Logoff interactive users in Windows from a service

multiSingularity picture multiSingularity · Mar 6, 2011 · Viewed 13.2k times · Source

I'm trying to figure out a way to log off users in local Windows sessions from a Windows Service written in C#.

Here's the background to the problem: I need to manage the computer usage time of a set of users; when their allotted time expires I want to log them off. This is in the context of a W2K8 domain. Unfortunately the login time controls in Windows simply disconnect the user from server resources; there is no way to force their sessions to terminate via this method.

My approach is to build a Windows Service that I will deploy across the domain; the service will run on every client computer. At regular intervals the service will enumerate logged-in users on the computer, call out to a database to add the logged-in time since the last call to the total for the day, and if they have reached their maximum, log them out (with a five minute warning). Note - these are NOT terminal services sessions, they are regular local interactive logons. Note also that there may be multiple logons on a machine due to the "switch user" functionality in Win7 & Vista. All my client PCs will be running Win7. The Windows Service will be running as Local System so privileges should not be a problem.

I can successfully construct a list of logged-in users on the machine by user name using WMI. Here's a snippet of that code:


        List<string> loggedInUsers = new List<string>();
        ManagementClass mc = new ManagementClass("Win32_Process");
        ManagementObjectCollection moc = mc.GetInstances();

        foreach (ManagementObject mo in moc)
        {
            ROOT.CIMV2.Process process = new ROOT.CIMV2.Process(mo);
            string domain, user;
            uint pid;
            process.GetOwner(out domain, out user);
            pid = process.ProcessId;
            if (process.Name.Trim().ToLower() == "explorer.exe")
                loggedInUsers.Add(user);
        }
        return loggedInUsers;

However, I am struggling to find a method that will allow me to log off a selected user's session. I know I can shut down the machine, but I don't want that - that will kill all users' sessions.

Any ideas anyone? Thanks for reading this lengthy post!

Answer

Sanjeevakumar Hiremath picture Sanjeevakumar Hiremath · Mar 6, 2011

You could use following P/Invoke calls to achieve this. Below sample works only with Admin Rights

        [DllImport("wtsapi32.dll", SetLastError = true)]
    static extern bool WTSLogoffSession(IntPtr hServer, int SessionId, bool bWait);

    [DllImport("Wtsapi32.dll")]
    static extern bool WTSQuerySessionInformation(
        System.IntPtr hServer, int sessionId, WTS_INFO_CLASS wtsInfoClass, out System.IntPtr ppBuffer, out uint pBytesReturned);

    [DllImport("wtsapi32.dll", SetLastError = true)]
    static extern IntPtr WTSOpenServer([MarshalAs(UnmanagedType.LPStr)] String pServerName);

    [DllImport("wtsapi32.dll")]
    static extern void WTSCloseServer(IntPtr hServer);

    [DllImport("wtsapi32.dll", SetLastError = true)]
    static extern Int32 WTSEnumerateSessions(IntPtr hServer, [MarshalAs(UnmanagedType.U4)] Int32 Reserved, [MarshalAs(UnmanagedType.U4)] Int32 Version, ref IntPtr ppSessionInfo, [MarshalAs(UnmanagedType.U4)] ref Int32 pCount);

    [DllImport("wtsapi32.dll")]
    static extern void WTSFreeMemory(IntPtr pMemory);

Here is a sample implementation to lookup all the users and their sessions, and then logging off one of the user.

using System;
using System.Collections.Generic;
using System.Runtime.InteropServices;

namespace ConsoleApplication1
{
 [StructLayout(LayoutKind.Sequential)]
internal struct WTS_SESSION_INFO
{
    public Int32 SessionID;
    [MarshalAs(UnmanagedType.LPStr)]
    public String pWinStationName;
    public WTS_CONNECTSTATE_CLASS State;
}

internal enum WTS_CONNECTSTATE_CLASS
{
    WTSActive,
    WTSConnected,
    WTSConnectQuery,
    WTSShadow,
    WTSDisconnected,
    WTSIdle,
    WTSListen,
    WTSReset,
    WTSDown,
    WTSInit
}

internal enum WTS_INFO_CLASS
{
    WTSInitialProgram,
    WTSApplicationName,
    WTSWorkingDirectory,
    WTSOEMId,
    WTSSessionId,
    WTSUserName,
    WTSWinStationName,
    WTSDomainName,
    WTSConnectState,
    WTSClientBuildNumber,
    WTSClientName,
    WTSClientDirectory,
    WTSClientProductId,
    WTSClientHardwareId,
    WTSClientAddress,
    WTSClientDisplay,
    WTSClientProtocolType,
    WTSIdleTime,
    WTSLogonTime,
    WTSIncomingBytes,
    WTSOutgoingBytes,
    WTSIncomingFrames,
    WTSOutgoingFrames,
    WTSClientInfo,
    WTSSessionInfo
}

class Program
{
    [DllImport("wtsapi32.dll", SetLastError = true)]
    static extern bool WTSLogoffSession(IntPtr hServer, int SessionId, bool bWait);

    [DllImport("Wtsapi32.dll")]
    static extern bool WTSQuerySessionInformation(
        System.IntPtr hServer, int sessionId, WTS_INFO_CLASS wtsInfoClass, out System.IntPtr ppBuffer, out uint pBytesReturned);

    [DllImport("wtsapi32.dll", SetLastError = true)]
    static extern IntPtr WTSOpenServer([MarshalAs(UnmanagedType.LPStr)] String pServerName);

    [DllImport("wtsapi32.dll")]
    static extern void WTSCloseServer(IntPtr hServer);

    [DllImport("wtsapi32.dll", SetLastError = true)]
    static extern Int32 WTSEnumerateSessions(IntPtr hServer, [MarshalAs(UnmanagedType.U4)] Int32 Reserved, [MarshalAs(UnmanagedType.U4)] Int32 Version, ref IntPtr ppSessionInfo, [MarshalAs(UnmanagedType.U4)] ref Int32 pCount);

    [DllImport("wtsapi32.dll")]
    static extern void WTSFreeMemory(IntPtr pMemory);

    internal static List<int> GetSessionIDs(IntPtr server)
    {
        List<int> sessionIds = new List<int>();
        IntPtr buffer = IntPtr.Zero;
        int count = 0;
        int retval = WTSEnumerateSessions(server, 0, 1, ref buffer, ref count);
        int dataSize = Marshal.SizeOf(typeof(WTS_SESSION_INFO));
        Int64 current = (int)buffer;

        if (retval != 0)
        {
            for (int i = 0; i < count; i++)
            {
                WTS_SESSION_INFO si = (WTS_SESSION_INFO)Marshal.PtrToStructure((IntPtr)current, typeof(WTS_SESSION_INFO));
                current += dataSize;
                sessionIds.Add(si.SessionID);
            }
            WTSFreeMemory(buffer);
        }
        return sessionIds;
    }

    internal static bool LogOffUser(string userName, IntPtr server)
    {

        userName = userName.Trim().ToUpper();
        List<int> sessions = GetSessionIDs(server);
        Dictionary<string, int> userSessionDictionary = GetUserSessionDictionary(server, sessions);
        if (userSessionDictionary.ContainsKey(userName))
            return WTSLogoffSession(server, userSessionDictionary[userName], true);
        else
            return false;
    }

    private static Dictionary<string, int> GetUserSessionDictionary(IntPtr server, List<int> sessions)
    {
        Dictionary<string, int> userSession = new Dictionary<string, int>();

        foreach (var sessionId in sessions)
        {
            string uName = GetUserName(sessionId, server);
            if (!string.IsNullOrWhiteSpace(uName))
                userSession.Add(uName, sessionId);
        }
        return userSession;
    }

    internal static string GetUserName(int sessionId, IntPtr server)
    {
        IntPtr buffer = IntPtr.Zero;
        uint count = 0;
        string userName = string.Empty;
        try
        {
            WTSQuerySessionInformation(server, sessionId, WTS_INFO_CLASS.WTSUserName, out buffer, out count);
            userName = Marshal.PtrToStringAnsi(buffer).ToUpper().Trim();
        }
        finally
        {
            WTSFreeMemory(buffer);
        }
        return userName;
    }

    static void Main(string[] args)
    {
        string input = string.Empty;
        Console.Write("Enter ServerName<Enter 0 to default to local>:");
        input = Console.ReadLine();
        IntPtr server = WTSOpenServer(input.Trim()[0] == '0' ? Environment.MachineName : input.Trim());
        try
        {
            do
            {
                Console.WriteLine("Please Enter L => list sessions, G => Logoff a user, END => exit.");
                input = Console.ReadLine();
                if (string.IsNullOrWhiteSpace(input))
                    continue;
                else if (input.ToUpper().Trim()[0] == 'L')
                {
                    Dictionary<string, int> userSessionDict = GetUserSessionDictionary(server, GetSessionIDs(server));
                    foreach (var userSession in userSessionDict)
                    {
                        Console.WriteLine(string.Format("{0} is logged in {1} session", userSession.Key, userSession.Value));
                    }
                }
                else if (input.ToUpper().Trim()[0] == 'G')
                {
                    Console.Write("Enter UserName:");
                    input = Console.ReadLine();
                    LogOffUser(input, server);
                }

            } while (input.ToUpper() != "END");
        }
        finally
        {
            WTSCloseServer(server);
        }
    }
}
}