By default, only users with local admin rights on an RDS server can do session shadowing on that server.
To allow a particular user or group to allow shadowing, run this from a command prompt on the RDS server:
wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSPermissionsSetting WHERE (TerminalName="RDP-Tcp") CALL AddAccount "domain\group",2
In the command, replace domain\group with settings of your own. It's recommended to create a group specific for the job (e.g. RDS Shadowing) so you can run this command only once, and then add users to the group to allow them to shadow.
| « ‹ | April 2021 | › » | ||||
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | 30 | |
