Configure Remote Work Place for console RDP sessions in SBS 2008

Posted on 2011-03-10
Last Modified: 2012-05-11
Does anyone know if there is a way to force all RDP sessions created through SBS 2008's Remote Work Place to connect as console sessions?

I've been able to fine tune the RWP RDP Sessions be editing "tsweb.aspx" found at C:\Program Files\Windows Small Business Server\Bin\webapp\Remote\tsweb.aspx

But I don't see where I can add the "mstsc /console" comand to force the console connection when users connect to their desktop PCs from Remote Work Place.

Question by:mojopojo
LVL 77

Accepted Solution

Rob Williams earned 250 total points
ID: 35095200
On PC's (not servers) are you sure it doesn't? If a console session is open and the same user logs in with RWW it will take over that same session, which implies to me it is the console session. A different user would be using a different session similar to fast user switching. Are you perhaps wanting to close that other user's session when connecting? If so that can be accomplished with group policy I believe.
LVL 38

Assisted Solution

by:Philip Elder
Philip Elder earned 125 total points
ID: 35095347
The console switch applies to servers only iirc.

Users do take over their session if they leave the machine locked and log in remotely later on.

When connecting via RWW the RDP session should always behave in this manner.


Author Comment

ID: 35095450
No, a regular RDP session would act like that as well. If you were to say lock you PC and leave the office, then RDP in (not using Remote Work Place) using the same credentials you would unlock the old session and all of your work would be there as you left it (provided there is no GPO to log you out after a certian period). This is how they worked prior to migrating to SBS 2008. We set up their RDP connections using port-forwarding, but with no console switch.

RWP is creating a term-server session, and it is causing issues with the liscensing of a financial/time keeping software. This is also how I verified that the RWP is creating a term-session.

The aplication TimeSlips uses a liscenses when a user logs on at the console. Then, even when the user logs off it holds that liscense in use. Then when they remote in to that same PC with the smae credentials and open TimeSlips it uses a second liscense and holds that liscense indefinitly as well.

It's sloppy code and a way to force commpanies to purchase 2x the liscenses they require. And the lawyers have gone through it and there is no mention of requiring a seperate liscenses for remote connections in their liscensing agreement. I was told by Sage support that it is a known issue, they blame it on  a function of Windows and said their is no plan to fix it. Their solution was to manualy clear the liscenses each night and each time a user ends a session. That is a heck of a lot of administrator overhead! Each time a user logs off an admin has to log-on to the server and manualy clear a liscenses?!?! WTF?

In the Server Administrative TimeSlips Console you can see the liscenses in use by user name such as:

1. User1
2. Terminal Connection - User1
3. User2
4. User3
5. Terminal Connection - User3

If RWP would create a true conole connection then the users would just take over that session and only use one liscense per user. We've tested it with a direct RDP console connection (not through RWP) and it works - one user on one PC = one liscense

We are not trying to avoid paying liscensing fees. We have purchased more liscenses that we have users along with Sage's Premium Support Package. We simply would like to be able to use the liscenses we have purchased fairly - one per user, remote or at their desktop.

Creating the console session apears to be the only solution, and we were hoping we could force RWP to create the connections as such.
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

LVL 77

Expert Comment

by:Rob Williams
ID: 35095617
I suspect something else is at play here. With SBS 2003, and I just tested with SBS 2008, when you login via RWW you take over the existing session completely. Might it have to do with where the licensing information is stored.

Alternatively rather than using RWW have you considered using the TSgateway and RDP sessions. This way you still are using SSL, not port mappings necessary, but you by-pass RWW.
From an earlier post of mine:
SBS 2008 and newer makes use of the TS Gateway service. This allows you to connect directly to a corporate server or PC and bypass RWW altogether, and yet still have the same security as RWW.

To do so the connecting client must have the updated TS/RDP client, version 6.1 or newer, which requires XP SP3, Vista SP1, or Win7/Server 2008. Then start the RDP connection client | click options | advanced | connection settings | and enter the TS gateway address (your SBS server name -probably Under the General tab enter the computer name to which you want to connect and user name (domain\user), and save.

Clicking on the saved connection now allows you to connect directly to the corporate PC, still using SSL, and with only a single logon. The first time the connection is used, there are two pop-ups that have to be approved but if you check 'always' they will not be present next time.

This is new to 2008 and a very useful feature, especially for folk that are always connecting to the same server or PC and don't want to have to have to do multiple logins, approve multiple popups, and select a PC.

The following link outlines RWW with SBS 2008 and shows the client connection configuration half way down the page under "TSGateway Integration".


Author Comment

ID: 35096205
I've got a few SBS 2008 and Server 2008 boxes out there but have not configured or used TSgateway for any of the RDP connections yet. That's a great thought.

Were going to test it this weekend on the network I posted about. Maintaining the use of SSL was a mandate of this project. Also, a RDP configuration without the configuration overhead of configuraing port-forwarding on a firewall for each user is a beautiful thing. Let's see how this works with the aplication and liscensing in question.

Solve the issue or not, I'm glad to look into using TSGateway.

Thnaks and I'll post the results this weekend or early next week.
LVL 13

Assisted Solution

connectex earned 125 total points
ID: 35096828
RWW or RDP directly will take over an existing console session as long as the same username already logged on. I personally hate this as I've had clients interrupt my console session when they've RDPed into the server. To change this:

1. Open Terminal Services Configuration.
2. On the initial screen double click on Restrict each user to a single session. Checked means console session (if alread logged on). Unchecked will always open another session, unless session limits have been reached).
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 250 total points
ID: 35097191
Let us know how it goes.
I have also in a few cases found poor performance with RWW on 2008 and have not been able to resolve. However I have had no issues with performance at all using TSGateway connections.  The client also seems to like the faster/simpler logon process. On that note, the fist logon from a PC takes a little longer. Subsequent logons are very fast.

Author Comment

ID: 35359600
Sorry I disapeared on this.

Aparently there is no way to "force all RDP sessions created through SBS 2008's Remote Work Place to connect as console sessions".

I know more was discussed, but since that was the topic of this thread I wanted to keep the forum clean.

The only way I know to force a Windows RDP console session is to open the client from the RUN box:

WIn XP/Vista - mstsc /console
Win 7 - mstsc /admin

No one has offered any way to force this through while in RWW in SBS 2008.

There apears to be no resolution.

Thanks for the input and attention to the thread.

Author Closing Comment

ID: 35359608
We were not able to arive at any possible solution to this. This does not mean it is impossible. Only that we were unable to find a viable solution.
LVL 77

Expert Comment

by:Rob Williams
ID: 35360110
Very curious. Any RWW session I create to a PC, is to the console session. Servers are different.

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to record audio from input sources to your PC – connected devices, connected preamp to record vinyl discs, streaming media, that play through your audio card: Vista, Windows 7, Windows 8, Windows 8.1 and Windows 10 – both 32 bit & 64.
An article on effective troubleshooting
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question