Leave Windows Session Logged On

Is a bad idea for any reason to leave accounts logged onto Windows remote desktop sessions? So instead of logging off, just closing the session so it locks.

In this case, the limited number of remote desktop connections is not an issue. I am just wondering if anyone has seen sessions leak memory over time or maybe security issues with doing this, etc... I could see if programs were left open they might suck up and or leak memory, but has anyone seen this with Microsoft software such as Control Panels, Management Consoles, and Exchange System Administrator?


We have the situation where it's preferred that we log sessions off instead of just disconnecting. I'm currently in an app group and we own our servers above the OS level (that is, we install / admin / patch app level things such as SQL Server), however IT owns the os and hardware responsibilities. They prefer (as did I when I was in the IT group) that we log out instead of disconnecting so they don't have to get into the business of figuring out if we have something running interactively in the event they need to bounce a server.

Other than that, I've never run into a situation where keeping things connected was an issue. I pretty much leave my sessions logged in on my home machines all the time. Sometimes it's required if you're gathering metrics or something where an interactive interface is required.


I usually prefer logging off, because it just feels more "clean" (unless, of course, there actually is some application running which needs to run in an open console).

The console in and by itself shouldn't be an issue regarding memory leaks, security, etc.; but there are two scenarios where it can actually become one:

  • Someone needs to log on with another user account.
  • Someone needs to reboot the server.

In these scenarios, the other user can't do anything if he doesn't have administrative rights on the server (which maybe hasn't, even if he can manage what he needs to). But even if he does have them, he'll need to forcibly close the session, killing every running application the logged on user could have left open.

Also, the open session of course uses up some resources; very few, sure, but why waste them? You don't get any advantage from keeping sessions open; you still need to type your password in to unlock them.

My bottom line: just log off.

Unless, as stated above, you actually need to leave something running.


I do it ALL the time - not too worried myself as if the system is secure enough to be left alone then it's safe enough to leave a session alone.


Although I ask my users to always log off, rather than disconnect, I frequently leave sessions running while performing lengthy tasks. It all gets cleaned up anyway by the weekly reboot.