Main Webpage


    Terminal Services Bulletin Board
    Links and Downloads
    Matthew Harris' Resume
    Contact the admin


    Disable the X box on the Terminal Services Client
    Change the client version of the Terminal Services Client
    Add the clock to the taskbar through the registry
    Make all processes appear in the Task Manager through a registry hack
    Prevent disconnects and stabilize your terminal services connection
    Fix your TSAdmin application when it becomes nonfunctional on the taskbar
    Disable/Enable all terminal services logons through the registry


    Restrict users to one session and reconnect them
    Share the redirected printer automatically
    Map your client's printer to an LPT port
    Rename client redirected printers
    Restrict users to only one terminal services session
    Automatically connect disconnected users back to their sessions
    Force software license compliance through a script
    How to reset all your TS sessions at once

Hard to Diagnose Problems

    Incorrect IE permissions can disable opening new IE windows

Only Allow One Logon Session Per User

In this article, I'll discuss how you can use a batch script to restrict each user to have only one logon session.

•The script, which can be downloaded here or at the end of this article.
•A terminal server that you have administrator access to.

For this tutorial, I'm going to step through the script to explain what happens.

Section 1: Variable declarations and headers:

            Set LoginNum=0

Basically, all I'm doing here is declaring some variables, setting them equal to 0, and forcing the script to localize all these variables within this script. Localizing the variables isn't absolutely necessary, but this helps to prevent variables from mixing up between your scripts, especially if you merge this script with other scripts.

Section 2: Query the terminal servers:

            For /f "skip=2 delims=* " %%i in ('qappsrv') do call :Next %%i

This For command is where this script starts to get a little complicated. The For command starts the QAppSrv command, which creates a list of all terminal servers on the local network. For each of these terminal servers detected, a call is made to the Next loop (denoted by the :Next marker), which is discussed in Section 3 below.

Section 3: Obtain a count to see how many times the user is logged in:

            Rem Checking the servers to see where the user is and update the count...
            For /f %%j in ('qwinsta /server:%1 ^| find /c /i " %UserName% "') do Set /A LoginNum=%LoginNum%+%%j
            Goto EoF

While this portion of the script is out of order, I've put it here just for this tutorial. I would encourage you to download the script to see the correct order of this script.
This Next loop takes a single terminal server's name and stores that value as %1. The For command queries that server (%1) using QWinsta and sends the output to the Find command. The Find command parses the output, searching for the user's name (%UserName%), and returns the count of how many times the user's name appears in the output. This count is then added to the LoginNum variable. The LoginNum variable is the running total of how many times the user is currently logged in. After this For command terminates, control is given back to the For command from Section 2. The For command from Section 2 then continues to call the Next loop, until all servers have been queried.

Section 4: Obtain a count to see how many times the user is logged in:

            Rem LoginNum will be less than or equal to 1 if the user is only logged in once.
            Rem This is good, and the script will then terminate
            If %LoginNum% LEQ 1 (EndLocal && Goto EoF)

This If statement checks what the value of LoginNum is after all the servers have been queried. If LoginNum is greater than 1, it means that the user is logged in multiple times, which in most cases, is a bad situation. However, if the user is only logged in once, then the script will end the localization of the variables and then exit.

Section 5: Warn the user they are logged in more than once:

            Rem LoginNum will be equal or greater than 2 if the user is logged in already
            Rem This is bad, so warn the user, then log them off
            Msg %WinStationName% /W You are logged in elsewhere.  You need to log out of there before you can login again.

This If statement checks to make sure that LoginNum is greater than 1, and if so, presents an error message to the user, waits for the user to acknowledge the message, then logs the user off using the Logoff.exe command.

Section 6: Cleanup before we exit:

            Goto EoF

As the script exits, it terminates variable localization. As I said before, this isn't necessary, but it helps to keep things encapsulated.

Well, that's about it. You've just finished a walkthrough tutorial for this script. tutorial would be complete without a download, so here is the script in its entirety (compressed):