Exactly. I have used it for a different problem. Worked very well. And user didn't need permission on the server. I also made it create a logfile so you could see when it was done etc.
Op 14 feb. 2017 19:31 schreef "Melvin Backus" <[email protected]>: > This sounds like a good use for a flag file. If you create a scheduled > task that runs on a repeating / continuous basis, it can look for a file > which contains the login name(s) of any sessions that need to be killed. > That file can be stored on a share which is accessible to your unadmin > user, who can edit the file as required. The next time the task executes it > parses the file and kills any session with that login name. Have it run on > all servers if required or make the task to the search, whatever works best > for you. > > -- > There are 10 kinds of people in the world... > those who understand binary and those who don't. > > -----Original Message----- > From: [email protected] [mailto:listsadmin@lists. > myitforum.com] On Behalf Of Michael Leone > Sent: Tuesday, February 14, 2017 12:50 PM > To: [email protected] > Subject: Re: [NTSysADM] Managing RDS 2012 sessions from Win 7 > > On Tue, Feb 14, 2017 at 8:24 AM, Michael Leone <[email protected]> > wrote: > > On Tue, Feb 14, 2017 at 1:00 AM, Kurt Buff <[email protected]> wrote: > >> Of course - but he'll need that regardless of whatever method you use. > > > > Yeah, I know. But what I don't know is what ID/password he can use > > (i.e., what rights does the account need to be able to do this? And > > what can he then also be able to do, since he now knows an account > > that has some elevated privileges? Or is there some way I can grant > > his account the right to kick people off the RDS sessions, but not do > > anything else, like being a local admin on the server or something > > ...) > > > Oh, and just to make it more interesting .. I have a 3 server farm. So I'd > also need some way to query either each server, and find the ID to be > logged off. I can't just give it the RDS farm name, and have it kill the > correct process ... > > Oy > > I don't foresee any easy way to do this, not from Win 7, at least. I'd > have to cobble together some script to query all 3 servers, find the > offending ID, and then remotely kill it (after first figuring out how to > grant just "kill remote session" rights to the logged in user running said > hypothetical script) ... > > > > > > >> > >> Kurt > >> > >> On Mon, Feb 13, 2017 at 11:42 AM, Michael Leone <[email protected]> > wrote: > >>> On Mon, Feb 13, 2017 at 2:03 PM, Kurt Buff <[email protected]> > wrote: > >>>> "psexec \\RDSmachine.example.com logoff userid" > >>> > >>> Wouldn't he need to specify a username/password to log off this other > user? > >>> > >>>> https://technet.microsoft.com/en-us/library/jj215468.aspx > >>> > >>> I will look into it, thanks > >>> > >>> > >> > >> > > >
