Solved

Change finish hotkey for command line shadow of a terminal or RDP session

Posted on 2010-11-17
18
3,663 Views
Last Modified: 2012-07-13
I am trying to change the finish hotkey for when a command line shadow of a Terminal/RDP session is initiated.

By Default the hotkey is "CTRL+*" specifically using the * on the numeric keypad.
This creates support problems as customer's with laptops have an embedded numeric keypad where the keys "7890uiopjkl;m,./" are located. When someone shadows them with their NumLock set, it overrides their setting and enables their NumLock so when typing "7890uiopjkl;m,./" they instead get "789/456*123-0,.+"

Using tsadmin.exe instead of shadow.exe actually allows you to set your finish hotkey with a number of different key combinations (SHIFT,CTRL, ALT)+(0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z, {backspace},{delete},{down},{end},{enter},{F2},{F3},{F4},{F5},{F6},{F7},{F8},{F9},{F10},{F11},{F12},{home},{insert},{left},{-},{pagedown},{pageup},{+},{prntscrn},{right},{spacebar},{*},{tab},{up}).

All I want to do is using any character that is NOT on the Numeric keypad.

I have tried setting the tsadmin.exe to use another combination like "CTRL+{tab}" and have the shadow command reference that setting but they seem to be mutually exclusive. I checked the registry and located the key:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSADMIN\
ShadowHotkeyKey REG_DWORD 0x00000009(9)
ShadowHotkeyShift REG_DWORD 0x00000002(2)

I also tried using the current user setting here:

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSADMIN\
ShadowHotkeyKey REG_DWORD 0x00000009(9)
ShadowHotkeyShift REG_DWORD 0x00000002(2)

Per the help File:
"When you want to end remote control, press CTRL+* (or another hot key that you defined)."

So how can I define another hotkey that the shadow command will respond to?

btw, this does need to be done via commandline/script/code as we have a script that pulls the current session list from each of our 7 servers (up to 630 sessions) and allows us to launch a shadow (remote control) with a single interface with a username search that maps to all the servers.

Command line syntax: shadow <sessionID#> /server:<servername> /v

I am wondering if I can run tsadmin.exe with any parameters such as the above?

Any guidance around this is appreciated

P.S. I have also tried remotely killing the shadow.exe process to forcefully terminate the remote control session with no affect.
0
Comment
Question by:ssignorelli
  • 10
  • 7
18 Comments
 

Author Comment

by:ssignorelli
ID: 34160606
I know MS has some documented and many undocumented methods to call specific interfaces like this example here:
"rundll32.exe" shell32.dll,Control_RunDLL "C:\WINDOWS\system32\mmsys.cpl"

Does tsadmin.exe have anything like this?
0
 
LVL 68

Accepted Solution

by:
Qlemo earned 500 total points
ID: 34171088
I don't think you can solve the issue by just redefining that hotkey. As soon as you connect to a TS session, your NumLock setting is taken over. You would need to have NumLock disabled on connect - that would solve the problem. The Ctrl+NP* is filtered locally AFAIK, not on the TS, and should run with or without NumLock.
0
 

Author Comment

by:ssignorelli
ID: 34174136
Qlemo: As I noted before, the problem is regardless of what the numlock state is on initiating a shadow, the ONLY way to disconnect to to enable Numlock on the machine shadowing the session. This means that ANY laptop that gets shadowed is going to have it's numlock state left ON when the shadow session is done. This generates another support issue of them being unable to login or type as expected.
0
 
LVL 68

Expert Comment

by:Qlemo
ID: 34174792
Sorry, but it does not matter for me if I have NumLock on or off, at least with workstations. If the supporter has a laptop, (s)he needs to switch on NumLock, but that is the only case.
0
 

Author Comment

by:ssignorelli
ID: 34175048
Qlemo: Let me focus on the source of the problem:

90% of customers logged into our TS/RDS servers are using laptops.

When support personnel shadow their session, their numlock status is transferred the duration of the shadow. To end the shadow, Numlock MUST be enabled on the support personnels' computer (regardless of desktop or laptop) which is sent to the client/customer that is shadowed. Therefore, after EVERY shadow instance, the customer will have their numlock ON, which is a problem for anyone using a laptop (90% of our customers).
0
 
LVL 68

Expert Comment

by:Qlemo
ID: 34175418
Sorry for sounding stubborn here, but the supporter does not need to have the NumLock key on to stop shadowing. I have tested:
a laptop connected to W2008 RDP without NumLock switched on
a PC connecting to W2008 via RDP, and then shadowing the user session, having NumLock switched off
Disconnect pressing Ctrl+NP*.
NumLock remains off. The only issue might be if the supporter has NumLock switched on while connecting or disconnecting, leaving that state when disconnecting.
If I'm right, your issue is not that you need to switch on NumLock on to leave the session, but that it might be left accidentally on. But that is something completely different.
0
 

Author Comment

by:ssignorelli
ID: 34176426
Qlemo: THANK YOU!

using "CTRL+N*" (Note is is the * on the numeric keypad) on my desktop keyboard works for disconnecting and does NOT require the NumLock to be set on. You got me 50% of the solution and another approach to take a few hacks at.

I would like to fully resolve this as a few of our support staff do not have external keyboards or desktop PC's so they are forced to work within the limits of a laptop keyboard.

It appears MS documentation is lacking as they have it listed as "CTRL+*" which means "CTRL+P/*" on a laptop and has nothing about including the "N".

Any other thoughts on the laptop portion?

0
 
LVL 68

Expert Comment

by:Qlemo
ID: 34177169
Most laptops allow for ad-hoc use of the "Numeric Pad" keys by pressing the FN button (or whatever switches special laptop functions) while pressing one of the blue (NumPad) keys. That will not toggle NumLock.

What about just closing the support session? I did not try (and can't at the moment), but does that terminate the TS session completely (don't think so), or just the shadowing (that would be great)?
0
 

Author Comment

by:ssignorelli
ID: 34177471
You are correct about the "Most laptops" but not all and not the ones the various support staff use, mine for example is an IBM T-40 which using the FN key does not seem to help.

Closing the remote control session would be useful but using one RDP session into the management TS/RDS server and doing a command line shadow sets the shadow with full screen and 0 (zero) ui controls outside the context of the shadow session. I have even tried using taskkil (from another computer)l to terminate the shadow.exe but that does not end the actual shadow session (odd).

I am always willing to use a hack method like an AutoIt executable that I could run from the command line to end the Shadow. Unfortunately my AutoIt skills are currently lacking,

0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 68

Expert Comment

by:Qlemo
ID: 34177543
If you first connect an admin TS session in Full Screen with "Display the connection bar when in full screen mode", and then do the shadow from there, the connection bar is visible and allows for terminating the session.
0
 

Author Comment

by:ssignorelli
ID: 34177606
The only connection bar that shows up is the one from my laptop to the TS box I have an RDP session to and not the shadow/remote control session toolbar. The flaw with that suggestion is I still need to be logged into the TS to shadow other sessions, just not that customer's any more. Disconnecting my session would leave their session still shadowed by my server session.

0
 
LVL 68

Assisted Solution

by:Qlemo
Qlemo earned 500 total points
ID: 34177629
No, the shadowed session is terminated. That moment you shadow a session, your original admin session is "paused" (disconnected). If you close the TS session, it is the shadow connection, not your admin TS session. I've checked that.
However, the admin session remains logged in, and should be terminated if not needed any longer, e.g. with tsdiscon from the shadowed session.
0
 

Author Comment

by:ssignorelli
ID: 34177749
I think we have a disconnect here. I will try to map it out since you  are making such an effort to help.

Network(1):Support Staff Remote offices
    IBM T-40 with Windows XP
    RDP session to(toolbar shows for ServerX, not customer session):
Network(2):Data center
    ServerX (TS 2003 box with staff sessions)
    Custom UI which initiates command line shadow to another Production Terminal Server 2008 (any 1 of 6)

Network(3): Customer
Customer RDP's to Production Terminal Server 2008(any 1 of 6) in datacenter(this is the session we shadow). Note the environments are locked down, they can only run our custom application.

I hope this sheds some light on the setup.
0
 

Author Comment

by:ssignorelli
ID: 34177798
I tried the tsdiscon and came up with a poor but workable method:

I have an RDP session to ServerX and to ServerY.

I shadow a customer from ServerX, when I need to end the shadow, I use psexec \\ServerX cmd.exe ( I can just keep it open all the time) and run tsdiscon X (where X represents the shadowed session), it kills the shadow and the my connection to ServerX, but I can reconnect where I left off and the customer can be on their way. If only there was a way to only terminate the shadow and not both.
0
 
LVL 68

Expert Comment

by:Qlemo
ID: 34179477
That "hacking" methods only allow for complete disconnection. Only the End-of-Shadow hotkey switches back to the original admin TS. However, that needs a NumPad key.

It might be less clumsy if you use the Ctrl-Alt-Del (which is applied to the supporting PC), Task Manager, Run, and then the command or file you use to connect to the 2003 (admin) TS. That should take over the original admin session, and terminate shadowing in the same go.

Still, using the hotkey is best. Any workaround should only be applied if the NumPad is not available directly. AutoIt is an idea I would try for simulating the hotkey with any other available key combination.
0
 

Author Comment

by:ssignorelli
ID: 34197393
Qlemo: Thank you again for all your help. I am going to close out this question and give you all the points given that you were the only person that responded and put a great deal of effort into it. You did get me to a place where I have a reasonable implementation by using the key combo you provided and an external keyboard or by using tsdiscon on my admin session and reconnecting.

To Recap:
1) External Keyboard: "CTRL+N+*"
2) tsdiscon shadow session of Admin Session shadowing client session.
0
 

Author Closing Comment

by:ssignorelli
ID: 34197420
Ultimately this did give me a work around but not enough to cover 100% of the issue I detailed.
0
 

Expert Comment

by:mash1978
ID: 38182318
terminal session mstsc.exe turn off windows key combination using registry


To Disable Windows Key combination for mstsc.exe ( RDP )


Open Registry

Go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration

Shadow=1

Change Binary Value to:::   Shadow=0


Now windows shortcut key will work with Winkey like to Open Explorer :: "Winkey + E "

Previosuly when we press keyboard key  "E"  it open windows explorer
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This collection of functions covers all the normal rounding methods of just about any numeric value.
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
The viewer will learn how to use the =DISCRINV command to create a discrete random variable, use this command to model a set of probabilities and outcomes in a Monte Carlo simulation, and learn how to find the standard deviation of a set of probabil…
The viewer will learn how to use a discrete random variable to simulate the return on an investment over a period of years, create a Monte Carlo simulation using the discrete random variable, and create a graph to represent the possible returns over…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now