Userlock – Restricting Number of Remote Desktop Sessions Per OU

This content 3 years old. Please, read this page keeping its age in mind along with the fact technology changes fast and the information on this page me be outdated, not best practice, or plain wrong.

This was a rather interesting project I took on.  The project was created to monitor and restrict how many Remote Desktop sessions were permitted to logon based on configuration per-OrganizationalUnit (OU) in Active Directory.

There are 2 parts to this.

Userlock – the GUI management part

sessioncheck – the executable that needs to be set to run for each user login and logoff script on a RDS Host.

Syntax of sessioncheck: sessioncheck logon or sessioncheck logoff

Userlock GUI

sessioncheck pops up a notification message box upon logon if there are no available slots left for “Max Sessions” and then logs the user immediately off the RDSH.

sessioncheck and Userlock GUI utilize a MSSQL Express database to store session data and check configurations for Maximum limits.

It works surprisingly well.  If you might be interested in this project for use at your organization, there are some code changes I’d need to make for more portability outside my environment, but it’s doable.  Get in touch with me.

Speak Your Mind


This site uses Akismet to reduce spam. Learn how your comment data is processed.