Remote Logoff inactive user profiles

I’m looking for a way to Remote logoff all loaded profiles EXCEPT the currently active user. We often have users that “Switch User” and I’d like to log off the inactive user profiles without disrupting the active user. win32Shutdown() only takes care of the active user and I’d like to find a way to target specific users. Worst case I’d like to log off all loaded profiles.

I’m currently using win32UserProfile to identify loaded profiles

Get-WmiObject -Class Win32_UserProfile -computername "$computer"|? {$_.Special -eq 0}|sort-object $_.LastUseTime

I would typically configure RDP to end disconnected sessions after a fixed amount of time like 30 minutes. This is also settable via GPO
[url]http://technet.microsoft.com/en-us/library/cc754272.aspx[/url]

GPO isn’t really an option since I want add this functionality to some existing powershell scripts that I’ve created. You did put me on the right track though. I found I can use quser.exe and logoff.exe to accomplish my task, but it’s going to be ugly. It seems there must be a better way to accomplish this via WMI or something.

I’m working on a function to do just that… will update you shortly

I got it. I found this script which nicely converts quser.exe output to objects. Saved a few hours!
http://gallery.technet.microsoft.com/scriptcenter/Get-LoggedOnUser-Gathers-7cbe93ea

I had to modify it to use Invoke-Command to run quser.exe. From there I just passed results on to logoff.exe via another Invoke-Command.

I’m curious to see what you come up with!

param(
    [CmdletBinding()] 
    [Parameter(ValueFromPipeline=$true,
               ValueFromPipelineByPropertyName=$true)]
    [string[]]$ComputerName = 'localhost'
)

process {
    foreach ($Computer in $ComputerName) {
        invoke-command -computername $computer -scriptblock {quser} | Select-Object -Skip 1 | ForEach-Object {
            $CurrentLine = $_.Trim() -Replace '\s+',' ' -Split '\s'
            $HashProps = @{
                UserName = $CurrentLine[0]
                ComputerName = $Computer
            }

            # If session is disconnected different fields will be selected
            if ($CurrentLine[2] -eq 'Disc') {
                    $HashProps.SessionName = $null
                    $HashProps.Id = $CurrentLine[1]
                    $HashProps.State = $CurrentLine[2]
                    $HashProps.IdleTime = $CurrentLine[3]
                    $HashProps.LogonTime = $CurrentLine[4..6] -join ' '
            } else {
                    $HashProps.SessionName = $CurrentLine[1]
                    $HashProps.Id = $CurrentLine[2]
                    $HashProps.State = $CurrentLine[3]
                    $HashProps.IdleTime = $CurrentLine[4]
                    $HashProps.LogonTime = $CurrentLine[5..7] -join ' '
            }

            New-Object -TypeName PSCustomObject -Property $HashProps |
            Select-Object -Property UserName,ComputerName,SessionName,Id,State,IdleTime,LogonTime
        }
    }
}
"computer1"|.\get-loggedonuser.ps1|Where-Object {$_.state -eq "Disc"}|Foreach-Object {Invoke-command -computername $_.computername -scriptblock {logoff.exe "$args"} -args "$($_.id)"}

Great, check out the function Get-SBRDPSession in the SBTools module at [url]http://gallery.technet.microsoft.com/scriptcenter/SBTools-module-adds-38992422[/url]

 .Synopsis
  Function to get RDP sessions on one or more computers

 .Description
  Function to get RDP sessions on one or more computers. Returns object collection, each corresponding to a session. 
  object properties: ComputerName, UserName, SessionName, ID, State
  ID refers to RDP session ID. State refers to RDP session State

 .Parameter ComputerName
  If absent, function assumes localhost.

 .Parameter State
  Filters result by one or more States
  Valid options are:
    Disc
    Conn
    Active
    Listen

 .EXAMPLE
  Get-SBRDPSession -ComputerName MyPC -State Disc | FT

  This example lists disconnected RDP sessions on the computer MyPC in table format.

  Sample output:

    UserName                State                   SessionName             ID                      ComputerName
    --------                -----                   -----------             --                      ------------
                            Disc                    services                0                       MyPC

 .EXAMPLE
  Get-SBRDPSession -state Active,Disc | FT

  This example lists RDP sessions on the local machine, and returns those with State Active or Disc in table format.

  Sample output:

    UserName                State                   SessionName             ID                      ComputerName
    --------                -----                   -----------             --                      ------------
                            Disc                    services                0                       PC1
    samb                    Active                  rdp-tcp#73              2                       PC1

 .Example
  Get-SBRDPSession xhost11,xhost12 | FT

  This example lists RDP sesions on the computers xHost11 and xHost12 and outputs the result in table format.

  Sample output:

    UserName                State                   SessionName             ID                      ComputerName
    --------                -----                   -----------             --                      ------------
                            Disc                    services                0                       xhost11
                            Conn                    console                 1                       xhost11
    samb                    Active                  rdp-tcp#10              2                       xhost11
                            Listen                  rdp-tcp                 65536                   xhost11
                            Disc                    services                0                       xhost12
                            Conn                    console                 1                       xhost12
                            Listen                  rdp-tcp                 65536                   xhost12

 .EXAMPLE
  Get-SBRDPSession (Get-Content .\computers.txt) Disc -Verbose |  FT

  This example reads a computer list from the file .\computers.txt and displays disconnected sessions
  In this example .\computers.txt contains:
    PC1
    PC2
    PC3

  Sample output:

    VERBOSE: Computer name(s): "xhost13" "xhost14" "xhost16"
    VERBOSE: Filtering on state(s): Disc
    VERBOSE: Reading RDP sessions on computer "xhost13"
    VERBOSE: Reading RDP session: ==> services                                    0  Disc
    VERBOSE: Reading RDP session: ==> console                                     1  Conn
    VERBOSE: Reading RDP session: ==> rdp-tcp                                 65536  Listen
    VERBOSE: Reading RDP sessions on computer "xhost14"
    VERBOSE: Reading RDP session: ==> services                                    0  Disc
    VERBOSE: Reading RDP session: ==> console                                     1  Conn
    VERBOSE: Reading RDP session: ==>                   samb                      2  Disc
    VERBOSE: Reading RDP session: ==> rdp-tcp                                 65536  Listen
    VERBOSE: Reading RDP sessions on computer "xhost16"
    VERBOSE: Reading RDP session: ==> services                                    0  Disc
    VERBOSE: Reading RDP session: ==> console                                     1  Conn
    VERBOSE: Reading RDP session: ==> rdp-tcp#73        samb                      2  Active
    VERBOSE: Reading RDP session: ==> rdp-tcp                                 65536  Listen

    UserName                State                   SessionName             ID                      ComputerNam
    --------                -----                   -----------             --                      -----------
                            Disc                    services                0                       PC1
                            Disc                    services                0                       PC2
    samb                    Disc                                            2                       PC2
                            Disc                    services                0                       PC3