ps -ef | grep 'service_name_here'
From that determine the PID of the offending user and kill it.
or to be really forceful
If you need to keep him off, you can add his IP to a deny list (in my case I use tcp wrappers, so that would be /etc/hosts.deny). The method from the previous poster should work too, although I don't think it would kill his current session.