How to disable RDP "Login" screen

Adam

[H]ard|Gawd
Joined
Jan 9, 2003
Messages
1,592
So I do a lot of DVR's and I have a school that is giving us RDP access so we can login to our DVR for maintenance. Thats great. But problem is whenever we login via RDP, the end-users screen goes to that "locked" screen so they can't see anything. Then once we logout, the end-users screen is at the login screen.

Not exactly a good scenario for a DVR. The end-user must be able to

1) see what we are doing on the DVR while we're in it (this way they can still see their cameras)
2) Once we logout, it should be left like it was when we logged in, meaning back in windows, without a user-login screen

Anybody know how to fix this? I don't use RDP a lot because it makes me log-in... this causes issues when im logging into SOME server software (where the server itself is logged on, running a database tool, but when we rdp in, it basically logs us in as that user again, and the database software doesnt run... and it won't re-run until we log back in at the terminal, after the RDP sesssion is over)
 
What OS?

If a client OS (XP - 7) you can either log in locally or through RDP, not both. Otherwise you see what you are seeing. For a server OS you can log in a few times through RDP and still be logged in locally but everyone needs to be using different usernames
 
Vnc change the port if your accessing it from outside their network .
 
I haven't tried this but maybe mstsc /console will achieve this

RDP'ing to an un-hacked XP box alrady connects to the console session (since only 1 RDP session is allowed).

3rd party or Remote Assistance are your options.
 
When i said we're using RDP, i meant that, can't use VNC. It has to be RDP as thats all they are opening up for us. I mean i dunno if they'll KNOW if i use VNC (just disable rdp and setup VNC on the RDP port), but let's just say they make us use RDP and i have to use RDP.

Its a windows xp system im logging into, from a windows 7 machine.
 
There is no way to do it with RDP. Client OS only supports 1 session at a time. This would be a good use for LogMeIn or similar, which use screen sharing so both you and the local user can see the screen.
 
Vnc isn't very secure so that is probably why thy blocked it and limited you to rdp. Used to be that VNC did everything in plain text. Newer real VNC and other VNC software might allow you to secure that some now not sure.
 
We've used logmein, but the school had some kind of security audit and disabled our logmein access, sited the only access they will give us is via RDP, which will not help us. I guess what i'll end up doing is RDPing into a system of ours that has no monitor/keyboard and i'll then pc anywhere into the DVR i need to work on... pain in the neck but hey its all i can do
 
When i said we're using RDP, i meant that, can't use VNC. It has to be RDP as thats all they are opening up for us.

Then you are out of luck.

Closest thing you could do, utilize Windows Remote Assistance.....if you're doing this on a LAN, create a share on that DVR rig, whip up the Remote Assistance request, save as a file..plop the RAassist file on that share..have the remote guy click it...and it opens up a TSWeb like connection that you can both use (host and remote).
 
Get a teamviewer license, that would sort your issues and I doubt they will need to open any ports for you at all.
 
Get a teamviewer license, that would sort your issues and I doubt they will need to open any ports for you at all.

But if they don't want that software on that network then you can't install it.

maybe it is just me, but I have never liked the idea of putting software on any of my network computers that would give some other company the ability to take full control of my computers whenever they want. So I've been very uneasy about the thought of using anything like teamviewer, logmein or the rest of those services.

When you are using somebody else's network you have to play by their rules. If they only want you to use RDP then you need to figure out a way to use it to where it will do what you need as close as possible.
 
But if they don't want that software on that network then you can't install it.

maybe it is just me, but I have never liked the idea of putting software on any of my network computers that would give some other company the ability to take full control of my computers whenever they want. So I've been very uneasy about the thought of using anything like teamviewer, logmein or the rest of those services.

When you are using somebody else's network you have to play by their rules. If they only want you to use RDP then you need to figure out a way to use it to where it will do what you need as close as possible.

Teamviewer doesn't need to be installed, it can run in memory.

Also, i'm wondering if concurrent RDP would work. I've done it at home with no issues.
 
If they are only allowing RDP, they know what its limitations are and are willing to accept the consequences which are:


1) they can't see what we are doing on the DVR while we're in it
2) Once you logout, it will be at a locked screen

There is no problem, the functionality is being limited by the functionality of the OS being used and their security decisions, so they have to live with it.

Unless they are willing to run some other software that only allows session based screen sharing access when the user grants it, like Skype, webex, or a similar application. That's the result.
 
Also, i'm wondering if concurrent RDP would work. I've done it at home with no issues.

That just turns a desktop OS into a terminal server....which breaks Microsofts EULA licensing. It behaves like a terminal server....so person sitting at local console cannot see what remote users are doing, visa vesa. And the next service pack just overwrites it.
 
No it wont, their firewalls block everything but what they allow

Teamviewer would most likely be able to bypass any firewall. Same as LogMeIn. We use all Cisco ASAs at work with heavy, heavy firewalling and Teamviewer can still pass through. If they need anything changed, get them to open up Teamviewer, give you the number and password, you do your stuff, and then they close it. Next time they do the same thing but they get a different number/password.
 
For the RDP lockout you can do this when you "log off" of your RDP session

run the command "tscon.exe 0 /dest:console"

This will log your RDP session off, and automatically log on the local session. I use this all the time when doing remote support through RDP.

Granted they still can't see what you are doing when you are logged on, but at least you can give them back control when you are finished.

As someone else said, it's a constraint of RDP, and it is up to their IT staff to provide other options if the end user doesn't feel RDP is appropriate.
 
Thanks Paully that will actually help me bigtime, it'll even help me for when my office users login to a server we all share for alarm stuff.

To everybody else: Thanks for the comments but honeslty i wish people would read the original posts. When i asked for a solution regarding RDP i wasnt asking for ALTERNATE methods, i know alternate methods. I asked a specific question and honeslty only a few people stayed on point, i had a lot of people tell me 'try team viewer" or "try log me in" thats not what i was asking, i was asking specifically about RDP.

Thanks Paully for at least one solution, and to those who tried to come up with ways around it but were unsuccessfull.
 
Sigh, quartz your not reading my original post are you... the post is about RDP, nothing else, no vnc no pc anywhere nothing else. RDP - I did not ask "can i use another product on RDP ports" i asked how to disable certain things within RDP... again i appreciate you trying to help but nobody really read my original post
 
This might come off as a bit dick-ish but this drives me crazy.

If you or your company installed these DVR's and manage them remotely, YOU should have the solution and present it to the client. That is your JOB.

Weather it be a alternate solution to RDP, the correct OS to begin with, etc. That is your JOB. If you can't do your JOB correctly, I would (as the client) be looking for another person/company.

I read the thread and as others mentioned, its a limitation to RDP. Paully has the best "solution", even though I don't agree with his last line.
 
This might come off as a bit dick-ish but this drives me crazy.

If you or your company installed these DVR's and manage them remotely, YOU should have the solution and present it to the client. That is your JOB.

Weather it be a alternate solution to RDP, the correct OS to begin with, etc. That is your JOB. If you can't do your JOB correctly, I would (as the client) be looking for another person/company.

I read the thread and as others mentioned, its a limitation to RDP. Paully has the best "solution", even though I don't agree with his last line.

I disagree, I will agree that you would have some control, but a company should not have to undo all their security because you aren't able to figure out how to do your job correctly. That is the reason so many companies have security breaches.

No offense to you Adam, as you are doing the right thing asking about how to work within your guidelines. That is more aimed to those doing as you said and telling you other ways other than using RDP and how to get around the security polices they want you to use.

How RDP "should" work on a client. If user A is logged in locally and user B tries to log in through RDP then A's session is locked while B is logged in. If A logged back in then B will be kicked. If you A is logged in and you try to log in through RDP as A then you take over the session that A had started. I do this all the time, log into my computer and start working on something, go elsewhere and log in and take over my session through RDP to work remotely then later log back in locally and work from there. For your server if you are using the same username you should see the same thing there. You shouldn't see different sessions for the same user.
 
This might come off as a bit dick-ish but this drives me crazy.

If you or your company installed these DVR's and manage them remotely, YOU should have the solution and present it to the client. That is your JOB.

Weather it be a alternate solution to RDP, the correct OS to begin with, etc. That is your JOB. If you can't do your JOB correctly, I would (as the client) be looking for another person/company.

I read the thread and as others mentioned, its a limitation to RDP. Paully has the best "solution", even though I don't agree with his last line.

Actually your running your mouth. I already explained the client is giving us RDP access and that is the ONLY kind of RDP access they can give us. I am fine with that, however im trying to figure out if there is a WAY to get it so once i close my RDP session, windows loads back up... if you read my original post i was asking for the following:

1) see what we are doing on the DVR while we're in it (this way they can still see their cameras)
2) Once we logout, it should be left like it was when we logged in, meaning back in windows, without a user-login screen

I DID NOT ask for ALTERNATE METHODS. I specifically said I have a school that is giving us RDP access so we can login to our DVR for maintenance. Thats great.

When we need remote access to any of our clients, we figure out a solution. HOWEVER certain clients (like schools and other large corporations) have limited access. Most of the bigger clients set us up on a VPN and then we can use whatever we like, as we join their network. SOME split off their network so the cameras are on a different network. Others tell us what we can use IF we want access (like this school they are letting us in via RDP). Im just trying to figure out ways to use RDP and allow the end-user to still see their cameras while we are doing work (because the schools have a "spot" monitor that shows the live cameras on a 2nd monitor, once RDP session is in, the screen goes black, and they cant see their cameras).

I found at least one solution to when I EXIT my session, thanks to Paully, i guess theres no solution to the "mirror" effect. So our work will be aimed when school is out, at least we can exit properly now so that the DVR shows the cameras after we are done.
 
Does everything start up right away? Reboot the box after you're done with auto-login.

It's a poormens solution, no idea if it's possible to script something to re-connect the console session.
 
Yeah i can reboot it, thats been a thought, dont wanna hafta but if that script paully recommended doesnt work, what i'll most likely do is RDP into a box that nobody monitors, then use pcanywhere locally to go to the other system
 
Glad I was able to give you a partial answer to your original post.

Just a note, the command I gave is for windows XP, if you are RDPing into Windows 7 there is a slight variation:

"tscon.exe 1 /dest:console "
 
As far as your issue with multiple people logged into a server with RDP, you can go to task manager, then users, and log out the other sessions (such as console). I have to do that quite often.
 
you can shadow a rdp session, but afaik only if the machine in question is server.
 
can you explore your statement about only getting RDP access a bit further? Are they just forwarding port 3389 or can they restrict the App used for remote connectivity as well?

Assuming it's just a basic port forward, there are a variety of RC apps that you can customize the active port on...
 
Back
Top