Windows 7 / Getting Started

---

Providing Help with Remote Control

In addition to the methods just described, another way to interact with user sessions is to shadow them. Inevitably, every user, at one time or another, calls the Help desk to get assistance from the IT staff. And as helpful as staff can be, and as willing to describe their unfortunate circumstances as users can be, it is sometimes best to experience the problem to solve it efficiently. Windows Server 2008 R2 (like its predecessors) gives you the ability to observe the user session or even take control of the session so that you can act as the user and experience the difficulties a user has. Hopefully, this experience provides a clearer picture of the situation and leads to a speedy resolution of the Help desk ticket.

You can control Remote Control settings from three locations.

• Group Policy: Used to specify Remote Control settings for all RD Session Host servers in a farm
• Remote Desktop Session Host Configuration: Used to specify Remote Control settings on a per-server basis
• Active Directory Users And Computers: Used to specify Remote Control settings on a per-user basis

The ability to control or shadow a user's session remotely is enabled by default on the Remote Control tab of each user's account Properties dialog box.

NOTE: Even though Remote Control is enabled by default in domain user account properties, these settings are used only when you use Remote Desktop Session Host Configuration (instead of Group Policy) to stipulate Remote Control settings, and only when Remote Desktop Session Host Configuration is set to Use Remote Control With Default User Settings. You will look at Remote Desktop Session Host Configuration Remote Control settings later in this section.

If you do not want to be able to view or interact with sessions opened by the user, clear the Enable Remote Control check box.

By default, the user's permission is required for an administrator to interact with the user's session. When you invoke remote control of a user session, the user receives a prompt that he or she grant you permission to control the session. If the user clicks No or doesn't respond, the person requesting remote control will see a message that access is denied.

Not everyone wants users to be aware that their sessions are being shadowed; some companies use this feature for auditing the work habits of their employees. If Require User's Permission is not enabled, then you can gain remote control (for viewing or interacting, depending on the level of control option selected) of the user session without her knowledge or permission.

When you attach to the session in these circumstances, the user sees nothing and is not aware of your presence unless you interact with the session in some way.

CAUTION: If you decide to interact with user sessions without user knowledge or permission, check with your company's legal and human resources (HR) departments first, to make sure that the company is legally protected and that HR policies reflect this need.

By default, administrators have full control of the user session. This means you can manipulate the session (use the keyboard and mouse, and so on) as if you are the user. This level of control can be changed to allow only observation by selecting the option View The User's Session. At this level, you can observe the user's session, but you cannot control it in any way. Remote Control settings can also be set using RD Session Host Configuration on each server or by using Group Policy. Group Policy settings take precedence over RD Session Host Configuration settings.