The /console
switch was for connecting to the console session. This functionality is no longer considered useful, and has been removed.
For backwards compatibility, the /admin
switch behaves like the /console
switch when connecting to a Windows 2003 or Windows 2003 R2 server. It does not behave like the /console
switch when connecting to a modern version of Windows. (I am not sure whether the /admin
switch has any effect when connecting to a Windows XP machine.)
When connecting to a modern server version of Windows with the Remote Desktop Services component installed, the /admin
switch affects certain behaviour, most notably whether a CAL (Client Access License) is consumed, as described in the linked article. (Note: prior to Windows 2008 R2, the Remote Desktop Services component was called Terminal Services.)
When connecting to a modern version of Windows Server that does not have Remote Desktop Services installed, or to a modern version of a Windows client edition, you do not need the /admin
switch. You can use it, but it has no effect.
In summary: in theory, at least, you should not need to connect to the console session. Whatever documentation you are reading that suggests that you do may be out of date.
Addendum: Windows does allow components and third-party software to distinguish between Remote Desktop sessions and local sessions. In particular, applications run in Remote Destkop sessions have the REMOTE INTERACTIVE LOGON token whereas applications run in local sessions have the CONSOLE LOGON token.
I am not personally aware of any Windows components or third-party software that only allow access to the console logon except for the "Restrict [CD-ROM/Floppy] access to locally logged-on user only" policies, which are off by default.
The /admin
switch does not affect this behaviour. I no longer have access to any Windows Server 2003 machines to see what the /console
switch did in this respect.
Thanks, that was my impression as well. I was trying to turn Bitlocker on remotely, and ended up changing group policy so I have direct access to remote removable devices.
Wish there is a "no bar" access option on new RDP (doing the same works fine with TeamViewer for example since it seem to pretty much performs a "local" log in). – hmpws – 2015-10-25T23:32:22.017
The link in this post has rotted. – ArtOfWarfare – 2018-03-18T18:47:34.853
There is such software its called the Microsoft kinect, which shutsdown if someone ends a rdp session (should stay running on a kiosk machine), i hope console view gets back – user3800527 – 2018-05-01T06:15:02.377
@user3800527, I doubt it would make any difference - software was always able to detect disconnections, and I don't think disconnecting from the console session was any different in this respect. – Harry Johnston – 2018-05-01T07:29:27.403
A kiosk machine can run a kinect app till someone closes rdp, because the end rdp turns of service, so once someone used RDP the kiosk application stops running (despite the screen says your application will continou to run, they dont, camrea lights switch of). – user3800527 – 2018-05-01T09:29:10.117
It is still unclear to me if the /admin switch is still used on the modern Windows OS > W2K8 / Windows 7 (both will reach the end of life in few months) and if it has any effect. – Bemipefe – 2019-07-25T16:37:57.010
@Bemipefe, IIRC, I used it once to log into a remote Windows 2016 server when the Remote Desktop licensing had broken and ordinary logins weren't being allowed. So it still has an effect on servers and is useful in edge cases. – Harry Johnston – 2019-07-26T00:42:04.500