By default, only users with local admin rights on an RDS server can do session shadowing on that server.
To allow a particular user or group to allow shadowing, run this from a command prompt on the RDS server:
wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSPermissionsSetting WHERE (TerminalName="RDP-Tcp") CALL AddAccount "domain\group",2
In the command, replace domain\group with settings of your own. It's recommended to create a group specific for the job (e.g. RDS Shadowing) so you can run this command only once, and then add users to the group to allow them to shadow.
| « ‹ | September 2023 | › » | ||||
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
| 1 | 2 | |||||
| 3 | 4 | 5 | 6 | 7 | 8 | 9 |
| 10 | 11 | 12 | 13 | 14 | 15 | 16 |
| 17 | 18 | 19 | 20 | 21 | 22 | 23 |
| 24 | 25 | 26 | 27 | 28 | 29 | 30 |
