Forum Discussion
disconnect-vpnuser error. (Powershell, RRAS)
Hello, I'm trying to disconnect a user from a RRAS VPN Server with the below PowerShell command: disconnect-vpnuser -username domain\username However, I get the below error when the comma...
PowerShell will use some CIM classes to do this task, lets try it and run the following command in the RRAS Server itself
$xArg=@{
ComputerName =$null
PassThru = $null
UserName = @('DOMAIN\TheUserName')
}
Invoke-CimMethod -ClassName PS_VpnUser -Namespace "Root\Microsoft\Windows\RemoteAccess" -MethodName "DisconnectByUserName" -Arguments $xArg
Btw, are you using Microsoft Direct Access or its just an RRAS
Let me know if the command above disconnects the user.
in the background, this is what PowerShell should be calling.
Thanks for the reply again. When I run the script that you provided I get the below error. Similar to what I get in running disconnect-vpnuser. I am using just VPN without Direct Access. The sad thing is I have used disconnect-vpnuser on this server before. I'm using a standard phonebook entry for the user to connect via SSTP to the VPN. I have rebuilt WMI, disabled RRAS and reinstalled with the default settings. I have even built a new server that even gives the same error. At this point I'm looking into Group Policy settings to see if something is causing this error.
Invoke-CimMethod : User domain\user cannot be disconnected.
At line:6 char:1
+ Invoke-CimMethod -ClassName PS_VpnUser -Namespace "Root\Microsoft\Windows\Remote ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (domain\user:) [Invoke-CimMethod], CimException
+ FullyQualifiedErrorId : REMOTEACCESS 200,Microsoft.Management.Infrastructure.CimCmdlets.InvokeCimMetho
dCommand
PSComputerName
--------------
- would you please check windows update history?
when this command last time was working and the installed update after thatNo updates have been installed since 2017. The command was working prior to some firewall rule changes and enabling Certificate Enrollment.
I'm currently building a new RRAS using only the Windows 2012 R2 ISO.
- I found my problem. I want to thank you again for replying and offering help.
I have a unique setup going on with my VPN where I'm assigning users static IP Addresses through the Active Directory Dial-In properties. I'm also using Radius with a Network Policy Server. My problem was the NPS Policy. On the VPN I have Inbound and Outbound rules set on each NIC. I also had IP Filters enabled on my NPS Policy with the same settings. Once I removed the IP Filters from the NPS Policy I was able to use disconnect-vpnuser successfully.