By default, only users with local admin rights on an RDS server can do session shadowing on that server.
To allow a particular user or group to allow shadowing, run this from a command prompt on the RDS server:
wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSPermissionsSetting WHERE (TerminalName="RDP-Tcp") CALL AddAccount "domain\group",2
In the command, replace domain\group with settings of your own. It's recommended to create a group specific for the job (e.g. RDS Shadowing) so you can run this command only once, and then add users to the group to allow them to shadow.
| « ‹ | August 2020 | › » | ||||
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | 31 | |||||
