I'm currently an intern in a forecast service of the rising in the water level of the rivers of an entire French Region. I apologise in advance for my English, I'm still improving it.
The network infrastructure of the service is as following:
Everybody work on thin clients, connecting on applicative servers (with 2008 R2 on them) via RDP. These servers aren't all integrated in a domain (Well… They COULD be in one, since they have a Samba4 DS running in a corner, but my boss had a little issue trying to add all the servers in the Samba domain. It's not my task to resolve this, so screw this) nor in a server farm managed by a connection broker.
I was asked to search for means to have only some users on each server to have multiple RDP connections, with the others having only one RDP session allowed, which is a little hard without the GPO management tools of ADDS.
On top of that, I'm looking for tools to send a popup to the connected sessions of the mono-session users asking if they have still work to do when some other guy tries to connect to the same session. If they're still working in this session, they click on 'Yes' and the poor dude who was attempting to connect is rejected. If they don't answer in like 30 seconds or click on 'No' then the new user takes the hand on the session.
After a week of pointless researches involving bad scripting and a misunderstanding on what was the Connection Broker service, I turn to you to ask for help.
EDIT: I forgot to specify that the thin clients run on XP Embedded, which limits the client-side scripting (if there is) to Powershell 2.0, that I was thinking of using to do most of the work.
Best Answer
Regarding multiple sessions for the same user, this is a matter of editing a registry key, but is controlled at a machine level, not a user level... so it's multiple sessions for all users, or none of them.
On the terminal server in question, navigate to the Registry entry located at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\fSingleSessionPerUserWhen the value is
1, only one session per user is allowed. When the value is0, users can have multiple sessions.Regarding the warning, that should be default behavior. Provided that a user has been granted privileges to log off another user's session in order to connect, the user being knocked off should get a pop up and have 30 seconds to keep from being logged off.
With XP/2003, this behavior is controlled by Group (or local) Policy under
Computer/User Configuration->Administrative Templates->Windows Components->Terminal Servicesand, in Windows Vista/2008 and up, it's underComputer/User Configuration->Administrative Templates->Windows Components->Remote Desktop Services.