Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, January 24, 2019 11:37 AM
Hi,
I've been reading a lot of material trying to find out when a remote comuter is locked or if a user is using it.
But all the scripts I found use the logonui process to check it.
Well, I'm using Windows 10 1809 all patched up and no logonui process exists.
What am I missing here?
All replies (8)
Thursday, January 24, 2019 8:06 PM
Try query session.
C:\WINDOWS\system32>query session
SESSIONNAME USERNAME ID STATE TYPE DEVICE
services 0 Disc
>console Admin 1 Active
rdp-tcp 65536 Listen
C:\WINDOWS\system32>query session /?
Display information about Remote Desktop Services sessions.
QUERY SESSION [sessionname | username | sessionid]
[/SERVER:servername] [/MODE] [/FLOW] [/CONNECT] [/COUNTER] [/VM]
sessionname Identifies the session named sessionname.
username Identifies the session with user username.
sessionid Identifies the session with ID sessionid.
/SERVER:servername The server to be queried (default is current).
/MODE Display current line settings.
/FLOW Display current flow control settings.
/CONNECT Display current connect settings.
/COUNTER Display current Remote Desktop Services counters information.
/VM Display information about sessions within virtual machines.
C:\WINDOWS\system32>
Thursday, January 24, 2019 8:11 PM
MotoX80,
Hey man! Thanks for replying, but query session doesn't say if the computer is locked.
It just says that the session is active by X user.
Tuesday, January 29, 2019 6:44 AM
Hi Vandrey,
This script could work for you:
https://gallery.technet.microsoft.com/scriptcenter/Get-Remote-Logon-Status-d8c2318a
This script will return the logon status of the local or a remote machine. Return types include "Not logged on", "Locked", "Logged on", and "Offline.
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Tuesday, January 29, 2019 10:48 AM
Kate Li,
Thanks for replying too!
I had already tested that script. It only shows the user as "logged on", even when the computer is locked. And I think that it all happens because it uses logonui.exe to check. Since there is no process with that name it doesn't work as expected.
"Get-Process logonui -ComputerName $computer -ErrorAction Stop"
Monday, February 4, 2019 6:13 AM
Hi,
Please try the way to remote check the event logs referring to what philgman said in the following link:
Check Logged/Locked Status of 1 remote PC with Powershell Script
Please Note: Since the website is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
Best Regards,
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact [email protected].
Monday, February 4, 2019 10:57 AM
David_Ding2018,
Thanks, but that script didn't work very well... I have tried and it says that the user is logged on when the workstation is locked.
Anyway, my question is about logonui process. Microsoft should killed it then...
Monday, July 29, 2019 3:19 PM
Take a look at this. I found this solution to be quite good and it doesn't rely on WMI or logonui. Hope this helps!
http://mctexpert.blogspot.com/2012/10/how-to-determine-if-client-on-your.html
Monday, July 29, 2019 4:25 PM
Micah,
Nice! Thanks for that tip!