How To Remotely Log Off Specific Users using Powershell

by Danny
0 comment

READING TIME: 4 MINUTES

In this guide, I’m going to show you how to remotely log off a specific user on a server or computer. This is a great way to log off idle users on a terminal server or kick someone off a server if they are doing something they shouldn’t be, or to fix a user-specific issue. You might also use this command to logoff someone if you recently applied a GPO that requires the user to log off.

Note: You will need to be an administrator on the target computer for this script to work. For example, if you are logged into your PC as domain\user, then you’ll need to add your user to the target computer first.

However, this is also a non-admin script. You can run this script as a standard Windows user, you just need to be an admin on the target.


Log Off Powershell Script: Frontend Usage

In this example, I’m going to log off the “Administrator” user. A list of all users can also be found by RDP’ing to the server > Task Manager > switching to the Users tab:

First, a box will popup asking you to enter the username of a user you want to be logged out:

Then, another box will pop up prompting you to type the computer/server name:

After running, the user is immediately logged out of the server!


Remotely Log Off Users on Server Powershell Script

Here is the code you will use. Just copy and paste this exactly as is into a new Powershell script.

[void][Reflection.Assembly]::LoadWithPartialName('Microsoft.VisualBasic')

$PromptUser = {
        [Microsoft.VisualBasic.Interaction]::InputBox(
        ($args -join ' '),     #Prompt message
        "Log Off Remote User" #Title Bar
    )
}

$Username = &$PromptUser "Type username you wish to sign off"
$ServerName = &$PromptUser "Type target server name"
$sessionID = ((quser /server:$ServerName | Where-Object { $_ -match $UserName }) -split ' +')[2]

###logs off user
Logoff $sessionID /server:$ServerName

How to Script Works: Backend Usage

In the background, the script is querying the remote computer ( $ServerName) to see all currently logged in users. (using the quser command).

Then, it grabs the ID of the user you specify from the $UserName variable and puts the ID into another variable ( $sessionID).

Lastly, it tells the remote computer to log off the user using the stored $sessionID variable.


See Who Is Logged -in Locally

If you’d like to see who all is logged into a computer locally, you can open Powershell and just type the quser command.


Checking Who Is Logged-in To A Remote Computer or Server

The command below is a non-admin command, so you can run it as a standard user. You also don’t need to be an admin on the target computer to see who is currently logged in. Add this to a new PDQ Deploy package and run it.

Invoke-Command -ComputerName 'REMOTECOMPUTER' -ScriptBlock { quser }

Add Admin User to Computer using Powershell

There are several ways to add a user as an administrator user to a computer. You can either RDP to the machine and add it by opening Control Panel > Users Accounts > Manage User Accounts. Or, to do this using Powershell, I’m using PDQ Deploy with the command below. Replace username with the domain user.

I first add myself as admin to the target computer, and then run the script above. Note that the “Remotely Log Off Users on Server Powershell Script” doesn’t work in PDQ, as PDQ doesn’t support displaying popup boxes.

net localgroup administrators username /add


My Homelab Equipment

Here is some of the gear I use in my Homelab. I highly recommend each of them.

The full list of server components I use can be found on my Equipment List page.

0 comment

You may also like

Leave a Comment