Use Remote Desktop Connection WITHOUT logging off user

InnovativeWorks

InnovativeWorks

Member
Reaction score
7
Location
72390
Hello everyone. I just got hired as a computer tech for and my IT Manager gave me a project for my days off. He wants to know how to remote control workstations using Remote Desktop Connection without loging of the other user. I have been searching online and have not come up with anything. Problem is that it can only be windows built in so no third party software. Maybe some scripts. The server we are running is Windows 2008 R2 and it is a windows 7 and windows 10 environment. Thanks in advance!
 
Last edited:
TurricanII said:
If you remote desktop as the user that is logged in already to the computer then the user does not get logged off. I guess you want to share the screen? Remote Assistance may be the way but then you'll need someone to send the request to you:

http://www.thewindowsclub.com/windows-remote-assistance-in-windows-8
Click to expand...
Eagle21 said:
Tell your IT Manager that on your days off you chill out and don't go near any computers.:)
Click to expand...
Both of these. Either your IT manager is an idiot or his is playing with you. It can't be done.
 
Are we talking about Remote Desktop Services (aka TS) or simple RDP connections to the server? If it's the latter, you need to install and configure RDS (licensed with the appropriate number or User/Device CALs and RDS CALs) for the users, else only you're limited to 2 (IIRC) concurrent admin connections to the the server.
 
Ah, yes. Missed that. The mention of Server 2008 threw me.

Yep, pretty limited in that case, without 3rd party software or using the well-known naughty desktop OS RD hack (not recommended).

Depending on the server spec', user requirements, etc, and assuming this is a domain environment, personally I would lean towards making things more server-centric. Use Folder Redirection to push the users desktop, files, etc to the server to be less workstation reliant and configure RDS, if necessary.
 
Remote Assistance uses the Remote Desktop Protocol. This program lets you do unsolicited remote assistance (aka the user does not have to accept) https://community.spiceworks.com/scripts/show/1963-007-remote-assistance There are some Group Policy settings you will have to enable, and there is one so that it will let you enter in credentials in UAC prompts (otherwise you just get a black screen). However, I heard that something is broken with Remote Assistance in Windows 10.

I use VNC, and used a GPO to deploy it to the workstations, however I don't think it is the most secure option. (since all workstations are basically using the same password for remote access, but it doesn't give you any domain credentials, so if a workstation is locked by a user, you just get the login screen)
 
InnovativeWorks said:
Problem is that it can only be windows built in so no third party software.
Click to expand...
Another thought: Is this because he has a distrust of other software vendors or because he's cheap frugal?

If it's the latter, you could use TightVNC and setup a VPN for remote users.
 
trevm999 said:
The next problem with this is figuring out how to connect into other user sessions like you can with a RDS server
Click to expand...
I could be wrong, but I believe that's where the 'Single session per user' option comes in:

38VbVJQ.jpg


I don't think it allows desktop sharing though, just multiple concurrent logins/sessions for the same user.

EDIT: Or perhaps it does ... looking at the shadowing options, I would imagine that covers it.


Like I said, I wouldn't recommend this route though; it's unsupported and it violates the EULA.
 
Last edited:
Moltuae said:
I could be wrong, but I believe that's where the 'Single session per user' option comes in:

38VbVJQ.jpg


I don't think it allows desktop sharing though, just multiple concurrent logins/sessions for the same user.

EDIT: Or perhaps it does ... looking at the shadowing options, I would imagine that covers it.


Like I said, I wouldn't recommend this route though; it's unsupported and it violates the EULA.
Click to expand...

Ah, rereading the OP, I think you're more on the mark of what the OP was looking for.

You can however create a remote powershell connection to any workstation without logging the user off. You can do about 90% of things you usually need to from the shell, the other 10% is a real PITA though.
 
Eagle21 said:
Tell your IT Manager that on your days off you chill out and don't go near any computers.:)
Click to expand...

I could not even fathom telling that lie.:D:oops:

Moltuae said:
Another thought: Is this because he has a distrust of other software vendors or because he's cheap frugal?
Click to expand...

We can't use 3rd party software because it's a casino chain and you know how "higher ups" can be. They use to use VNC back in the day though.

TurricanII said:
If you remote desktop as the user that is logged in already to the computer then the user does not get logged off. I guess you want to share the screen? Remote Assistance may be the way but then you'll need someone to send the request to you
Click to expand...


We want to remote control while the user is able to still view the screen( not being logged out). We have access to the server and our windows accounts have full permissions btw.
 
Casino and security is a concern? I'd be looking for a case for Terminal/Remote Desktop Server in the server room and thin clients on the floor. Then you can shadow the Remote Desktop sessions to view-only to observe, or share the session fully to give support.
 
Windows Desktop operating system is licensed for only 1x user console at a time. This means..locally, or via RDP. This is why it defaults to locked workstation when you RDP into a workstation.

I'm guessing this is for a helpdesk/support purpose. I would think a casino certainly has the budget to get an RMM tool to manage all the workstations...and remote in to shadow the local user session for remote support.
 
Is the goal view-only remote monitoring or is it untraceable unlogged hacked-together remote control of casino staff computers? Because the way you described it, the second has to be a consideration. Frankly, if you figure out a way to do this using just the built-in stuff in Windows then it needs to be patched.

If it's remote monitoring you may have more luck, in that with administrative rights you may be able to script something that will grab screenshots every (configurable period) and dump them to a network destination - I'm just not sure if it can run in an administrative context and still have access to the screen of the user currently locally logged in. At the very least, you may have to disable UAC on those systems, but you might also have to have something that runs as the logged-in user, but that's going to be visible at least at some stages.

If it's remote control, I hope you'll be out of luck and you should have a real talk with your manager about why he wants you to find ways to circumvent security with non-logging tools.

If you can open it up to third-party stuff you'll have a lot more options, with a lot of logging and auditing which I'd expect to be highly desirable in a casino environment.

Edit: Actually, RDP access to workstations is trivial as described in the original post - when you connect, the other person's session is disconnected/locked but not logged off. When you add the "remote control of the actively logged in user" is where you get Remote Assistance or third-party tools.
 
You must log in or register to reply here.

Similar threads

C
Taskbar icons and start menu icons disappear on domain users.
Replies
5
Views
2K
Chrisb41
C
JOsborne
Desktop Icons Turning off on Windows 7 - After enabling them, the user STILL sees no icons
2
Replies
22
Views
2K
Mick
M
Merlin Halteman
Windows 2012 Essentials R2 Connector Stops Responding During Install
Replies
5
Views
2K
TAPtech
TAPtech
K
HIPAA compliance/security negligence?
Replies
1
Views
823
fencepost
fencepost
O
Large amount of Storage/Backup solution
Replies
16
Views
3K
ohio_grad_06
O
Back
Top