Remote desktop auto start session on workstation login

Question

I am setting up Remote Desktop Services for use by one of our remote offices. The workstations at the remote office are all Windows 7 Pro, joined to the domain. There is nothing installed on the local workstation othern than the Win7 OS. The remote and main office are linked via VPN.

The workers will login to the local workstation, using their domain login, then right now double click an icon on the desktop which will do the RDP to the Remote Desktop Server. This does work fine, but requires some user education.

Is there a way that when the user logs into the local workstation, it will start the RDP session right away and pass their username/password through as well?

Would using a thin client PC do what I am asking?

Thanks.

You could place a user-tailored .rdp file in each of their Startup folders, with the IP and username already entered. This will eliminate the need for them to doubleclick the icon themselves. They will still be prompted for their password a second time. It sounds like a thin client would also take care of you. The size of the remote office and the other demands on your time will determine if you want to spend the time to do it yourself or roll-out a thin client solution. — JamesCW, Dec 09 '11 at 20:52
It's 5 computers, with about 50 workers (24/7 staffing) and a fairly high rate of new staff hires. Lots of students and part time. So I'd like to keep it as simple as I can for them. I may pickup one thin clint to see how it well it works. — me2011, Dec 09 '11 at 21:14
@me2011 I would love to see the script that is making the logout work correctly. — , Dec 10 '12 at 20:57

Zoredache · Accepted Answer · 2011-12-09T21:09:31.030

9

You should be able to accomplish this pretty easy.

Setup the client to auto start, use one of these methods.
- Drop an RDP file or shortcut in their startup group or the system startup group.
- Set a group policy that will automatically start the terminal server client at logon
  - GPO: User Configuration \ Admin Templates \ System \ Logon \ Run these programs at logon
  - The user will have a local desktop, and there may be a short delay between the display of the desktop and the client automatically launching.
- Set mstsc as the windows shell
  - GPO: User Configuration \ Admin Templates \ System \ Custom User Interface
  - The down-side is that the user will not have a local environment, and when they disconnect their system will logout.
Enable RDC Client Single Sign-On for Remote Desktop Services.

edited Dec 09 '11 at 21:09

answered Dec 09 '11 at 20:54

Zoredache

128,755
40
271
413

Thanks, I figured it would be pretty straight forward, I'll work on it this weekend. I like the 3rd option that logs them out of the local desktop on disconnect actually. – me2011 Dec 09 '11 at 21:14
A computer of issues, using the set mstsc as the windows shell it did auto start. However when logging out of the remote computer, the local computer sits at a blank screen until I crtl-alt-del and logoff that way. Is there anyway around this? 2nd issue, the enable SSO didn't actually say what GPO policy to edit, and none of them in there appeared to be what I needed to enable SSO. – me2011 Dec 19 '11 at 20:24
I was able to figure out a work around for these. For the logout issue, I am using a batch file as the Customer User interface, which starts mstsc with the command line for the server in full screen. The second line of the batch file is the shutdown logout command which bring the workstation back to login screen. For the SSO this link actually got that working http://blogs.msdn.com/b/rds/archive/2007/04/19/how-to-enable-single-sign-on-for-my-terminal-server-connections.aspx – me2011 Dec 19 '11 at 21:41

score 2 · Answer 2 · answered Dec 10 '12 at 21:24

Adding to the previous answer... We set shell to "cscript this_script.vbs"

Set shell = CreateObject("WScript.Shell")
shell.Run "mstsc.exe /multimon c:\terminal_server.rdp", 1, true
shell.Run "logoff"

For a more seamless experience be sure to edit the RDP file to hide the connection bar, single sign-on, all that jazz. Then sign the RDP file; in PowerShell use the Set-AuthenticodeSignature. Also, configuring the client's firewall, trusted publisher certs, and the SSO. I find it advantageous to also have GPO configure the Remote Registry service to auto-start, lets me get into the machine and change the shell if necessary. Also have the GPO download new copies of the shell script and RDP file every time it starts, easy configuration refresh.

I've been meaning to write a blog post about all this... It's not half as complicated as it sounds.

Remote desktop auto start session on workstation login

2 Answers2

Linked