Applies to: Nerdio for Azure (NFA) Professional and Enterprise users only.
How do I shadow a user's RDS session?
- Ensure the "Set Rules for Remote Control of Remote Desktop Services User Sessions" policy is configured properly on the host. By default, this policy is set as "Not Configured" which will not allow remote control of users sessions. Set the appropriate level of view and control in this policy. This policy can be found in Administrative Templates\Windows Components\Remote Desktop Servers\Remote Desktop Session Host\Connections\Set rules for remote control of Remote Desktop Services user sessions
- Retrieve the session ID number for the user you would like to shadow. This can be done while logged into the host and running "query session" from a command prompt. This will provide a report like the one shown below. As can be seen below, the "Shadowtest" user has a session ID number 2
- Run MSTSC.exe from the command prompt using the desired options below. For this example, we've connected to the shadow test account with control. Using the command "mstsc.exe /Shadow:2 /Control":
This is a very basic shadow including control. The user, in this case, would be prompted with the message below for consent:
After the user has accepted the request, you will be presented with the user's session.
Overview of available options for shadowing via mstsc.exe
Options | Action |
/shadow: ID |
Connect to the RDP session with the specified ID |
/v:servername |
Hostname or IP address of the RDP / RDS server (if not set, a current server/computer will be used) |
/control |
Allows to interact with the user session (if not set – a user session view mode is used) |
/noConsentPrompt |
Allows not to prompt the user for confirmation to connect to a session |
/prompt |
Used to connect with other credentials. The user name and password are requested to connect to the remote computer |
Comments (0 comments)