Remotely logoff remote desktop / terminal services users

By · · 2 mins read

We have a reasonable number of Windows servers, and from time to time people forget to log off resulting in that dreaded message ‘The terminal server has exceeded the maximum number of allowed connections.’:

In an environment where one server might be used by a small team during business hours, you can usually ask around until you find the culprit but this isn’t always possible and you sometimes need to resort to other methods to access the server.

The easiest way to get access is to use another recent version of Windows to disconnect inactive users using two commands ‘qwinsta’ and ‘rwinsta’. You will need to have administrator rights on the remote machine to do this.

First of all, let’s get a list of users. Access a command prompt and enter the command ‘qwinsta /server:remoteipaddress’ for example:

# qwinsta /server:192.0.2.1

You may receive an access denied message like the following:

Error 5 getting sessionnames
Error [5]:Access is denied.

If you get the above error message, you will need to authenticate to the remote system. The easiest way to do this is to access a share (eg: C$) as Administrator.

If you successfully authenticated, you should receive output like the following:

SESSIONNAME       USERNAME                 ID  STATE   TYPE        DEVICE
console                                     0  Conn    wdcon
rdp-tcp                                 65536  Listen  rdpwd
                  Administrator             1  Disc    rdpwd
rdp-tcp#287       s.ewing                   3  Active  rdpwd

You can see that there are two remote desktop sessions active, one as ‘Administrator’ (which is disconnected) and another as ‘s.ewing’.

The connection for ‘Administrator’ is a good candidate for disconnection, because it’s currently inactive. Let’s disconnect that one.

To logoff a user, all you need is the “ID” from above. In this case, it’s ‘1’.

From the command prompt again, you’ll need to enter the following at the command prompt ‘rwinsta /server:remoteipaddress id’, for example:

# rwinsta /server:192.0.2.1 1

The command won’t display any output if successful, but let’s query the server again to see if it worked:

# qwinsta /server:192.0.2.1

SESSIONNAME       USERNAME                 ID  STATE   TYPE        DEVICE
console                                     0  Conn    wdcon
rdp-tcp                                 65536  Listen  rdpwd
rdp-tcp#287       s.ewing                   3  Active  rdpwd

You can see that there is no longer a session for ‘Administrator’ and therefore the session was successfully logged off.

Enjoy!