7

I am in need of a script or powershell command that will be able to determine the session id of a specific logged in user on remote machine, to be later used as parameter to the psexec -i execution of remote gui process on that session of that user on the remote machine.

So far i managed to use

psexec \\remoteMachine -u user -p pswrd query session

to get list of sessions on the remote machine:

SESSIONNAME       USERNAME                 ID  STATE   TYPE        DEVICE
console                                     0  Conn    wdcon
rdp-tcp#919       user                     1  Active  rdpwd
rdp-tcp#916       user                     3  Active  rdpwd

so i guess i could somehow isolate the needed id and use it - but haven't managed to do that yet

Any ideas? Maybe other - simpler ways?

Thanks for the help.

ruslanoid
  • 143
  • 1
  • 1
  • 5
  • I believe this question is a duplicate of [Can I find the session ID for a user logged on to another machine?](http://superuser.com/questions/123242/can-i-find-the-session-id-for-a-user-logged-on-to-another-machine) I know it's a pretty old question, but for what it's worth, I've posted a detailed answer that might solve your problem. – Fabien Teulieres Aug 15 '15 at 02:52

3 Answers3

15

As long as you're using PSExec, I would just stick with it. You can get the ID field pretty easily given a username e.g.:

$username = 'joe'
$results = psexec \\remoteMachine -u adminuser -p password query session
$id = $results | Select-String "$username\s+(\w+)" |
                 Foreach {$_.Matches[0].Groups[1].Value}

psexec \\remoteMachine -u $username -i $id -d notepad.exe

Note that you want to use -d with PSExec otherwise it will wait until the launched program exits.

Keith Hill
  • 194,368
  • 42
  • 353
  • 369
  • Hi Keith, I came across an error saying the query exited with code 1. But if I just ran "psexec \\remoteMachine -u adminuser -p password query session" (without $results = ), it worked well. Any ideas? Thanks in advance for your help! –  May 18 '15 at 02:47
  • Hi, I've printed $id with "Write-Host session id = $id" and it was "session id = 1 3". Something wrong with regex? Seems that "3" is correct session id, but "1 " is wrong prefix. – QtRoS Nov 14 '17 at 19:58
7

It's possible to do that without PowerShell. There is qwinsta command line tool that ships with Windows that you can use.

Example: 

c:\>qwinsta
 SESSIONNAME       USERNAME                 ID  STATE   TYPE        DEVICE
 services                                    0  Disc
 console                                     1  Conn
>rdp-tcp#0         YourUser                  2  Active  rdpwd
 rdp-tcp                                 65536  Listen

Usage:

c:\>qwinsta /?
Display information about Remote Desktop Sessions.

QUERY SESSION [sessionname | username | sessionid]
              [/SERVER:servername] [/MODE] [/FLOW] [/CONNECT] [/COUNTER] [/VM]

  sessionname         Identifies the session named sessionname.
  username            Identifies the session with user username.
  sessionid           Identifies the session with ID sessionid.
  /SERVER:servername  The server to be queried (default is current).
  /MODE               Display current line settings.
  /FLOW               Display current flow control settings.
  /CONNECT            Display current connect settings.
  /COUNTER            Display current Remote Desktop Services counters information.
  /VM                 Display information about sessions within virtual machines.
Nikita R.
  • 7,245
  • 3
  • 51
  • 62
4

With the PSTerinalServices powershell module you can get the user sessions and IDs.
The module can be found here: http://code.msdn.microsoft.com/PSTerminalServices

PS > Get-TSSession -UserName user1 -ComputerName pc1 | select UserName,SessionId

UserName SessionId
-------- ---------
User             1
Shay Levy
  • 121,444
  • 32
  • 184
  • 206