Jump to content

How to get terminal services client IP address?


Rece
 Share

Recommended Posts

I would like to write an initial program for my Win2000 terminal server. I need the client IP for logging but I don't know how to get it. I think wtsapi32.dll's WTSQuerySessionInformation can give this information for me but I don't understand exactly the usage of DllCall() in this case... Could somebody help me?

Link to comment
Share on other sites

  • 3 weeks later...

OK i guess i cheated and read the help file. And what an excellent help file it is! B):o

@OSLang

Returns code denoting OS Language. See Appendix for possible values.

@OSType

Returns "WIN32_NT" for NT/2000/XP/2003 and returns "WIN32_WINDOWS" for 95/98/Me

@OSVersion

Returns one of the following: "WIN_2003", "WIN_XP", "WIN_2000", "WIN_NT4", "WIN_ME", "WIN_98", "WIN_95"

@OSBuild

Returns the OS build number. For example, Windows 2003 Server returns 3790

@OSServicePack

Service pack info in the form of "Service Pack 3" or, for Windows 95, it may return "B"

@ComputerName

Computer's network name.

@UserName

ID of the currently logged on user.

@IPAddress1

IP address of first network adapter. Tends to return 127.0.0.1 on some computers.

@IPAddress2

IP address of second network adapter. Returns 0.0.0.0 if not applicable.

@IPAddress3 IP address of third network adapter. Returns 0.0.0.0 if not applicable.

@IPAddress4 IP address of fourth network adapter. Returns 0.0.0.0 if not applicable.

@DesktopWidth

Width of the desktop screen in pixels. (vertical resolution)

@DesktopHeight

Height of the desktop screen in pixels. (horizontal resolution)

@DesktopDepth Depth of the desktop screen in bits per pixel.

@DesktopRefresh Refresh rate of the desktop screen in hertz

Link to comment
Share on other sites

I'm afraid that the original poster doesn't want @IPAddress1 -- he wants the IP of the computer connecting to him via Terminal Services (i.e. not an AutoIt script).

I'm quite surprised that Terminal Services doesn't offer this kind of logging functionality already. Are you sure of this?

Link to comment
Share on other sites

Yeah, this kicked my butt a while back. Here's the script that I whipped up once I figured it out.

This script does a netstat.exe -TCP and parses the output, looking for port 3389.

Then it displays a message and writes the results to the registry for use with BGInfo.

There are command line parameters for use in a BAT file...

; ---------------------------------------------------------------------------
; AutoIt Version: 3.1.1.+ beta
; Author:        Rick Weber
;
; Script Function:
;   Displays the current RDP user IP or Name and Writes it to the registry for BGInfo
;
; Command line stuff
; -?  Help
; -s  Silent mode - to use in a start up script
; -ip  use IP rather than name
; ---------------------------------------------------------------------------

dim $TempF, $TFile, $cmd
dim $value, $pos1, $pos2, $silent = 0
dim $ComputerName=@ComputerName
dim $RDP=":3389"
dim $Key = "HKLM\SOFTWARE\BGInfo"
dim $KeyU = "HKCU\SOFTWARE\BGInfo"
dim $ValName = "RDPclient"
dim $IP = ""
dim $title = "RDP Client Address"
dim $IsClient = "the client"


; Extended command line paramerters
If $CmdLine[0] > 0 then
    For $i = 1 to $CmdLine[0]
        Switch $CmdLine[$i]
            Case "-s", "/s"
                $silent = 1
            Case "-ip", "/ip"
                $IP = "-n "
                $ComputerName=@IPAddress1
            Case "-?", "/?"
                MsgBox (0, $title,"Writes the RDP client address to the Registry" & @CR & _
                $KeyU & "\" & $ValName & @CR  & @CR & _
                "-? Help" & @CR & _
                "-s Silent mode - for BAT files" & @CR & _
                "-ip    Use IP Address rather than Computer Name")
                exit(0)
        EndSwitch
    Next
EndIf

$TempF = EnvGet("TEMP") & "\rdpclient.txt"

; Run netstat
$cmd = @SystemDir & "\netstat.exe -p TCP " & $IP & "|find """ & $ComputerName & $RDP & """>" & $TempF
RunWait(@ComSpec & " /c " & $cmd, "", @SW_HIDE)


; Parse the results of netstat
$TFile = FileOpen($TempF, 0)
$value = FileReadLine($TFile)

$pos1 = StringInStr($value,":") + 1
$pos2 = StringInStr($value,":",0,2) - $pos1
$value= StringMid($value, $pos1, $pos2)

if StringLeft($value, 4) = "3389" then
    $IsClient = "remote desktop client"
elseif $value = "" then
    $IsClient = "unknown (probably the local host, RDP not in use)"
else
    $IsClient = "the local host"
endif

$pos1 = StringInStr($value," ") + 1
$value= StringStripWS(StringMid($value, $pos1),1)

if $value = "" then $value="NA"; this happens when run locally

; Write results to registry
RegWrite($Key, $ValName, "REG_SZ", $value)
RegWrite($KeyU, $ValName, "REG_SZ", $value)

; Display results - or not
if $silent = 1 then exit(0)
Inputbox($title,"Remote Desktop client address:" & @CR & @CR & "address = " & $IsClient, RegRead($KeyU, $ValName),"",400,-1)
Edited by Koder
Link to comment
Share on other sites

Thanks, I will try it!

@IPAddress1 is not good for me, it gives the terminal server's IP not the client's.

I know about no TS function for this like %username% etc. altough I can watch this IP address in Terminal Services Manager...

Edited by Rece
Link to comment
Share on other sites

Koder's method sounds at good as any.

Because it's possible to change the default port, it would be good say

$port = RegRead("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp","PortNumber")

You might not need to change the default port now; but if you do in the future, you don't want the script to mysteriously fail B)

Use Mozilla | Take a look at My Disorganized AutoIt stuff | Very very old: AutoBuilder 11 Jan 2005 prototype I need to update my sig!
Link to comment
Share on other sites

Thanks, I will try it!

@IPAddress1 is not good for me, it gives the terminal server's IP not the client's.

I know about no TS function for this like %username% etc. altough I can watch this IP address in Terminal Services Manager...

@IPAddress1 in my code is used only for parsing the netstat results. That's how it can tell it's an incoming connection.

I didn't account for the possiblity of incoming connections on other NICs or multiple connections for that matter.

@CyberSlug: Hey that's a good idea. Just pull the port from the registry. I do use alternate ports for forwarding to multiple machines, so this could help right away.

Link to comment
Share on other sites

I wrote an IPSend utility. I have yet to release it on the forum, but the exe is on my website. Let me know if that is similiar to what you are wanting. That one is for VNC, but I am sure I could set it up otherwise.

Also if you are wanting to write your own solution try the _GetIP() function in inet.au3. (An include file).

I with the help of a couple of other people wrote that UDF. I hope it helps.

JS

AutoIt Links

File-String Hash Plugin Updated! 04-02-2008 Plugins have been discontinued. I just found out.

ComputerGetInfo UDF's Updated! 11-23-2006

External Links

Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)

Link to comment
Share on other sites

Thanks JSThePatriot but _GetIP() uses the internet but my local network is separated from the internet and I think this function always gives the router's (WAN) IP and not the LAN IP of the PCs...

Yes RobM I need the client's (terminal PC's) IP address which is connected to the terminal server.

Link to comment
Share on other sites

Thanks JSThePatriot but _GetIP() uses the internet but my local network is separated from the internet and I think this function always gives the router's (WAN) IP and not the LAN IP of the PCs...

Yes RobM I need the client's (terminal PC's) IP address which is connected to the terminal server.

My apologies. Hrm. Could you run a remote script on the clients machine that would send out the ip using the @IPAddress?

JS

AutoIt Links

File-String Hash Plugin Updated! 04-02-2008 Plugins have been discontinued. I just found out.

ComputerGetInfo UDF's Updated! 11-23-2006

External Links

Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)

Link to comment
Share on other sites

My apologies. Hrm. Could you run a remote script on the clients machine that would send out the ip using the @IPAddress?

JS

I can't but I don't want too. I can watch this IP address in Terminal Services Manager window so I'm sure I can give this information somehow on the server.

Koder's method doesn't work because netstat lists all remote connections (port 3389) with IPs of all clients and I can't decide which is the current user's IP...

Any other idea? I tried DllCall() and wtsapi32.dll's WTSQuerySessionInformation function but it didn't succeed.

Link to comment
Share on other sites

I can watch this IP address in Terminal Services Manager window so I'm sure I can give this information somehow on the server.

Can you therefore glean IPs from that window using something like ControlGetText()?
Link to comment
Share on other sites

Can you therefore glean IPs from that window using something like ControlGetText()?

I don't want to open this window on the clients' screen every time they log in. There must be a way to get this IP address from the OS... The terminal server can give me several environmental informations like %CLIENTNAME% but not the client's IP...
Link to comment
Share on other sites

Ok, I remangled my code to work with alternate RDP ports and multiple connections. It will now report all terminal services connected IP address. Tested on a TS server with multiple connections...

Use this command line in a script to be transparent to the user.

RDP_Client -ip -s

I use BGInfo so this script writes to a registry location that BGInfo uses. BGinfo then collects this datum (among others) and writes to a SQL server.

The script can be easily modified to write to a file or do anything else with the data...

RDP_Client.au3

Link to comment
Share on other sites

How can you decide which IP address belongs to the current user? Netstat lists a lot of connections with a lot of IP addresses but I need only the current user's IP because I would like to log it...

Edited by Rece
Link to comment
Share on other sites

Okay.. I think I am slowly getting the information you are really wanting. You are wanting to know what the is the IP of the person sending a TS connection?

JS

AutoIt Links

File-String Hash Plugin Updated! 04-02-2008 Plugins have been discontinued. I just found out.

ComputerGetInfo UDF's Updated! 11-23-2006

External Links

Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...