1

Two years ago, I was working in a dreadful company. There, all my colleagues were using RDP connections and in order to know if a connection was available, I needed to ask them. So I have asked this question about the subject.

Now I'm working in a far better company, but I have a similar question: now it's not about my colleagues, who might be using the connection, but customers, and I try to use the accepted answer on that question in order to find out, but the result is not very useful:

Command prompt>query user /server:87.84.6.67
Error 0x000006BA enumerating sessionnames
Error [1722]:The RPC server is unavailable.

I get this error message, although, when I try to connect to the machine, this works for several seconds (and then then I get kicked out, at least that's the impression I have).

Does anybody know what to do?

Oh, my command prompt seems to run as administrator by default, I don't know if this makes any difference.

I just tried quser and qwinsta as user1686 suggested, but both give me the same answer. I don't know the sense of using winrs, it looks to me as a remote shell command, but I don't want to log to the machine and ask a question there, I just want to know who is using the RDP session.

Improve this question

1 Answer 1

Reset to default
2

The answer hasn't changed since then; the answer still is "use qwinsta or quser to list Terminal Services users".

Note that qwinsta/quser use DCOM RPC, which has its own firewall rules separate from RDP. There is no way to get the same information through the RDP protocol alone.

If RPC access is blocked (which it most likely is), find some other way to run the commands, e.g. through WinRM (winrs or Invoke-Command) or through SSH (if the server has SSH installed) or through some other remote management system.

If RPC is firewalled because you're accessing the server over WAN, ask the server owner to set up some form of VPN access so that you'd be able to connect to the server in other ways than RDP. For example, having WinRM or SSH access is very useful, both for your question and for remote access in general – you might be able to do all your work without RDP, and therefore without disturbing whoever else is RDP'd in.

Finally, ask your employer to reserve a time when the server would not be managed by anyone else, so that you could just RDP in and do your work. If they expect you to be accessing the server, it's their job to ensure that access.

Improve this answer
5
  • I just tried quser and qwinsta but both give me the same answer. I don't know the sense of using winrs, it looks to me as a remote shell command, but I don't want to log to the machine and ask a question there, I just want to know who is using the RDP session.
    – Dominique
    Commented Feb 22, 2023 at 10:25
  • Oh, about the schedule: we are working with a username that should only be used by my colleagues, but apparently the customer has some employees who don't care about that agreement, hence my question: I want to expose those guys :-)
    – Dominique
    Commented Feb 22, 2023 at 10:27
  • @Dominique - I added the new info to your question. In general editing it to add info is better than answering in comments, as that keeps the relevant info readily available and your situation up-to-date. As for the enumerating error - I did a bit of googling for Error 0x000006BA enumerating sessionnames and found quite a few pointers to (apparently) the same solution. That involves editing the registry of the target system to get the RPC server available. Maybe that helps you to the right direction.
    – Peregrino69
    Commented Feb 22, 2023 at 10:49
  • @Peregrino69: Thanks for your help, but modifying the registry of the target machine is out of the question.
    – Dominique
    Commented Feb 22, 2023 at 10:58
  • @Dominique: The answer is still the same. You log in to the machine and ask a question there in order to find out who is using the RDP session. If you have neither remote RPC access nor any way to run qwinsta remotely, then you really can't get this information "from the outside".
    – grawity_u1686
    Commented Feb 22, 2023 at 19:45

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .