LogonSessions v1.41

By Mark Russinovich

Published: November 25, 2020

Download LogonSessions (667 KB)

Introduction

If you think that when you logon to a system there's only one active logon session, this utility will surprise you. It lists the currently active logon sessions and, if you specify the -p option, the processes running in each session.

Usage: logonsessions [-c[t]] [-p]

Parameter	Description
-c	Print output as CSV.
-ct	Print output as tab-delimited values.
-p	List processes running in logon session.

Example output

Shell

C:\>logonsessions -p 

[13] Logon session 00000000:6a6d6160:
    User name:    NTDEV\markruss
    Auth package: Kerberos
    Logon type:   RemoteInteractive
    Session:      1
    Sid:          S-1-5-21-397955417-626881126-188441444-3615555
    Logon time:   7/2/2015 6:05:31 PM
    Logon server: NTDEV-99
    DNS Domain:   NTDEV.CORP.MICROSOFT.COM
    UPN:          markruss@ntdev.microsoft.com
    15368: ProcExp.exe
    17528: ProcExp64.exe
    13116: cmd.exe
    17100: conhost.exe
     6716: logonsessions.exe

Download LogonSessions (667 KB)

Runs on:

• Client: Windows Vista (32-bit)and higher
• Server: Windows Server 2008 and higher
• Nano Server: 2016 and higher