blister911
MIS
Hello,
I'm attempting to write a powershell script to find orphaned processes/files/handles for a specific user and then forcefully close them (on a Windows 2008 R2 application server, running Citrix XenApp). I cannot run the command to close the process directly on the server (handle -c <handle> -p <pid>), so I believe my issue is with Windows and not powershell.
Here is the background:
We have some users that get orphaned processes on our application servers. This prevents them from being able to run another session of that same application, as we only allow 1 per user. Anyway, I can see they still have an active profile on the server, but no processes under task manager, no processes under process explorer (sysinternals), and Citrix does not show them as connected to any servers. However, if I run "handle <username>" I can see several processes that are linked to the user.
I have written a small powershell script that will take the output from handle, parse it, and then redirect it back into the handle command to close them. It appears to work correctly for all of the files/handles except those under PID 4 (System). For those I get an error stating:
Error closing handle:
T
My testing has been primarily from the command prompt on the server, but I've also tried running a powershell window as NT AUTHORITY\System (psexec -is powershell), but that gives the same results.
So I my question is: How do I close those Files/handles that are associated with PID 4?
Thanks.
Light travels faster than sound. That's why some people appear bright until you hear them speak.
I'm attempting to write a powershell script to find orphaned processes/files/handles for a specific user and then forcefully close them (on a Windows 2008 R2 application server, running Citrix XenApp). I cannot run the command to close the process directly on the server (handle -c <handle> -p <pid>), so I believe my issue is with Windows and not powershell.
Here is the background:
We have some users that get orphaned processes on our application servers. This prevents them from being able to run another session of that same application, as we only allow 1 per user. Anyway, I can see they still have an active profile on the server, but no processes under task manager, no processes under process explorer (sysinternals), and Citrix does not show them as connected to any servers. However, if I run "handle <username>" I can see several processes that are linked to the user.
I have written a small powershell script that will take the output from handle, parse it, and then redirect it back into the handle command to close them. It appears to work correctly for all of the files/handles except those under PID 4 (System). For those I get an error stating:
Error closing handle:
T
My testing has been primarily from the command prompt on the server, but I've also tried running a powershell window as NT AUTHORITY\System (psexec -is powershell), but that gives the same results.
So I my question is: How do I close those Files/handles that are associated with PID 4?
Thanks.
Light travels faster than sound. That's why some people appear bright until you hear them speak.
