none
Disabled users still can work via RDP

    Question

  • Hello. I have some users working over rdp on Windows 2008R2

    And I have webscript that disables user acoounts in AD via some triggers.

    I have huge problem - user still can work after being disabled in AD. Actually after disabling user cant reconnect.

    How can I logoff users when thy disabled in AD?

    Wednesday, August 28, 2013 8:57 PM

Answers

  • Hiya, 

    Changes to a users security is not enforced until next authentication attempt. So if a user authenticated successfully prior to being disabled, they will remain successfully authenticated until next authentication attempt. This does not throw them out of their current sessions.

    Add it to your script. 

    foreach($rdpserver in $rdpservers) 

    logoff $user

    Where $user is the disabled user.

    Wednesday, August 28, 2013 9:34 PM

All replies

  • Hiya, 

    Changes to a users security is not enforced until next authentication attempt. So if a user authenticated successfully prior to being disabled, they will remain successfully authenticated until next authentication attempt. This does not throw them out of their current sessions.

    Add it to your script. 

    foreach($rdpserver in $rdpservers) 

    logoff $user

    Where $user is the disabled user.

    Wednesday, August 28, 2013 9:34 PM
  • Hi Konstantin,

    I would like to check if you need further assistance.

    Thanks.


    Best Regards
    Jeremy Wu

    Tuesday, September 03, 2013 2:54 AM
    Moderator