with ID sessionid.
/SERVER:servername The server to be queried (default is current).
/MODE Display current line settings.
/FLOW Display current flow control settings.
/CONNECT Display current connect settings.
/COUNTER Display current Terminal Services counters information.
RWINSTA.EXE: removes the sessions
rwinsta /?
C:\Documents and Settings\stever>rwinsta /?
Reset the session subsytem hardware and software to known initial values.
RESET SESSION {sessionname | sessionid} [/SERVER:servername] [/V]
sessionname Identifies the session with name sessionname.
sessionid Identifies the session with ID sessionid.
/SERVER:servername The server containing the session (default is current).
/V Display additional information.
Thanks a lot!
ReplyDeleteThanks from me, too!
ReplyDeleteThanks for sharing! It's a good information about query and remove the Remote session.
ReplyDeletethank you great help.
ReplyDeleteThanks for this, exactly what I needed!
ReplyDeleteWhy bother with PSEXEC? QWINSTA and RWINSTA both have a server parameter to do it remotely...
ReplyDeleteGood of you to contribute your comment, poor of you to not include the servr parameters....
Deleteqwinsta /server:[hostname]
Deleterwinsta /server:[hostname] [session id] oughta do it.
use logoff to log them off by the username instead of needing session ID or "sessionname"
DeleteQWinSta /server:[Server]
Logoff [Username] /Server:[Servername]
Or use this to do it all in one go:
FOR /F "tokens=1" %A IN ('QWinSta /server:[ServerName] | FIND /I /V "SESSIONNAME" ^| FIND /I "Disc" ^| FIND /I /V "services" ^| FIND /I /V "console" ') DO @(Logoff %%~A /Server[ServerName] )
Thanks
DeleteWhat about MacBook can I put that in the terminal
ReplyDeleteproblem that I and other have is that you can't log out the users w/out killing mainly the svhost.exe process but I've seen a few of loginui.exe that is preventing from winlogon.exe from closing (which can be found by analyzing the wait chain). There seems to be people reporting this issue form 2016->2012R2 but we only really noticed it on 2016.....Unfortunately I haven't found a good way to script killing the process preventing from winlogon.exe from closing....I can get close, but it's difficult cause the winlogon.exe and svchost are running under the 'Systems' user account but under the user's context
ReplyDelete