This post is about how to shadow a user session if the Windows Remote Desktop Server is not connected to a domain. If the server is connected to a domain, you can go to server manager, RDS Manager, and right click on current sessions to shadow and connect. When the server is in Workgroup mode (not connected to domain) the Remote Desktop Services Manager page is not accessible in Server Manager. To shadow another user’s sessions in Windows Server 2016 in Workgroup mode, use the following steps:
1) Open command window by clicking start, CMD. You must be using an account with administrative privileges. If you are using an account with administrative privileges that isn’t the named Administrator account, you must run in administrator mode (right click on cmd and click run as administrator)
2) Type quser.exe to determine the session number of the user session you want to shadow.
C:Usersadministrator.computer>quser.exe (note: typing “>qwinsta” without .exe will show similar information)
USERNAME SESSIONNAME ID STATE
administrator rdp-tcp#0 1 Active
user1 rdp-tcp#1 3 Active
3) In this example, the Administrator is going to shadow the user1 session which is session 3. You need to know the session number (“3”) for the next step.
4) Start shadow session by typing “mstsc /shadow:# /control” where # is the session number to shadow and /control allows you to control the session.
C:Usersadministrator.computer>mstsc /shadow:3 /control
- The basic requirement is to have access to all Remote Desktop Services, including RD licensing, RD Web Access etc. Without configuring the server as a Domain Controller and Active Directory.
- Remote Desktop Services Windows 2016 No Domain Controller Background: Just trying to see if I can get a succinct answer to whether I can run a remote desktop service (RDS) on Windows 2016 without having a Domain/Active Directory setup.
- Turning to the server editions of Windows, both Windows Server 2012 and Windows Server 2016 allow only a single Remote Desktop session, preventing multiple remote desktop connections. You can however choose to enable (or disable) multiple RDP sessions as needed. Enabling Multiple Remote Desktop Connections in Windows Server.
5) The other user (user1 in this example) will get a popup called “remote control request” and must press Yes before shadow session will open.
6) The shadow session will open and you’ll be able to view the user1 session desktop screen.
From the server manager select Tools then ‘Remote desktop services’ then click ‘Remote Desktop Licensing Manager’. First thing we do in the licensing manager is right click the server node and click ‘Activate Server’. Click Next on the wizard. Select ‘Automatic Connection’ and press Next. By default in Windows Server 2016 remote desktop is disabled. Here we cover how to turn on and enable remote desktop protocol (RDP). Note: In Windows Server 2016 Essentials edition, remote desktop is already enabled by default so you will not need to manually do this. Remote desktop can be enabled through the graphical user interface (GUI) with the following easy steps.
IF YOU WANT TO SHADOW A USER SESSION WITHOUT NEEDING THEIR CONSENT FOR THE SHADOW SESSION TO OPEN:
Windows Server 2016 Remote Desktop Services Without Domain Free
- Enable the following group policy by going to gpedit.msc and then Local Computer Policy, Computer Configuration, Administrative Templates, Windows Components, Remote Desktop Services, Remote Desktop Session Host, Connections.
- Enable the setting “set rules for remote control of Remote Desktop Services user sessions” and select the option for “Full Control without user’s permission” in the dropdown.
- Reboot the server to make the group policy take effect (or open elevated command prompt and type in gpupdate.exe /force)
- Then using the same command as in the section above add “/noconsentprompt” like this:
- mstsc /shadow:3 /control /noconsentprompt
- It will still prompt the user to authorize control but if they don’t within 5-10 seconds, the shadow session will open even without their authorization.