Look into using the Terminal Services API... I just googled for Terminal Services API and immedately came up with:
http://msdn.microsoft.com/en-us/libr...64(VS.85).aspx
So I imagine that's the most likely avenue to investigate.
Otherwise what you would have to do is use something like the WinPCap driver which installs a sniffer to monitor all traffic on the network card. This can then be used to determine the type of traffic (TCP/UDP) the port the request is coming in from, the computer it is coming in from. I'm doubtful that it's possible to extract the username of the person connecting though...unless you can figure out how to decode the packets.
The easiest way I can think of to determine the username of the person connecting, is to either query the client machine to see who is logged in, or wait until they actually log in on the terminal server and check which username is used - they may connect to the terminal server using a different username/password than the client they connect from.
I suspect that checking a list of users on the server using the API involves referencing the WTSEnumerateSessions which from what I see retrieves a list of sessions on a specified terminal server...this implies that you can query any terminal server to which you have authority to query, although it doesn't explicitly say that, so I could be reaching.
I think using some combination of the API and the WinPCAP driver are the way to go. The API will give you access to who they logged into the server as, along with what they're doing on the server, which processes they access etc. The WinPCAP driver will allow you to snoop on the network traffic giving you information about where they're communicating from. Querying the WMI interface on the remote computer (assuming you have access to that) will allow you to determine who is logged in at that machine. Bear in mind that the person logged into the server may also be logged into the remote machine by remote desktop/terminal services also... it may not be the user sitting at the console... and so the cycle continues.
Of course, your application may not need such complexity. I'm just a suspicious network administrator type...