none
How to retreive the IP Address of a terminal server connected user? RRS feed

  • Question

  • Hey everyone,
    I have been tasked with configuring a script for users logging into a terminal server from thin clients and identifying their location and mapping specific printers specific to their locations. The problem is there are no real easy ways to uniquely identify the thin clients where it is easier to be able to identify users logging onto a server using a Windows workstation.

    I was thinking if I could write a VBS script that executes at logon for users and identifies the IP address of the users session I could find a way to perhaps map a set of printers based on the third octet retrieved from the users session IP to the terminal server.

    Anyone have any ideas on how to do this? I already came across this:
    http://www.activexperts.com/activmonitor/windowsmanagement/scripts/terminalservices/retrieving/

    Which has lots of cool useful stuff. But nothing I can find about retrieving the actual connected users IP addresses on the terminal server. You would think this would be useful for logging source addresses etc. If I can determine a device is connected from a particular subnet I could create a case selection scenario where I map a certain set of printers.

    Thanks in advance! I'll keep hunting myself as well.

    Saturday, August 31, 2013 1:03 AM

Answers

  • Loopback correct.

    I ended up just creating a "switchboard" for users to select which printers they needed that was placed on the all users desktop.

    Not sure why Microsoft doesn't provide an easy way to access to the session info for the terminal server programmatically. Retrieving an IP address from a connected session you would think would be pretty basic and simple functionality. I think the group policy options for terminal server session settings should also be considered for security filtering options in future releases of the Server products.

    I did find a way to filter desktops by the subnet (If anyone else comes across a need to use it) but it only filters by the IP address configured by the local NIC's.... which IS still useful.

    This can be done through item level targeting in Group Policy.
    http://nexus.realtimepublishers.com/content/?tip=creating-targeting-and-applying-group-policy-preferences

    "Unfortunately no one can tell what posts you are responding to so your comments re not understandable."

    I'm sorry you can't understand my comments. *Shrug* I will at least thank everyone for contributing ideas and options for resolution.

    • Marked as answer by Azca Admin Sunday, September 22, 2013 4:24 PM
    Sunday, September 22, 2013 4:23 PM

All replies

  • netstat -n | find ":3389" | find "ESTABLISHED"

    Unfortunately all info is owned by the system.  Users cannot access this info.  Only admins can with system utilities.

    You can find third party apps that can do this.


    ¯\_(ツ)_/¯


    • Edited by jrv Saturday, August 31, 2013 1:44 AM
    Saturday, August 31, 2013 1:38 AM
  • You can probably start with the CLIENTNAME environment variable, and try to resolve that name to an IP address (using whatever technique you prefer).

    Saturday, August 31, 2013 2:03 AM
  • Here is a PosH way to get session info.  I have not tested it from a stock user but it might work. It uses the API to gather session information.

    http://gallery.technet.microsoft.com/scriptcenter/e8c3af96-db10-45b0-88e3-328f087a8700


    ¯\_(ツ)_/¯

    Saturday, August 31, 2013 2:05 AM
  • Note that 'CLIENTNAME' is set by the RDS client and can be set to anything.  Usually it is the NetBIOS names of the client.  If you have a database of NetBIOS names then it might be useful.  You could test it to see if it is a local Name by pinging it.  If it pings it is local - if not it is remote.

    ¯\_(ツ)_/¯

    Saturday, August 31, 2013 2:08 AM
  • Pretty fascinating as well. Way over my head unfortunately though trying to debug this stuff. Was hoping something existed that was fairly simple. You would think it would be pretty simple to track the ip address of a user that is logged onto an RDS session. It has to be stored in some system variable somewhere but maybe not. Guess its back to the drawing board of giving a user a few .bat files for each office to map just the printers they need themselves by running the one they need. I was hoping to avoid that. I'm going to copy this script though and check it out later if I had more time I would try and break it down to figure out what in the world is going on. Powershell is pretty powerful.
    Saturday, August 31, 2013 5:42 AM
  • Third party apps are definitely not an option unfortunately.
    Saturday, August 31, 2013 5:43 AM
  • It took me less than 5 minutes to load and run it.  It works perfectly.  I got lazy and didn't run it from a standard user on a production server because that takes more effort.  I left that up to you.

    Just download it. Install it according to the instructions and run the CmdLets.  It works well and is very easy to use.

    If you want me to test and validate it for you I can but you will have to spend money.  Cheaper to do it yourself.


    ¯\_(ツ)_/¯

    Saturday, August 31, 2013 5:56 AM
  • If i am not getting it wrong.. You want the ip address of the client machine through which the rdp session is being established.

    Then the psterminalservices module will do it for you.

    http://archive.msdn.microsoft.com/PSTerminalServices

    Get-TSSession -ComputerName comp1 | select IPAddress,ClientName,UserName


    Thanks Azam When you see answers please Mark as Answer if Helpful..vote as helpful.

    Saturday, August 31, 2013 6:09 AM
  • If i am not getting it wrong.. You want the ip address of the client machine through which the rdp session is being established.

    Then the psterminalservices module will do it for you.

    http://archive.msdn.microsoft.com/PSTerminalServices

    Get-TSSession -ComputerName comp1 | select IPAddress,ClientName,UserName


    Thanks Azam When you see answers please Mark as Answer if Helpful..vote as helpful.

    Yes - Shay's module is excellent but I believe it only works from an Admin account.  THe link I posted is fro the Microsoft RDS Team and it should work in a login script.  I would load and test both.


    ¯\_(ツ)_/¯

    Saturday, August 31, 2013 6:15 AM
  • I'm sure I could run it. I want to tear it apart and customize it. I programmed VB.Net back in 2003 when I was in school. It has been 10 years. Coding comes easy for some not so much for others. I do appreciate the upload but I can't follow that code easily. I might look into the powershell module below though just to see if I can do something with it. Thx everyone!

    Sunday, September 1, 2013 12:58 AM
  • I'm going to check this option out. Thank you for your input!
    Sunday, September 1, 2013 12:59 AM
  • What if it is executed as a computer policy by reverse GPO processing? I'll see what happens once I get some time to go over the details.

    Sunday, September 1, 2013 1:00 AM
  • What if it is executed as a computer policy by reverse GPO processing? I'll see what happens once I get some time to go over the details.

    Unfortunately no one can tell what posts you are responding to so your comments re not understandable.

    I don't know what code you are talking about.  THe PowerShell script has embedded access to the Windows API.  Net has no access to the TS data.  It is only available through the low-level API.

    Either module (both are modules and both access the low level API but in different ways) can do what yo ask but I am not sure that either can run under a user GPO.

    What is Reverse processing?  Did you choose the wrong term by mistake?   Did you intend to say "loopback processing".  THis has nothing to do with the question you asked.  That is about how GP resolves layers of rules. Logon scripts are just executed.


    ¯\_(ツ)_/¯

    Sunday, September 1, 2013 1:18 AM
  • Loopback correct.

    I ended up just creating a "switchboard" for users to select which printers they needed that was placed on the all users desktop.

    Not sure why Microsoft doesn't provide an easy way to access to the session info for the terminal server programmatically. Retrieving an IP address from a connected session you would think would be pretty basic and simple functionality. I think the group policy options for terminal server session settings should also be considered for security filtering options in future releases of the Server products.

    I did find a way to filter desktops by the subnet (If anyone else comes across a need to use it) but it only filters by the IP address configured by the local NIC's.... which IS still useful.

    This can be done through item level targeting in Group Policy.
    http://nexus.realtimepublishers.com/content/?tip=creating-targeting-and-applying-group-policy-preferences

    "Unfortunately no one can tell what posts you are responding to so your comments re not understandable."

    I'm sorry you can't understand my comments. *Shrug* I will at least thank everyone for contributing ideas and options for resolution.

    • Marked as answer by Azca Admin Sunday, September 22, 2013 4:24 PM
    Sunday, September 22, 2013 4:23 PM
  • Hey everyone,
    I have been tasked with configuring a script for users logging into a terminal server from thin clients and identifying their location and mapping specific printers specific to their locations. The problem is there are no real easy ways to uniquely identify the thin clients where it is easier to be able to identify users logging onto a server using a Windows workstation.

    There is an easy way, just use Group Policy Preferences. Click on the "Common" tab when you create a new printer, then use "Item level targeting", then choose and configure the parameter "Client TCP/IP Address". This is only available on 2008 Domain level. Let me know if it works!

    Tuesday, November 18, 2014 1:40 PM
  • there is a hotfix which you may need if some computers not picking this setting up: http://support.microsoft.com/kb/981054
    Tuesday, November 18, 2014 1:49 PM

  • Which has lots of cool useful stuff. But nothing I can find about retrieving the actual connected users IP addresses on the terminal server. You would think this would be useful for logging source addresses etc. If I can determine a device is connected from a particular subnet I could create a case selection scenario where I map a certain set of printers.

    Thanks in advance! I'll keep hunting myself as well.

    I wrote a script that grabs this information from the event log.  See here

    https://gallery.technet.microsoft.com/Remote-Desktop-Connection-3fe225cd

    You might not want the whole output, but as an example, here is what I output:




    Mike Crowley | MVP
    My Blog -- Baseline Technologies

    Thursday, April 9, 2015 2:56 AM