+ Post New Thread
Page 1 of 3 123 LastLast
Results 1 to 15 of 42
Windows Thread, Restrict Concurrent Logons using Domain Sessions? in Technical; Hi All, I've been looking around at solutions to restricting users to only one logon, I've looked at cconnect (which ...
  1. #1
    Nick_Parker's Avatar
    Join Date
    Jan 2008
    Location
    Dainfern, South Africa
    Posts
    469
    Thank Post
    100
    Thanked 18 Times in 13 Posts
    Rep Power
    17

    Restrict Concurrent Logons using Domain Sessions?

    Hi All,

    I've been looking around at solutions to restricting users to only one logon, I've looked at cconnect (which I'm still trying to track down - need Server 2000 tools or something) and the other option is a fairly expensive UserLock software.

    Other people have come up with clever ways of doing it using logon scripts to write to text files, or create folders or write to an SQL DB, but...

    If you goto the domain controller, and right click 'My Computer', go to Manage, then under 'Shared Folders' you go to 'Sessions'.

    I would assume that's a fairly accurate way of determining who is logged on where? (Please feel free to comment on just how accurate this is?)

    Next question, is it possible to query the 'Sessions' from a vbscript startup script?

    Any suggestions would be greatly recommended?

  2. #2

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,266
    Thank Post
    242
    Thanked 1,575 Times in 1,254 Posts
    Rep Power
    342
    I use Userlock at one site (but as you say, it's expensive). Microsoft have release a free utility called LimitLogon, however I never got it to work properly and I don't seem to be the only one!

  3. #3
    kesomir's Avatar
    Join Date
    Mar 2008
    Location
    London
    Posts
    288
    Thank Post
    15
    Thanked 28 Times in 23 Posts
    Rep Power
    18
    This is one feature of ranger / impero etc that could really do with replicating on vanilla.

  4. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,252
    Thank Post
    898
    Thanked 1,785 Times in 1,537 Posts
    Blog Entries
    12
    Rep Power
    463
    We use a logon script that makes a .txt file on a server. When the user tries to logon again it logs them off right away. Simple but effective.

  5. #5
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,487
    Thank Post
    10
    Thanked 502 Times in 442 Posts
    Rep Power
    114
    limitlogon here

    Sometimes sessions can get left behind, although the same applies to limitlogon too if a machine crashes.

  6. #6

    Gatt's Avatar
    Join Date
    Jan 2006
    Posts
    6,774
    Thank Post
    873
    Thanked 674 Times in 443 Posts
    Rep Power
    503
    Using Userlock here too - though not tried it on Windows 2008 & Vista yet!!

  7. #7
    Nick_Parker's Avatar
    Join Date
    Jan 2008
    Location
    Dainfern, South Africa
    Posts
    469
    Thank Post
    100
    Thanked 18 Times in 13 Posts
    Rep Power
    17
    Ta for your suggestions guys,

    I've been a bit sceptical of LimitLogon after Google'ing it and seeing pages of "problems installing" and we are about to move our DC/AD to Server 2008, does LimitLogon work on 2008?

    None of you have tried the 'Sessions' route? I'm asking because I have no idea how to go about it myself

  8. #8
    amfony's Avatar
    Join Date
    Jul 2007
    Location
    Sydney
    Posts
    161
    Thank Post
    29
    Thanked 13 Times in 13 Posts
    Rep Power
    17
    im not to sure about the legitimacy of the session model sorry dude, isnt a session (im thinking, no real data to confirm this) only applicable as long as there is a file being accessed on that server. So on the DC (which one? another potential problem in session model) unless i file is accessed i would assume the session would dissapear.

    I could be very wrong though and id like to hear the result of someone knows otherwise.

    What i do - do is use is what you correctly said already. A MySql DB to write on logon and clear flag on logoff. Across about ...500 - 600 student logons a day we only get about 2 or 3 students whom have computer crashing/mate pulled the power plug/other non-graceful logoff which i think is pretty fair.

    Besides the txt file writing, database manpulation methods i dont really think there are other methods of achieving this? Thinking way, way, way out of the box (as i do) you could enable auditing and run scripts against eventLog??

    Possible .. and improbable.

    What aspect of the txt writing, db manipulation is not sufficient for you needs anyway mate?

  9. #9
    FAA
    FAA is offline
    FAA's Avatar
    Join Date
    Aug 2008
    Posts
    41
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Cool Just to reassure Gatt about UserLock...

    Yes UserLock is Windows Server 2008 and Vista compatible.

  10. #10
    cookie_monster's Avatar
    Join Date
    May 2007
    Location
    Derbyshire
    Posts
    4,217
    Thank Post
    394
    Thanked 278 Times in 239 Posts
    Rep Power
    75
    How expensive is UserLock?

  11. #11
    FAA
    FAA is offline
    FAA's Avatar
    Join Date
    Aug 2008
    Posts
    41
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    0

    UserLock pricing

    UserLock pricing

    Academic institutions get a 20% educational discount off this pricelist.

  12. #12
    Nick_Parker's Avatar
    Join Date
    Jan 2008
    Location
    Dainfern, South Africa
    Posts
    469
    Thank Post
    100
    Thanked 18 Times in 13 Posts
    Rep Power
    17
    Quote Originally Posted by amfony View Post
    im not to sure about the legitimacy of the session model sorry dude, isnt a session (im thinking, no real data to confirm this) only applicable as long as there is a file being accessed on that server. So on the DC (which one? another potential problem in session model) unless i file is accessed i would assume the session would dissapear.

    I could be very wrong though and id like to hear the result of someone knows otherwise.

    What i do - do is use is what you correctly said already. A MySql DB to write on logon and clear flag on logoff. Across about ...500 - 600 student logons a day we only get about 2 or 3 students whom have computer crashing/mate pulled the power plug/other non-graceful logoff which i think is pretty fair.

    Besides the txt file writing, database manpulation methods i dont really think there are other methods of achieving this? Thinking way, way, way out of the box (as i do) you could enable auditing and run scripts against eventLog??

    Possible .. and improbable.

    What aspect of the txt writing, db manipulation is not sufficient for you needs anyway mate?
    You may be right about the sessions method, will have to look into it a little more, but I'm beginning to lean towards the MySQL method, do you read/write to the MySQL DB from the logon/logoff script?

  13. #13
    Nick_Parker's Avatar
    Join Date
    Jan 2008
    Location
    Dainfern, South Africa
    Posts
    469
    Thank Post
    100
    Thanked 18 Times in 13 Posts
    Rep Power
    17
    LAME!

    I spent most of yesterday writing a console application in C# to handle the talking to a DB, you pass it the parameters such as username, IP address, computer name.

    It then looks up from a mysql db all the current sessions for that username, adds a new one if appropriate, logs off if necessary etc.

    First problem: Can't run the EXE from the netlogon folder... all sorts of permission errors blah blah...

    So for testing, the logon script now copies the exe to the local machine then runs it.
    that seems to work fine, but still not ideal.

    second problem: The logoff script doesn't seem to run the exe... when you log off, the desktop dissapears and you get that little status thingy, "windows is logging you off", "closing network connections..." etc... that stuff, then it does the "running log off scripts"
    and I think at that point its not capable of running an .exe and doing the whole mysql bit.


    Any suggestions?

  14. #14
    Nick_Parker's Avatar
    Join Date
    Jan 2008
    Location
    Dainfern, South Africa
    Posts
    469
    Thank Post
    100
    Thanked 18 Times in 13 Posts
    Rep Power
    17
    Correction: It does run now when you log off, turns out I had a mistake in my logoff script... *oops*

    Still, any suggestions as to how to get the exe to run from a network drive?

  15. #15

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    11,247
    Thank Post
    882
    Thanked 2,745 Times in 2,319 Posts
    Blog Entries
    11
    Rep Power
    785
    I have not had issues with running exe files from the nelogon share but stuff like the old winnt printer connector exe.

    You are probably having problems because your app is built in C# and relys on the .net framework which has a whole bunch of security settings that prevent running a .net application from a network share. You would need to change the .net runtime security settings on all of your client machines.

    You can use VBS scripts to access databases directly and perform the kinds of operations that you are after which may be easier that a full scale war with the .net framework.



SHARE:
+ Post New Thread
Page 1 of 3 123 LastLast

Similar Threads

  1. Tool to restrict concurrent application usage
    By meastaugh1 in forum Network and Classroom Management
    Replies: 10
    Last Post: 5th January 2011, 01:18 PM
  2. Concurrent logons
    By mrforgetful in forum Wireless Networks
    Replies: 7
    Last Post: 28th February 2008, 06:33 PM
  3. Maximum concurrent connections in XP Pro?
    By Ben_Stanton in forum Windows
    Replies: 5
    Last Post: 30th August 2007, 10:56 AM
  4. Concurrent user logins on 2k3 domain
    By doco in forum Windows
    Replies: 4
    Last Post: 26th June 2007, 12:33 PM
  5. Wide Area Networks & Domain Logons
    By RobC in forum Wireless Networks
    Replies: 4
    Last Post: 16th December 2005, 01:40 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •