Unix Server Tech Knowledge Base

User Tools

Site Tools

Trace:
microsoft_windows:ts_shadow

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
microsoft_windows:ts_shadow [2021/08/20 14:50] – created rodolicomicrosoft_windows:ts_shadow [2025/01/25 22:19] (current) rodolico
Line 3: Line 3:
 We need the ability to remotely help windows clients. Prefer to not use things like GoToMeeting or something, especially as Microsoft appears to have something like this already. Following are the notes. We need the ability to remotely help windows clients. Prefer to not use things like GoToMeeting or something, especially as Microsoft appears to have something like this already. Following are the notes.
  
-Remote Assistance -- works on anything?? User sends an invitation, assistance uses that to make a P2P connection +===== Remote Assistance ===== 
-  * https://support.microsoft.com/en-us/windows/solve-pc-problems-remotely-with-remote-assistance-and-easy-connect-cf384ff4-6269-d86e-bcfe-92d72ed55922+Works on anything, I think. User sends an invitation, assistance uses that to make a P2P connection
  
-Remote Desktop Services: Session Shadowing -- Looks like it will work on a Windows Terminal Server, allowing an admin to take over (shadow) another users TS session+==== On user workstation ==== 
 +  Open Search Box and type //remote assistance// 
 +  Select //Invite someone to connect to your PC...// 
 +  - Select //Invite someone you trust to help you// 
 +  - Select //Use Easy Connect// (first time, after that magic) 
 +  - Follow instructions to send code to technician 
 + 
 +==== On Tech workstation ==== 
 +  - Open Search Box and type //remote assistance// 
 +  - Select //Invite someone to connect to your PC...// 
 +  - Select //Help someone who has invited you// 
 +  - Select //Use Easy Connect// (first time only) 
 +  - Select //Help someone new//, or select remote user from list 
 +  - Follow instructions (you will need the code they send you) 
 + 
 + 
 + 
 +===== Session Shadowing ===== 
 + 
 +Best suited for a Terminal Services server, though it looks like it will work with other machines also. However, an **administrator** on a Terminal Services server can access other users sessions quite easily. 
 +For machines other than the one you are working on, you need network access 
 + 
 +The first set of instructions is on the target server, to configure to allow shadowing 
 + 
 +  - Enable RDP and Remote Assistance 
 +  - Configure Shadow connection mode 
 +    - Open Group Policy Editor by running <code ps>gpedit.msc</code> 
 +    - Computer Configuration | Administrative Templates | Windows Components | Remote Desktop Services | Remote Session Host | Connections 
 +    - Select Rules for remote control of Remote Desktop user sessions 
 +    - Enable and choose an option 
 +    - Save 
 +  - Configure firewall 
 +    - allow TCP 139, 445 and RPC 49152-65535 
 +    - Set predefined rules 
 +      - File and Print Sharing (SMB-In) 
 +      - Remote Desktop - Shadow )TCP-In) 
 + 
 +From the source machine, make the connection. You will need the users Session ID. If they are directly logged in (ie, not using RDP), their session is always 1. 
 + 
 +  * If remote machine, use <code ps>qwinsta /server:PC_Name</code> 
 +    * Works just fine on Terminal Server, just leave the /server:PC_Name out 
 +  * If Terminal Server, logged in as an Administrator<code ps>query user</code> 
 + 
 +Now, run the command 
 +<code ps>Mstsc.exe /shadow:<Session ID> /v:<DNS or IP> [/prompt] [/control|/noConsentPrompt]</code> 
 +  * /shadow:**Session ID** is the users Session ID from the previous command 
 +  * /v:**DNS or IP** is the DNS name or IP of remote (ignore if local, or enter //locahost//
 +  * /prompt - prompt the user even if not required 
 +  * /control - explicitly set that "I want to control your system" flag 
 +  * **Example** connect to machine at 192.168.1.24, session ID 5, prompting and taking control<code ps>mstsc.exe /shadow:5 /v:192.168.1.24 /prompt /control</code> 
 + 
 +To exit, you can press Alt+*, the remote user can press ctl+*, or you can simply close the window. Also, ctl+alt+break (from your machineputs you in full screen mode 
 + 
 +**Note** These two commands are documented, but were not available on my Windows Server 2019. I may not have installed everything. 
 +<code ps> 
 +Get-RDUserSession | ft Username, UnifiedSessionId, SessionState, HostServer, ApplicationType -GroupBy Sessionstate -Wrap 
 +shadow {<sessionname> | <sessionID>} [/server:<servername>] [/v] 
 +</code> 
 + 
 +===== Links ===== 
 + 
 +  * https://support.microsoft.com/en-us/windows/solve-pc-problems-remotely-with-remote-assistance-and-easy-connect-cf384ff4-6269-d86e-bcfe-92d72ed55922 
 +  * https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/shadow 
 +  * https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/remote-desktop-services-terminal-services-command-reference 
 +  * https://woshub.com/rdp-session-shadow-to-windows-10-user/ (lots of ads)
   * https://social.technet.microsoft.com/wiki/contents/articles/19804.remote-desktop-services-session-shadowing.aspx   * https://social.technet.microsoft.com/wiki/contents/articles/19804.remote-desktop-services-session-shadowing.aspx
   * https://social.technet.microsoft.com/Forums/en-US/ef79b328-3a91-4183-a37f-faeee86741a3/server-2019-rds-administrative-session-shadowing-works-but-shows-a-black-shadow-window   * https://social.technet.microsoft.com/Forums/en-US/ef79b328-3a91-4183-a37f-faeee86741a3/server-2019-rds-administrative-session-shadowing-works-but-shows-a-black-shadow-window
microsoft_windows/ts_shadow.1629489056.txt.gz · Last modified: 2021/08/20 14:50 by rodolico