List all servers a user is connected to using remote desktop
7,095
You can use qwinsta in powershell:
QUERY SESSION [sessionname | username | sessionid]
[/SERVER:servername] [/MODE] [/FLOW] [/CONNECT] [/COUNTER] [/VM]
sessionname Identifies the session named sessionname.
username Identifies the session with user username.
sessionid Identifies the session with ID sessionid.
/SERVER:servername The server to be queried (default is current).
/MODE Display current line settings.
/FLOW Display current flow control settings.
/CONNECT Display current connect settings.
/COUNTER Display current Remote Desktop Services counters information.
/VM Display information about sessions within virtual machines.
A quick search gets you this article on technet.
I'm using the following part of the script to querry all the active servers and find what users are remotely logged in:
function QueryRdpConnections {
$ErrorActionPreference= 'silentlycontinue'
# Import the Active Directory module for the Get-ADComputer CmdLet
Import-Module ActiveDirectory
#Query Active Directory for computers running a Server operating system
$Servers = Get-ADComputer -Filter {OperatingSystem -like "*server*" -and Enabled -eq 'true'}
ForEach ($Server in $Servers) {
$ServerName = $Server.Name
# Run the qwinsta.exe and parse the output
$queryResults = (qwinsta /SERVER:$ServerName | foreach { (($_.trim() -replace "\s+",","))} | ConvertFrom-Csv)
# Pull the session information from each instance
ForEach ($queryResult in $queryResults) {
$RDPUser = $queryResult.USERNAME
$sessionType = $queryResult.SESSIONNAME
# We only want to display where a "person" is logged in. Otherwise unused sessions show up as USERNAME as a number
If (($RDPUser -match "[a-z]") -and ($RDPUser -ne $NULL)) {
Write-Host $ServerName logged in by $RDPUser on $sessionType
}
}
}
}
I run it from powershell_ise and just edit on line 22 the $RDPuser -match "%%%" to $RDPuser -match "user1/2/3/" in order to run for a specific user. If you run it as is it will display all users logged in by rdp.
Related videos on Youtube
Author by
Kjensen
Updated on September 18, 2022Comments
-
Kjensen over 1 year
Is there a way to list all servers, that a given user is logged into in the entire active directory?
Something like...:
QueryRdpConnections -user BobAdmin
Result...:
Server ---------------- Web001 Web002 Web003 SQL004 SQL007
-
Kjensen over 8 years@Froggiz Did you read the question? The scope of the query is completely different.
-