Many times users connect to remote Windows systems, do work, and close the remote session without properly log off the account. In that case, multiple applications, which are still running with that login session uses system resources. Sometimes it causes a slow response of our servers and creates pain for us. So this will be good to auto log off disconnected sessions from the Windows system.
This tutorial will help you to log all the disconnected remote sessions on the Windows system. This tutorial has been tested with Windows Server 2019.
We are making changes in the Local group policy of systems. So be careful with the changes.
First of all, open the ‘Group Policy Editor‘ on your server. Start run window by pressing “Win + R” and type gpedit.msc on run window.
The local group policy editor will be opened on your system. Then navigate to the following location as the below given instructions:
Local Computer Policy => Computer Configuration => Administrative Templates => Windows Components => Remote Desktop Services => Remote Desktop Session Host => Session Time LimitsYou will find a list of options on the right-side. Then Double click on “Set time limit for disconnected sessions” to open it.
By default, it is configured a ‘Not configured. Change this to ‘Enabled. Now you will see an option “End a disconnected session” in the lower-left side. Set this value to the desired time. I have set this to 1 hour, so any disconnected user is logged off after 1 hour.
In this tutorial, you have learned to configure your Windows system to auto log out disconnected remote sessions.
AT the company I work for we use DameWare Mini Remote Control. Not a free product, but they do have a fully functional trial version.
DameWare allows you to connect to the interactive session kind of like VNC, but extra features including the ability to remotely install the client on a remote machine.
The DameWare Mini Remote Control program is a powerful, yet lightweight remote control tool intended primarily for Administrators and Help Desk personnel. Mini Remote Control was developed specifically for 32-bit & 64-bit Windows Operating Systems [both Servers & Workstations], and was designed for quick and easy deployment without external dependencies and machine reboots. The Mini Remote Control program will run on, and also has the ability to connect to, remote machines running Windows 95, 98, Me, NT, 2000, XP, 2003, Vista, 2008 & 7.
//www.dameware.com/products/dmrc/
You can log off a user from a session in Remote Desktop Services Manager by using the Log Off action.
| To log off a user from a session |
In Remote Desktop Services Manager, in the left pane, click the Remote Desktop Session Host [RD Session Host] server on which the user session is running.
On the Users tab, right-click the user that you want to log off, and then click Log Off.
Click OK to log off the user from the session.
-
Windows Remote Assistance - in search bar type MSRA /OFFERRA and the box should appear
Note: the user will need to accept the connection
Was this post helpful? thumb_up thumb_down -
Or, you can log in as admin, enter task manager, go to the "users" tab, and right click the user you want to remote to.chrism1981 wrote:
Windows Remote Assistance - in search bar type MSRA /OFFERRA and the box should appear
Note: the user will need to accept the connection
Was this post helpful? thumb_up thumb_down -
You cannot do this on a workstation OS, it only allows a single connection, this is fine for servers though.JibbJabb wrote:
Or, you can log in as admin, enter task manager, go to the "users" tab, and right click the user you want to remote to.chrism1981 wrote:
Windows Remote Assistance - in search bar type MSRA /OFFERRA and the box should appear
Note: the user will need to accept the connection
1 found this helpful thumb_up thumb_down -
remote assistance is going to be your only option in this instance, you can use SCCM to do this too.
If you try to directly RDP to a users machine it will log them out.
If you said you could buy or use 3rd party tools there are many.
Was this post helpful? thumb_up thumb_down -
I suggest team viewer in this case setup unattended access and your IT guy needs to login team viewer web console.
It will have list of computers and he can take connection to any of the machine.
Remote desktop into users computer will have other session on users computer, while windows remote assistance is another good option.
Was this post helpful? thumb_up thumb_down -
3rd party software
0 of 1 found this helpful thumb_up thumb_down -
- You did not say if the goal is to watch the user's actions or to actually control the workstation as another user to do things.
- Also, is it no third party because $0 budget or because no trust in 3rd party or because this is a rule of the challenge?
- Also, is it no third party because $0 budget or because no trust in 3rd party or because this is a rule of the challenge?
- For Windows 7, this is a violation of the EULA. I am unsure about Windows 10, but I would not be surprised if it was the same.
Was this post helpful? thumb_up thumb_down - You did not say if the goal is to watch the user's actions or to actually control the workstation as another user to do things.
-
RDP will kick the user, 3rd party software is your way out here...
0 of 1 found this helpful thumb_up thumb_down
-
As others have said, there is no option to do this with RDC. You should look into Goverlan as a well priced solution.
Was this post helpful? thumb_up thumb_down -
As others have mentioned use MS Remote Assistance. I pushed out shortcuts for RA on everyone's desktop and now users can share their screens and work with other people in different branches and departments and this has been a big hit for them. This is only good when the person is there, if your looking for unattended access I would recommend Dameware Mini Remote. Put in the hostname/IP of the computer you are looking to connect into and it will use your domain account settings to authenticate you and allow you login to that computer. It pushes out a little client when you connect into the computer and you can also have have it uninstall the client or leave it. [I'd say leave it, so you can connect faster and get in and get out and move on to your next job] Good luck and congrats on the job!
Was this post helpful? thumb_up thumb_down -
SolarWinds DameWare doesn't log off the users. It works great!
//www.solarwinds.com/dameware-mini-remote-control
Was this post helpful? thumb_up thumb_down -
+1 for Dameware, That is a solid bit of software just dont type the wrong details and remote into a director's laptop while its on the back seat of his car :S [wasnt me by the way] haha
Was this post helpful? thumb_up thumb_down -
I have this exact setup where I am and I push a GPO policy to allow remote assistance and then setup a shortcut on my workstation with the following property:
C:\Windows\System32\runas.exe /netonly /user:DOMAIN\username "cmd /c Start /B C:\Windows\System32\msra.exe /offerra
Msra is great because it keeps a list of PC's you have connected to.
As noted in the reply's above, the user will have to "accept" the connection. It works exactly as I need it to.
EDIT:
Found this guide: //community.spiceworks.com/how_to/20886-offer-remote-assistance-using-the-ra-tools-built-into-...
-
VNC should be able to meet your requirements. +1 for windows remote assistance.
Was this post helpful? thumb_up thumb_down -
If you only need command-line remote access and don't need to actually interact with their desktop [you'd be surprised what you can do from the command line], use PowerShell Remoting [built into Windows] or PSEXEC [free from Microsoft]. PSEXEC is also one of the few methods for running commands as the built-in Windows System account; we use it to install AutoCAD remotely on workstations without users even being logged in.
Free with no additional software installed on the clients could include Intel vPro [if your workstations support it].
If you are prevented from using third-party software because of cost or licensing issues, there are free options available.
For free use while still legal in a business setting, some of your options include Chrome Remote Desktop, TightVNC, Join.me, Mikogo, and AeroAdmin.
If you can scrape together $250 with no additional licensing costs, I would recommend DameWare from SolarWinds.
Was this post helpful? thumb_up thumb_down -
We use Dameware for remote desktop support. Works as advertised on the tin.Taylor282 wrote:
SolarWinds DameWare doesn't log off the users. It works great!
//www.solarwinds.com/dameware-mini-remote-control
Was this post helpful? thumb_up thumb_down -
just setup unattended team viewer and login from web console and see how wonderful to manage things
-
The only option i can think of that will work that isn't a 3rd party is to use the built-in Remote Assistance feature. However like others said, the user will need to accept the connection. Otherwise you will need to look into 3rd party software like SCCM or other remote control software that allows you to login but keep the user logged into the machine.
Was this post helpful? thumb_up thumb_down -
I use RDPWrap //github.com/stascorp/rdpwrap/releases
Once installed on the remote PC, In the configuration, there is an option to disable "Single Session" [or something like that]. Which enables what you want [Log in without the current user even knowing about it]. It cant be the same account as the one currently logged in, though.
You can also use it to enable RDP on versions of windows where it is disabled [ie: windows 10 home].
My English is a little off but I'm guessing this is what you want. Let me know if it helped.
EDIT:
You can also edit the termsrv.dll.
Source: //www.mysysadmintips.com/windows/clients/545-multiple-rdp-remote-desktop-sessions-in-windows-10
Was this post helpful? thumb_up thumb_down -
I'll echo the other responses above.
And ... I'll remark upon your manager giving you work to perform on your days off. Technically that's illegal to do in the USA. If you're doing work on a day off then you're actually working and must be compensated. You cannot be an employee and perform volunteer work for your employer that directly correlates with your paid role.
.
1 found this helpful thumb_up thumb_down -
Third party software is likely your best bet, although I did run into a blogger that scripted a way to do this. That being said, I would take it with a grain of salt that this solution could easily become broken with a well placed MS Update. Also, I myself have not tried implementing this. But with all that said, this looks like a real interesting solution and may be what you are looking for if you are not willing to implement a third party solution [NOTE: article is about WIN10 but there is a link to the original WIN7 implementation]: //deployhappiness.com/concurrent-remote-desktop-crdp-for-windows-10/
Was this post helpful? thumb_up thumb_down -
Hello i dont know if you have a working solution yet but i might have one! No 3rd party software just a simple script.
Ends the remote session but does not cause the user to be logged out.
i put this into a txt file that i saved as .bat for simplicity.
without "s of course "tscon 1 /dest:console"
EDIT: I used this while running RDP from windows 10 to windows 10 and windows 7. over VPN.
Script must be run on the targeted PC. Does leave a small pop up window stating some connection was ended.
-
I don't believe this can be done on a workstation, only on server OS. I have always used a VNC client like ultraVNC or VNC viewer.
Was this post helpful? thumb_up thumb_down -
Your only options for a workstation are to tunnel in to the C drive directly, do the same with the registry, or go into the task manager and similar back-end applications as admin. Seeing what they are doing directly, which is what I suspect most bosses like this are REALLY asking for, is a whole other can of worms. If it's just remotely installing software and the like, BIGFIX or a similar setup can do that. Lansweeper also has some neat tools to collect data and manage software.
-
Meraki Systems Manager is free and has remote control/viewing and more for up to 100 devices. Requires agent install, though.
//documentation.meraki.com/zGeneral_Administration/Licensing/Systems_Manager_Licensing
Edit: added link/comment
-
Started playing around with PDQ Inventory which allows you to offer Remote Assistance. Works well so far
Was this post helpful? thumb_up thumb_down -
I suggest Teamviewer as well. Yes it is a medium one time cost but it is worth the hassle. Use all the additional security features to better keep the network protected.
I also agree, unless you are salary, you shouldn't be requested to do off-hours work. It you are studying for certs and the boss says 'hey while you're looking can you see if there is a solution for this' then yes it is okay. But if they are asking you to actively research and test then you should be getting paid to do so.
Was this post helpful? thumb_up thumb_down -
-
+1 for SolarWind's Dameware Mini Remote Control. I use it to manage my machines, and it work great. The per-administrator licensing [vs per-machine] makes it an attractive choice, too, since I'm a one-man show managing WAY too many machines!
I want to point out, too, that since Windows 7, connecting via RDP to a workstation no longer logs out a logged-in user --- it just disconnects them. They actually stay logged in, and their programs are still running. That might be pedantic, or it might be a helpful tip, depending on your situation and what you're trying to achieve.
Was this post helpful? thumb_up thumb_down -
For your days off? I am pretty sure those belong to you. If it is a work related project then it should be on the companies dime. If it is just for your education then fine but if he plans to use it for work, then he is stealing your time and work product.djinnovationzmills wrote:
Hello everyone. I just got hired as a computer tech and my IT Manager gave me a project for my days off. He wants to know how to remote control workstations using Remote Desktop Connection without loging of the other user. I have been searching online and have not come up with anything. Problem is that it can only be windows built in so no third party software. Maybe some scripts. The server we are running is Windows 2008 R2 and it is a windows 7 and windows 10 environment. Thanks in advance!
Was this post helpful? thumb_up thumb_down -
I agree with Jeffrey in that it looks like your boss is taking advantage...Unless he just asked you to think about something to get you used to thinking outside the box...I think we have all thought about or even worked on problems outside of the normal workday... just make sure these requests are not every week...In regards to your question, if you are using a domain and exchange and office, you could use the built in screen sharing ability of Microsoft Lync - check it out - as long as the user is signed into the Lync app, they can share their screen and even give you control if that is what you are looking for...You might need to frame your question better if that is not what you are looking for... as in what you hope to accomplish once you are remotely connected? And is RDP your only option? Does the boss need a 'free' solution or just one that does not need to be installed or as some have mentioned is there a 3rd party trust issue?
Was this post helpful? thumb_up thumb_down -
You can RDP into any user's workstation if you know their username & password. Set the connection to save your passwords and you can then easily log into any PC on your local domain. Of course the workstation will be locked while you're logged in, but you can then just "X" out of it and all running applications will remain open. I use this regularly as a fast & easy "free" method of installing updates on user's workstations after-hours.
Another option is to use a program like Softros, an inter-office instant messaging client which also has options for controlling a user's PC, or as others have mentioned, the Microsoft remote assistance tools. Need to be more specific what you're trying to do, and yes - don't get caught in the trap of working on your days off, it sucks! :[
-
Technically, it is possible to do what you're asking, via a hack. However, you'd be in gross violation of Microsoft's EULA. I would recommend MSRA or a third-party tool such as VNC or teamviewer ..
Was this post helpful? thumb_up thumb_down -
You dont need complex or even paid for solutions here. MS RA or VNC will do all you need here and cost nothing :]
Was this post helpful? thumb_up thumb_down -
We use Proxy Pro Master but yeah a client has to be installed.
-
Use instead Goverlan, Teamviewer or goto Assist
-
Ok, so there's a bit of information that we would need to give you accurate advice on the matter.
First off, what are you trying to achieve? Does the IT manager want to be able to remotely support an end user, shadow an end user, or are they expecting to be able to remote into a users computer and utilize it concurrently[make the desktop run 2 sessions]?
Secondly, you mentioned Server 2008, do you have Server 2008/R2 servers at your disposal? If so, have you considered setting up a small RDS farm?
If you are looking for a one[or more] box - multi user solution, RDS is about the best bet, given multiple concurrent user sessions on a desktop OS is a violation of MS's EULA. That's not to say that there isn't third party softwares that can achieve this, you just run the risk of invalidating your Windows X license for that box.
-
TightVnc is a good one, free and is compatible with 7 & 10 etc.
-
Depends on your system, but If you are 2008 R2 or newer, you can setup RDS services and jump on accounts - based on your policies, either with or without users permission to do so.
-
Would seem tough with just plain RDP because plain desktop OS doesn't allow for multiple users to connect at the same time [Although, there are methods to enable this and I have for my home lab].
If you have SCCM for desktop management and deployment you should take advantage of the built-in remote desktop software, given you have deployed the SCCM client on the machines. This will allow you to remote-in and you can choose in the settings whether or not it will prompt the user for connection approval. To me, this is probably the best RDP software, but you need licensing.
-
I'd note that while VNC is a solution, it is not inherently secure. If security is a concern, only use VNC if you are on a VPN or find secure VNC options
Was this post helpful? thumb_up thumb_down -
I agree with Dameware being the best solution if all computers are on the same physical network and domain. If users are in remote locations Remote Utilities //www.remoteutilities.com/ is a great solution. It does require a client to be installed on each machine but it can be distributed through GP. License is free for commercial use for up to 10 saved computers [you can swap out the saved computers if you like].
-
do some research on unattended remote assistance [URA]. using microsoft RSAT tools like psexec pushed out via gpo and the built in remote assistance feature you can set it up quite simply so that you can select or type in the computer or IP address and connect to a users session, the URA part allows you to access and control the screen even if the user isn't there. completely free and all using microsoft tools. have fun!
-
Haven't read all the responses so don't know if this has been discussed, but RDP doesn't actually logout the other user. When you send them the prompt to allow you to connect and they say OK, you get connected and they get the lockout screen, but they are not actually logged out. Don't know if that makes a difference to you.
-
How could I use it in SCCM?
Rod-IT wrote:
remote assistance is going to be your only option in this instance, you can use SCCM to do this too.
If you try to directly RDP to a users machine it will log them out.
If you said you could buy or use 3rd party tools there are many.
-
We can not use any third party software. I found out today that we also have no access to the server[ higher ups won't allow it]. We work for a casino chain so yea.
We want to remote control while the user is able to still view the screen[ not being logged out]. Our windows accounts have full permissions btw. -
As Rod said, you can't do this on a workstation. RemoteAssist will only allow partial control. If you have to get past UAC that'll be difficult [like you can with RDC]. Servers allow for concurrent connections.
If your boss wants a REAL solution, get DameWare Mini Remote.