5

Person A and Person B use the same non-admin Windows user account to start remote desktop connection. Person A starts remote desktop connection and works on a document. When person B then starts another remote desktop session, it kicks-off (terminates) previous remote desktop connection established by person A, even without any warning. How can I prevent that? (I wish to set that another person cannot terminate previously established remote desktop connection without explicit permission by person who started connection first...)

zlatko
  • 151
  • 1
  • 2
  • 3
  • 1
    Depending on the host you're connecting to, you should be able to run 2 remote sessions. 1 in the admin console, and another as a domain user. Why not just give the users domain accounts remote access? – spikey_richie Sep 10 '19 at 13:02
  • Not going into details, but those two users must use the same Windows non-admin user account. Running two or more concurrent sessions for the same Windows user account is also not an option. The question is how to prevent person B to terminate already established remote connection by person A. – zlatko Sep 10 '19 at 13:11
  • 1
    What is the OS version? – Ronaldo Sep 10 '19 at 15:37
  • Is this on Windows Server? – harrymc Sep 10 '19 at 17:02
  • Yes, Windows Server 2016 – zlatko Sep 10 '19 at 18:59

2 Answers2

5

I know this is an old question but just today I was confronted with the same problem. I stumbled on this thread while looking for an answer. Not having found a solution anywhere I had to roll up my sleeves, build a test environment and do some testing. Here is the solution:

  • Open gpedit and go to Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections.

  • Find the setting Limit number of connections. Set it to "Enabled" and set the value for RD Maximum Connection allowed to 1. Reboot or run gpupdate.

After this is applied, when a second user tries to login to a machine with another user logged in, this is what they will see:

IMG:

Reddy Lutonadio
  • 17,120
  • 4
  • 14
  • 35
Joel Kolb
  • 51
  • 1
  • 2
  • Tried in Windows Server 2019, didn't work when someone else connects with the same username. It still kicks the first session out. – djk Apr 22 '21 at 09:54
2

Remote Desktop/Terminal Services has two settings for multiple sessions: You can either allow multiple sessions per user (in which case if you log in twice, you'll get two sessions), or force a single session per user (in which case you can only log in once and subsequent sessions will be redirected to the original session).

To change this setting:

  • Start 'regedit.exe'

  • Navigate to the following registry key:
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer

  • If the value fSingleSessionPerUser doesn't exist, create it as DWORD

  • The fSingleSessionPerUser values are as follows:

    • 0x0 : Allow multiple sessions per user
    • 0x1 : Force each user to a single session

  • Enter the new value and click OK.

harrymc
  • 455,459
  • 31
  • 526
  • 924
  • 1
    Hi, I wish to allow only single session per user. But, the problem is that if person A first starts remote session for the Windows user X, and then person B starts new session for the Windows user X, new session terminates the previous one. I need it opposite way - that user B cannot start new session while user A is connected. I hope this clarifies the essence of my question. – zlatko Sep 10 '19 at 20:35
  • Try in `gpedit` to go to "Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\" and enable "Restrict Remote Desktop Services users to a single Remote Desktop Services session" and reboot. The documentation isn't very clear on what is the difference between Not configured and Enabled. If this does not make a difference, then I don't know of any other solution. – harrymc Sep 11 '19 at 06:11