Quick question: I have a situation where I need to let multiple people on different PCs log into one server 2008 machine as administrator simultaneously over remote desktop. I have the CALs for it, it's just not set up correctly. When one user tries to log in, it boots the other out. What I need is to present to them a different session, just each as logged in as admin. Sorry for the slightly rambling post, I'm new here. Thanks!
-
That's a new one for me! I don't know the answer, but +1 for an interesting question. – Maximus Minimus Feb 23 '10 at 21:49
-
1Is this box setup as a (RD Session Host/Terminal Server)? – Zoredache Feb 24 '10 at 00:44
6 Answers
A single user account can have multiple sessions in Windows 2008. On the server, run tsconfig.msc to bring up the Remote Desktop Session Host Configuration. Under "Configuration for server", double-click any of the general settings. Uncheck the box next to "Restrict each user to a single session" and click OK.
- 348
- 1
- 4
- 8
-
1By the way, I did this for a while and now there are always two sessions I have to choose from... not sure where I should log out from but I've disabled this again after a brief discussion. – icedwater Aug 20 '13 at 02:28
-
2@Craig, What's the equivalent of `tsconfig.msc` in the other Windows Servers? I can't seem to find it both on Server 2003-R2 and Server 2012-R2. Do you mean `tscc.msc`? – Pacerier Mar 13 '15 at 17:07
That's by design. Give their accounts the proper permissions they need on that server and have them log on as themselves instead.
Is there any special reason for them to share an account?
If the server is set up as a real Terminal Server (ie not just using the default Administrative Remote Desktop) then the single session per user enforcement should be possible to turn off. But the additional problem of never being able to reconnect to the same session seems like an annoying prospect - so setting forced logoff after some time would be essential and so on... it's just, wrong ^^
- 10,740
- 3
- 32
- 48
-
1They want it this way because they believe it is "the way" to do it. I work in a very small company and being just out of college means I have to bow to everyone's wishes, best practices be damned. Not ideal, but at least I have a 9 to 5. – Little_Johnn Feb 23 '10 at 22:06
-
2@Little_Johnn in this case I think you will have to tell them they are wrong, and it's not the way, because it's not going to work the way they want, although you'll prob want to phrase it better than that! – Sam Cogan Feb 23 '10 at 22:17
-
2Well that's one way of looking at it, another is that part of an administrator's job is to promote best practice and initiate change. Should be easy to tell them it's simply impossible rather than the fact that it's also stupid ^^ But check my edit – Oskar Duveborn Feb 23 '10 at 22:21
-
I seem to recall in my foggy memory something about a maximum number of RDP connections on Windows Server when it was in "admin only" mode. I'm wondering if he doesn't have it "switched" to the proper mode, and so when one admin connects, the server follows its one and only imperative: kick the other admin out. :P Sounds like the RDP connection settings are not right. – Avery Payne Feb 24 '10 at 02:41
-
1That's why I used a Citrix Metaframe dedicated NT machine back in the day. It was terribly expensive but completely flexible. And yes, I took your advice: Each user logged in as themselves. Made searching logs easier for me when there were the inevitable issues. http://toastytech.com/guis/remotecitrix.html – SDsolar Mar 28 '18 at 02:42
You can do this by setting the fSingleSessionPerUser registry key: http://remotedesktoprdp.com/force-single-session-allow-multiple-sessions-per-user
- 131
- 4
While you can do as Craig Putnam suggests, I would not. Instead, create individual admin accounts on the machine for each user. This promotes accountability. Even with auditing disabled/not configured, some things can be tracked and you can at least have a chance at identifying the person/persons who mess up the server.
Can you otherwise clarify why it must be the way they want it? When you give full details, we may be able to present other ideas that can be even better than what you were initially hoping for...
- 1,815
- 9
- 10
Yes it is possible even on windows home or home premium it can be done both manually or with a download. I use it all the time because it saves me allot of time. Its called Concurrent RDP Patcher and can be downloaded here : http://www.raymond.cc/blog/download/?did=125
This allows more than one user to access the device with only one admin logon.
- 11
- 1
-
I do agree however in regards to the several comments in regards to accountabillity as you would not know who did what using any other means. – ITBASOLO Mar 20 '13 at 18:41
If all the users are using the same username to login, I dont even see the need to spend on the CALs. I suggest you create unique accounts for all users, and activate the CALs with per user on the terminal server.
(CALs are used per user or per device basis)
- 355
- 1
- 4
- 16