This article describes how to limit concurrent connections for all users in a Microsoft Windows Server 2003, a Microsoft Windows 2000, or a Microsoft Windows NT 4.0 environment.
Install the Windows 2000 Resource Kit tool named CConnect.exe on each client computer. This tool, together with an .adm file that is supplied by the tool, can perform the following functions:
- Limit concurrent connections for each user.
- Log off remote computers when concurrent connections are reached.
- List all computers that a user is logged on to.
- List logon servers for each user.
- Show how many users are logged on to a domain controller (DC).
- Force a logoff when concurrent connections are reached.
- Enable debugging of the CConnect tool.
- Write events to the event log of a specified server about the status of the CConnect tool.
- Save all lists to a file for further examination.
- Track the last user of the computer and only limit that user from logging on to the computer if the computer was shut down incorrectly.
This tool is included with the Windows 2000 Resource Kit and works with both Windows NT 4.0 and Windows 2000. For Windows 2000, there are no system requirements. For Windows NT 4.0, the following requirements exist:
- Windows NT 4.0 Service Pack 3 or later must be installed.
- Microsoft Data Access Components (MDAC) 2.0 must be installed.
- Windows Scripting Host must be installed.
- Web Based Enterprise Management (WBEM) must be installed.
Version 2.0 supports Terminal Server restrictions.
Windows NT 4.0 Terminal Server: Service Pack 4 or later
Windows 2000: No requirements
Version 2 will be available for public use on the next Windows 2000 Resource Kit. Version 1.3 is on the first Windows 2000 Resource Kit.
You can also use the LimitLogin utility to limit concurrent user logins in an Active Directory domain in a Windows Server 2003, a Windows 2000, or a Windows NT 4.0 environment. The LimitLogin utility keeps track of all logon information in Active Directory domains.
The LimitLogin utility has the following capabilities:
- It can limit the number of logins for each user from any computer in the domain. This includes terminal server sessions.
- It can display the logon information about any user in the domain according to specific criteria. For example, you can use the LimitLogin utility to display all logon sessions to a specific client computer or to a specific domain controller. Additionally, you can use the utility to display all computers to which a certain user is currently logged on.
- It is easy to manage and to configure because it can integrate into the Active Directory Microsoft Management Console (MMC) snap-ins.
- It can remotely delete and log off user sessions from the Active Directory Users and Computers MMC snap-in.
- It can generate logon information reports in either a comma-separated values (CSV) format or an XML format.
To download the LimitLogin utility, visit the following Microsoft Web site:
To submit questions or to provide customer feedback about the LimitLogin utility, e-mail the following alias: