How can I query teminal services activity remotely?

生来就可爱ヽ(ⅴ<●) 提交于 2020-01-06 05:41:05

问题


I want to query our servers to see look for disconnected/idle sessions. I know I can use 'query.exe', but I'd prefer something that's easier to work with from code.

WMI would be my preference.

Thanks.


回答1:


If you are using a .NET language, you might try Cassia. In C#, the code would be:

using System;
using Cassia;

namespace CassiaSample
{
    public static class Program
    {
        public static void Main(string[] args)
        {
            ITerminalServicesManager manager = new TerminalServicesManager();
            using (ITerminalServer server = manager.GetRemoteServer("server-name"))
            {
                server.Open();
                foreach (ITerminalServicesSession session in server.GetSessions())
                {
                    if ((session.ConnectionState == ConnectionState.Disconnected)
                        ||
                        (session.ConnectionState == ConnectionState.Active)
                        && (session.IdleTime > TimeSpan.FromMinutes(1)))
                    {
                        Console.WriteLine("Session {0} (User {1})", session.SessionId, session.UserName);
                    }
                }
            }
        }
    }
}

EDIT: Updated sample code for Cassia 2.0.




回答2:


For finding things / generating WMI code and queries, get the WMI Code Creator. It will generate the test stubs (C#, VB.NET, VBScript) and let you test out queries to make sure they return the info you want.

Terminal Services stuff under the Win32_Terminal* and Win32_TS* classes (There are a few of them, not sure which is the one that get you what you need. ).

I also use this helper class (needs a bit of refactoring, haven't touched it in years) to get management objects and execute methods.

using System;
using System.Collections.Generic;
using System.Text;
using System.Management;

namespace MyWMI
{
    public class WmiHelper
    {
        public static ManagementObjectCollection GetManagementObjectCollection(string ServerName, string WMIQuery)
        {
            //determine where the WMI root is that we will connect to. 
            string strNameSpace = "\\\\";

            ConnectionOptions connectionOptions = new ConnectionOptions();
            TimeSpan tsTimeout = new TimeSpan(0,0,5);
            connectionOptions.Timeout = tsTimeout;

            //if its not a local machine connection
            if (ServerName.Trim().ToUpper() != Globals.HostName)
            {
                strNameSpace += ServerName;
                connectionOptions.Username = Globals.WMIUserDomain + "\\" + Globals.WMIUserName;
                connectionOptions.Password = Globals.WMIUserPass;
            }
            else
            { //we are connecting to the local machine
                strNameSpace += ".";
            }

            strNameSpace += "\\root\\cimv2";

            //create the scope and search
            ManagementScope managementScope = new ManagementScope(strNameSpace, connectionOptions);
            ObjectQuery objectQuery = new ObjectQuery(WMIQuery);
            ManagementObjectSearcher searcher = new ManagementObjectSearcher(managementScope, objectQuery);
            ManagementObjectCollection returnCollection;
            try
            {
                returnCollection = searcher.Get();
            }
            catch (ManagementException ex)
            {
                throw new SystemException("There was an error executing WMI Query. Source: " + ex.Source.ToString() + " Message: " + ex.Message);
            }

            //return the collection
            return returnCollection;

        } //eng GetManagementObjectCollection

        public static bool InvokeWMIMethod(string ServerName, string WMIQueryToIsolateTheObject, string MethodName, object[] MethodParams)
        {

            //determine where the WMI root is that we will connect to. 
            string strNameSpace = "\\\\";

            ConnectionOptions connectionOptions = new ConnectionOptions();
            TimeSpan tsTimeout = new TimeSpan(0, 0, 5);
            connectionOptions.Timeout = tsTimeout;

            if (ServerName.Trim().ToUpper() != Globals.HostName)
            {
                strNameSpace += ServerName;
                connectionOptions.Username = Globals.WMIUserDomain + "\\" + Globals.WMIUserName;
                connectionOptions.Password = Globals.WMIUserPass;
            }
            else
            { //we are connecting to the local machine
                strNameSpace += ".";
            }

            strNameSpace += "\\root\\cimv2";

            ManagementScope managementScope = new ManagementScope(strNameSpace, connectionOptions);
            ObjectQuery objectQuery = new ObjectQuery(WMIQueryToIsolateTheObject);
            ManagementObjectSearcher searcher = new ManagementObjectSearcher(managementScope, objectQuery);
            ManagementObjectCollection returnCollection = searcher.Get();

            if (returnCollection.Count != 1)
            {
                return false;
            }


            foreach (ManagementObject managementobject in returnCollection)
            {
                try
                {
                    managementobject.InvokeMethod(MethodName, MethodParams);
                }
                catch
                {
                    return false;
                }

            } //end foreach 
            return true;
        } //end public static bool InvokeWMIMethod(string ServerName, string WMIQueryToGetTheObject, string MethodName, object[] MethodParams)
    }
}

@First comment: Ick... Apparently this is more complicated than first thought. Check this article (http://www.codeproject.com/KB/system/logonsessions.aspx), in the section titled "What about the built-in WMI functionality?". There is some special handling needed if using XP, because it has different WMI provider classes (change WMI Code creator to point to a remote computer - A Win2K3 server for instance), and in either case you will need to "join" data from all of the session classes.



来源:https://stackoverflow.com/questions/527997/how-can-i-query-teminal-services-activity-remotely

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!