When performing RDS shadowing, by default, the user whose session is being shadowed has to consent to viewing and/or controlling his/her session. This behaviour can be changed with a group policy.
In your group policy (local or through domain), navigate to:
Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections
Find the policy called Set rules for remote control of Remote Desktop Services user sessions and configure it:
| « ‹ | March 2025 | › » | ||||
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | 31 | |||||
