Kicking terminal server users (not literally)

A problem where a backup job was failing due to terminal services sessions have files open on a shared drive linked to another server led me to see if I could identify the culprits and ensure that they were logged off prior to the backup beginning.

On the terminal server itself – running Windows 2003 it was obvious from the terminal services session manager screen who the users were and that they had an application open that was linked to the locked files mentioned above.

However logging in every night was not an option so I wanted something that could be integrated
with Backup Exec to ensure the completion of the backup. So looking at the following command line tools – run from the server which is doing the backup against the terminal server (in this example called myserver2)

query session /server:myserver2

from a dos session on server1

gives a text list of all the sessions

console administrator 0 Active wdcon
rdp-tcp 65536 Listen rdpwd
rdp-tcp#96 graeme 2 Active rdpwd
rdp-tcp#153 graemeb 5 Active rdpwd

the column of significance here is ID and leaving the system ids 0 and 65536 aside
shows us two users of interest on IDs 2 and 5

So if you would like a command line to kill the processes

reset session 2 /server:myserver2

would disconnect session ID 2

or in our case a batch file containing

reset session 1 /server:myserver2
reset session 20 /server:myserver2

with a line for each of our potential 20 sessions could be used as a before job in backup exec to clear them before the backup runs.



query session /server:myserver2

command could be simply modifed to be

query session /server:myserver2 > c:offenders.txt

to give you the evidence of who is leaving the sessions open. Add a command to the after job in backup exec to mail it to yourself and you have a record of the repeat offenders.