3

I am attempting to shadow existing RDP sessions on Windows 2012 R2 without RDS installed on a custom (not standard 3389) rdp port.

This describes how to shadow RDP in windows 2012 R2. However, when I attempt to do this using for example:

mstsc /shadow:(sessionID)  /v:(ip):(port) /control

I get computer name is invalid.

It appears although mstsc /? shows that one can specify port in the /v parameter it, in fact, does not accept that when coupled with the /shadow argument and results in error message "This computer name is invalid"

Running just mstsc v:IP:port without shadow option is successful, however, obviously this does not result in shadowing.

I have set the registry key 

HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
Shadow(DWORD) = 1

To allow shadowing with user permission.

I have also allowed multiple sessions per user in group policy which does result in allowing multiple sessions from one username.

alexander.polomodov
  • 1,060
  • 3
  • 10
  • 14
mart
  • 43
  • 8

1 Answers1

2

When doing shadowing (from what I understand) the communication is done over RPC instead, or at least setup is, and then a "random" port is used for the actual session. In practice this means that the port specified is ignored.

http://woshub.com/rdp-session-shadow-to-windows-10-user/ mentions HKLM\SYSTЕM\CurrеntControlSеt\Control\Tеrminal Sеrvеr “AllowRemotеRPC”=dword:00000001

Using qwinsta /server:(servername or ip) would probably be a good test to see if that is working correctly.

Of course this is quite sad because it rules out use over the internet where you don't want to open up RPC ports

NiKiZe
  • 1,189
  • 7
  • 17