Remote Desktop Services shadowing is back with 2012 R2 after a leave of absence in regular 2012. However, for this to work out of the box, you need to have the scenario-based RDS deployment, which installs a whole bunch of stuff even when unwanted.
If you've opted for the roles-based installation of RDS Session Host (which is what makes your server into an RDS server), you're missing out on a whole lot of management tools, including the ability to shadow. Luckily, there are a few workarounds (using CLI) which provides us with the necessary things to perform shadowing.
Shadowing requires version 8.1 of the RDS client, so if you're not running Windows 8.1 or 2012 R2 on which you want to do the shadowing, you probably need to install the required update first. You can quickly check whether the client can do shadowing by running it with the command line parameter reference from the command line:
Check whether the /shadow parameter is present in the dialog. If not, you're not running the latest version.
In order to do shadowing, you need the session id. Normally, you would get this from Server Manager but as you're not running a scenario-based deployment, this is not available. Retrieving the information through Powershell doesn't work either, as the cmdlet checks this as well.
There's another command available though (since 2008R2) which provides you with the required info. Just run it without any parameters at a command prompt:
It will output several things, such as session and user name, the state of the session (active/disconnected), and also the session ID, which is what you need:
C:Windowssystem32>qwinsta SESSIONNAME USERNAME ID STATE TYPE DEVICE services 0 Disc >rdp-tcp#103 Admin 1 Active rdp-tcp#98 User1 2 Active rdp-tcp#88 User2 3 Active rdp-tcp#76 User3 4 Active rdp-tcp#107 User4 5 Active rdp-tcp#100 User5 7 Active console 9 Conn rdp-tcp 65536 Listen
Next up, run mstsc/span> with the parameters to start shadowing a session:
mstsc /shadow:ID /control
The example above will attempt to shadow session "ID" and requests to take control of the session. By leaving out /control, you will only be able to view the session.
So, if I wanted to take over User3's session, I would run this on the RDS server:
mstsc /shadow:4 /control
By default, running the command as such will require you to run it on the RDS server itself (which is fine in most cases). If for some reason you need to run it from another computer, you have to specify the server and possibly the user name of someone who's allowed to do shadowing:
mstsc /shadow:ID /v:YOUR-RDS-SERVER /u:MY-ADMINISTRATOR
By default, the user whose session you wish to shadow has to give consent to view and/or control his/her session. If you want to try and override this, add the /noConsentPrompt:
mstsc /shadow:ID /control /noConsentPrompt
Note that this does not necessarily work. The permission to shadow without consent has to be set up using a group policy, even for Full Administrators. To set this up, read: Allow RDS shadowing without consent through GPO.
By default, only users who have local admin rights can do shadowing. To allow shadowing for an arbitrary user or group, see: Allow non-administrators to do RDS shadowing.
Shadowing does not work in workgroup configurations.