TVs. Consoles. Projectors and accessories. Technologies. Digital TV

Using Remote Desktop Shadow from the Graphical GUI

Error may occur when trying to send emails through Windows Live Mail. This utility serves to manage email accounts and emails.

There is currently a conflict between Windows Live Mail and One Drive due to which many users are facing this error. Most people receive it when they send an email with an image attached.

The image you send is uploaded to OneDrive(previously SkyDrive). But recently, users Windows Live Mail cannot send images attached to emails due to this conflict. Users could not send images as Album, but you can always send them like Attached file.

Now let's look at methods to solve the error .

Method #1 Sending an image using an “app” rather than an Album

This method is for those who experience an error when trying to send an image in a letter. To resolve the situation, do the following:

  • Compose a new letter to send.
  • Click on " Insert«.
  • Now click on " Attach file“(paperclip icon).
  • Navigate to your image that you want to select.

Using this method of sending, you can easily bypass the error .

Method No. 2 Delete messages from Outbox that are pending approval

This method is for those who get an error in Windows Live Mail when sending even a simple text message. Do the following:

  • Go to " Outgoing«.
  • Select the letters from the image that are added as Albums.
  • Delete them all (make a copy if necessary).
  • Now compose a new email with the text you want to send.

This time when you send a letter, you will be able to do it without any complications.

Question: Clients cannot create a DRP session, while authorization at the remote desktop gate occurs


Greetings to all those present.

There is the following incomprehensible glitch.
There is a server on 2012r2 with the role of terminal server.
The server is located in a farm with a domain controller and a Remote Desktop Gateway server, on which the external IP is raised.
Sometimes clients cannot create a DRP session to this terminal server.
In this case, authorization at the remote desktop gate occurs, and then transparent authorization should occur at terminal server, but the connection process hangs on "initializing remote connection"
The RDP session does not appear on the terminal server.

The problem varies from user to user, while the same user may not be able to connect from one computer but can connect without problems from a neighboring one.
There is nothing in the logs about terminal session errors.

I no longer know where to dig and therefore I appeal to the help of the IT community.

Answer: I did as written in the article, but the problem remained.
Swears

Remote Desktop Services failed to join the Connection Broker on server ts02
Error: Current async message was dropped by async dispatcher, because there is a new message which will override the current one.

Remote Desktop Connection Broker Client failed to redirect the user domain\user
Error: The remote procedure call failed and did not execute.

Failed to create KVP sessions string. Error Code 0x8007007A

Remote Desktop Services has taken too long to load the user configuration from server \\dc01 for user

I really don’t want to disassemble the terminal server stack.

Question: Limit Remote Desktop Service users to one session


Hello.
There is an NLB cluster of 3 terminal servers (load balancing). The "Remote Desktop Connection Broker" is the domain controller. In the GPO, in the policy that applies only to terminal servers, there is Limit Remote Desktop Services users to one Remote Desktop Services session - enabled. But some users I still manage to work simultaneously from several remote clients!
Why?
Help prevent users from making multiple sessions.
Maybe this policy should also apply to the "connection broker"?

Answer:

Message from Max

The number of sessions is set on the terminal server in the Remote Desktop Manager.

I rummaged around in the Remote Desktop Services Manager and didn't find anything like that there. Tell me where it is located?
And will it really help? If I set “maximum number of sessions to 1” on all Terminal servers, the user logs in to server No. 1, then what will prevent him from logging in to terminal server No. 2? On the second server there is no session of such a user - it will be the first.
By the way, this is what happens to me: if a user logs in twice, then the sessions must be on different terminal servers.

Question: Always active remote desktop session on Windows Server 2012


Good day everyone, I have a Windows Server 2012 r2 server, I installed a bot (clicker) on it for online games. As long as I am connected to the server via RDP, the robot works fine, that is, as long as there is an active remote desktop session. As soon as I disconnect from the server, the robot stops seeing the game and “Cannot find Window...” errors appear. Apparently this happens because it turns off graphic mode after the session ends.

At the moment I found a solution (perversion) to the problem: I created a second user on the server and connected to it via RDP (localhost) and raised a bot under it, in this mode everything works as it should. But that's not an option. I think there is a more rational way. How to make it visual Windows environment worked even after the remote desktop session ended?

Answer:

Quote ILNUR17021992:

An option is to run the program in an active local user session.
To do this, you need to connect to the server using the VNC protocol (there are many third-party server programs) or through “Remote Assistance”
Or use RDP with shadow connection to local user session

Question: Cannot connect to Remote Desktop (RDP)


Good day.

Doesn't connect to remote desktop

RDP services are enabled.
The firewall is enabled - port 3389 is open.
Port forwarding is configured on the router.
IP address - static is there domain name, both ping.
On the computer from which the connection is made - Windows XP SP3 32bit, the connection is made to someone with Windows 7 SP1 64 bit maximum.
Both computers have KIS2013 installed. I tried to disconnect both there and on the other and only on one - it still doesn’t connect.
Channel - 100 Mbit/s, not loaded.

The connection was made via a standard remote desktop in Windows 7 and XP, in both cases it does not connect.

Where to dig?

RDP also does not work on the client on a smartphone/tablet

Answer: What is the error text? Is the user whose credentials you are trying to log in with on the server in the "remote desktop users" group?

Question: How can I configure my firewall so that it does not block remote desktop?


Good day! Help me deal with the following situation. There was a need to create on the server (Windows Server 2008, located in local network with a domain structure) a rule for the firewall so that it blocks connections via specific port. So, after turning on the firewall (namely in the “Domain Networks” section), ping and the ability to connect via remote desktop disappear. When the firewall is just running, the created rule does not work, and when you set the "Enable" parameter Windows Firewall"in Control Panel -> Checking the firewall status -> Enable and disable b. -> Settings for hosting on a domain network - the rule works, but the remote control is disabled. What can I do?

Answer: uel, after disconnecting remote access, resetting the firewall and enabling remote access, the request to open ports did not appear. However, the problem was solved in a different way. It turned out that the antivirus was to blame. When it was turned off, the remote desktop started working even with the firewall turned on (you just had to adjust the rules). The strange thing is that when the firewall was turned off, the antivirus did not block the remote account in any way.

Question: Remote desktop does not work


Hello. Configured remote desktop on the server. It runs Windows Server 2008. It spins web server And file server. I forwarded the ports on the router as expected, with the endpoint 3389. From the local RDP network, when the input is through the server name, everything works fine. But when I log in via IP, I just don’t want to log in. The user selection field appears. I tried entering a name in the name field account- Administrator and password and full address of the server name on the local network/Administrator. Still doesn't work. Tell me where to look for the problem. Thank you.

Answer: What's on your servers with Remote Desktop licensing?
Have you tried running mstsc on the client as administrator?

Question: [Solved] Printing from a remote desktop


Hello!
There is a dedicated server on which 1C databases and all documents are stored. The accountant connects to it from two machines - one has Win XP SP3 with an HP2055dn printer, the other has Win7 x64 c Samsung printer SCX-4200
The accountant connects to the session and his local printers are forwarded to him, he prints from the server to local printers. When I set it up for the first time, everything took off instantly. But then problems started on the Win7 machine.
In general, now the situation is as follows: the printer is visible on the server, we send it for printing, the document becomes visible on local printer in the print queue with the name "Redirected remote desktop printer document", you can see how data is transferred. In the folder C:\Windows\System32\spool\PRINTERS you can see that job files with the extensions .SHD and .SPL are created and disappear (and if you set the saving of documents in the settings, they do not disappear)
There are no errors, but nothing ends up being printed! Prints locally, not remotely.
I’m already thinking about trying TS Easy Print, but I’d like to figure it out first, because I’m getting an error on the local machine, but I can’t determine which one =(

Answer: Thanks everyone, I solved the problem using piracy and ScrewDrivers
To be safe, after installing the server and client parts, I disabled printer forwarding in the remote desktop settings, rebooted the server after installation, everything was picked up and printing.
If anyone is interested, I installed ScrewDrivers 4.7.5.60 on Windows Server 2012 R2, the manual said about using virtual channels, but this is for older versions of servers, nothing is needed here

On Windows 2012 R2 and Windows 8.1 Microsoft returned functionalityRemoteDesktopShadowing(shadow connection). Let us remind you that the Shadow mode (shadow session) can be used by the administrator to view and manage the existing RDP session of any user. This operating mode has been supported almost since the first versions of the Microsoft terminal server and was unexpectedly removed in Windows Server 2012 (due to the transfer of the rdp stack from kernel mode to user mode). RDS Shadow functionality also works in the following OS versions: Windows Server 2016 / Windows 10.

In addition, the RDS Shadow connection mode and RDP client have a number of new interesting features. Full list mstsc.exe RDP client parameters that determine the possibility of remote shadow connection to the end user session:

Mstsc.exe ]

/shadow:ID– connect to the RDP session with the specified ID.

/v:servername– RDP/RDS name of the terminal server (if not specified, the current one is used).

/control– the ability to interact with the user session (if not specified, the user session viewing mode is used).

/noConsentPrompt– do not ask the user for confirmation to connect to the session.

/prompt – used to connect under different credentials. You are prompted for a username and password to connect to a remote computer.

Limitations of RDS shadow sessions in Windows 2012 R2

  • Only the server administrator can connect to other people's sessions. These rights cannot be delegated by a regular user.
  • RDSShadowwill not work on workgroup based networks

Using Remote Desktop Shadow from the Graphical GUI

You can connect to a user session using the mstsc.exe utility or directly from the Server Manager console. To do this, in the Server Manager console, open the QuickSessionCollection

By clicking on the session of the user you are interested in, select context menu Shadow (Shadow copy).

The Shadow Connection Settings window will appear. Possible viewing ( View) and control ( Control) session. In addition, you can enable the option Promptforuserconsent(Request user consent to connect to the session).

If the “Prompt user consent” option is selected, the user will be asked in the session:

Request for remote monitoring

Winitpro\administrator requests remote viewing of your session. You accept this request.

Winitpro\administrator is requesting to view your session remotely. Do you accept the request?

If the user confirms the connection, in view mode the administrator will see his desktop, but will not be able to interact with it.

Advice. To disconnect from the user session and exit shadow mode, press ALT+* on workstation or Ctrl+* on the terminal server (unless alternative combinations are specified).

If the user rejects the connection, a window will appear:

Shadow Error:


If you try to connect to a user session without asking for confirmation, an error will appear indicating that this is prohibited by group policy:

Shadow Error: The Group Policy setting is configured to require the user’s consent. Verify the configuration of the policy settings.

Parameters for remote management of user RDS sessions are configured by policy Set rules for remote control of Remote Desktop Services user sessions (Set remote control rules for Remote Desktop Services user sessions), which is located in the section Policies -> Administrative Templates -> Windows components -> Remote Desktop Services -> Remote Session Host -> Connections (Administrative Templates -> Windows components–> Remote Desktop Services – Remote Desktop Session Host –> Connections) in the user and “computer” sections of the GPO. This policy corresponds to the dword registry parameter Shadow in the thread HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services.

This policy can configure the following shadow connection options via the RD Shadow shadow connection::

  • No remote control allowed - remote control not allowed (Shadow registry key value = 0);
  • Full Control with users’s permission - full control with user permission (1);
  • Full Control without users’s permission - full control without user permission (2);
  • View Session with users’s permission – monitoring the session with user permission (3);
  • View Session without users’ permission – monitoring the session without user permission (4).

RDS Shadow connection from PowerShell

You can also use the functionality of a shadow connection to a user session through a Remote Desktop Services shadow connection from Powershell.

First of all, we will show how to get a list of sessions on the terminal server (user sessions will be grouped into groups depending on their status):

Get-RDUserSession | ft Username, UnifiedSessionId, SessionState, HostServer, ApplicationType -GroupBy Sessionstate

On this server we found three active terminal sessions. Let's connect to the user session with session ID 3:
Mstsc /shadow:3 /control
You can also run the command to get a list of all sessions on the server

The screen will display a list of RDP sessions, their ID and status: active session (Active) or disconnected (Disconnected).

To get a list of sessions on remote server run the command:

query session /server:servername

For more convenient shadow connection to sessions, you can use the following script. The script will prompt you to enter a name remote computer and will display a list of all sessions and prompt you to specify the session to connect to:

shadow.bat

@echo off

query session /server:%rcomp%
set /P rid="Enter RDP user ID: "

Can be placed this file to the %Windir%\System32 directory, as a result, for a shadow connection, just run the command shadow.

To connect to a console session you can use the following script:

@echo off
set /P rcomp="Enter name or IP of a Remote PC: "
for /f "tokens=3 delims= " %%G in ("query session console /server:%rcomp%") do set rid=%%G
start mstsc /shadow:%rid% /v:%rcomp% /control

How to allow standard users to use a shadow connection

In the examples discussed above, to use a shadow connection to terminal sessions, you need local administrator rights on the RDS server. However, you can enable the use of a shadow connection to connect to user sessions and ordinary users(without giving them local administrator rights on the server).

For example, if you want to allow members of the AllowRDSShadow group to shadow connections to user sessions, run the command:

wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSPermissionsSetting WHERE (TerminalName="RDP-Tcp") CALL AddAccount "corp\AllowRDSShadow",2

In January 2018, after installing update KB4056898 (), users encountered that shadow access stopped working in Windows Server 2012 R2. When you try to make a shadow connection to someone else's session, the message “Unidentified error” appears (the error STATUS_BAD_IMPERSONATION_LEVEL is present in the logs). A similar problem arose on the RDS farm on Windows based Server 2016.

To solve the problem you need to install separate updates:

  • for Windows Server 2016 - KB4057142(from January 17, 2018)
  • for Windows Server 2012 R2 - K.B.4057401 (from January 17, 2018)


Share with friends:
Related publications