RDP to login to the console using GPO

Starting with Server 2008, there is no longer a session 0 anymore.  The console command is for backwards compatibility.  (well, technically it exists, but is no longer interactive)

http://blogs.technet.com/b/askperf/archive/2007/04/27/application-compatibility-session-0-isolation.aspx


What are you trying to get done?  Perhaps there is a different path we can take to solve the problem you are facing.

I and my developers are working on a customer's server (Windows 2012) developing a .NET application.

Their IT consultant is making a big deal about use logging in as mstsc /console. He sent the following email making it sound like we are going to run in to problems. He logs in to the server to check up on us and babysit us

On three occassions now when I have logged into your new server CSAPSS3 thelogin has resulted in a failed desktop. This is a result of an incorrect Remote Session being executed.  This is being done by the development team. The server log files show this.

In previous emails, about maybe 8 weeks ago, I had asked them if they knew how to properly connect to a remote server RDP session to ensure they were always using what is referred to as a console or admin session. They said they did not so I sent them the link from Microsoft which showed how to properly do this.

There are two Administrators logged in which is not allowed and causes the issue.

I am only pointing this out because if they do this in the future it might cause issues with this server.

@tsaico: What would you say to this?

Does the server have the RD Session Host role installed?  This link does a pretty good job of any differences.
http://support.microsoft.com/kb/947723

If you're connecting with a newer RDP client (> 6.1), then the /console switch is silently ignored.  If you use the /admin switch, what happens depends on the server version you're connecting to (e.g. 2003, or newer), and whether the RDSH role is installed.

It is a Windows 2012 member server on a domain and it does not have the RD Session Host role installed. My customer is using it as an application server with the application server role installed.

So with that setup you can't log on to a "console" session (as tsaico mentioned), and if you use the /admin switch the link I posted describes the differences.  Having two administrators logged on is common, if it's causing an issue then I can only think it is due to design of an application.  Not being a developer, I couldn't speak to what those issues would be, if any.

It is not causing any issues for our application. The IT consultant is making a big deal out of when we log in with 2 administrators.

That is why I was hoping for a GPO setting to not allow more then one user with an active RDP session.

The IT consultant is constantly loggin in to the server to monitor our activity and then sending emails to the owner to complain.

My developer and QA person are logged in at the same time.

I wish I could tell the consultant to take a hike. The business owner believes everything he says.

So I will just have to make do with what I got

I have set the local policy to end idle or session that are disconnected. This is if someone forgets it will disconnect them in 15 min for disconnected sessions and 1 hour for idle sessions

Honestly it sounds a bit to me like the consultant is stuck in the past where it was sometimes necessary to use the /console switch when installing certain programs (i.e. in the Server 2003 days).  If all he wants is a free session so he can log in at any time, that's a separate issue, and there are other ways for him to access logs, etc.  I think maybe the best you can do is try to explain some of this to the owner.
Best of luck.