If a profile is assigned the “Shadow” setting, an expert can switch to a PC on which another user is already logged in.
This feature does not require a remote session via a gateway.
The following data must be specified:
| Name | Description |
|---|---|
| IP/Host | IP/Host of the computer to which the expert should have access |
| Session ID | The session ID of the logged-in user’s session. This is usually always the same and can be determined on the PC using the “quser” command |
| Domain | (Optional) The domain of the PC |
| Login | Login of a local user or administrator |
| Password | Password of a local user or administrator |
| Take control | Allows you to take control of the screen. |
The following requirements apply for accessing the PC:
- Only works with Win10
- The network must not be public
- The firewall rule INBOUND: RDP SHADOWING (TCP 445) must be active
- Remote Desktop (not Remote Access) must be enabled
- Remote identification with NLM
- This group policy must be adjusted:
gpedit |\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Set rules for remote control of Remote Desktop Services user sessions - In the group policies, check whether “Deny access from this network ..” does not contain “everyone”.
- Check in the group policies whether ‘RemoteDesktopUser’ is also entered in “Allow access from this network ..”.