How do I prevent lock screen of remote computer when remote RDP connection into the computer is started?

Question

How do I prevent lock screen of remote computer when remote RDP connection into the computer is started?

This question “Disable Lock Screen after Remote Desktop session in Windows 10” is for disconnecting so it didn't help.

This question "Remote desktop connection without locking the remote computer" was for Windows 7 and 8, the commands are not working for windows 10; all commands referenced in this question disconnects the rdp session. Additionally, there was no answer selected for that question as it does not supply a valid solution to the question.

Specifically, tscon %sessionname% /dest:console will disconnect the session.

Answer 1

You purchase a license that allows you to run the RDP host as a terminal server. The reason the screen locks like this when using RDP is that consumer licenses of Windows allow no more than one active session at a time. The only reliable way around this that lets you continue to use RDP is to get the system licensed as a terminal server, which is expensive and may require an Enterprise or Education edition license.

Alternatively, there are multiple other options for remote access to a Windows system. If you only care about access from the local network, VNC is probably your best bet (unless you need the session to be encrypted). If you need offsite access, you can find a number of options for it online that not only don't involve RDP, but also give a nice visible indication that someone is remotely connected to the session (and often provide some kind of chat functionality for the local user to talk with the remote user).

Answer 2

I found a solution in lieu of rebooting:

1. Open Command Prompt, issuing query session to get the Session ID of RDP
2. Paste the below content into %UserProfile%\Desktop\close.bat, replacing SessionId with the result of Step 1:

   echo off
   Tscon %SessionId% /Dest:console
   

3. Run close.bat as Admin instead of disconnecting from the session

Answer 3

Based on Urumanathan Palanivel's answer, following CloseRdp.cmd could be used;

    @echo off
    for /f "tokens=1,2,3 delims= " %%i in ('query session ^| findstr "Active"') do set SessionId=%%k
    Tscon %SessionId% /Dest:console

Answer 4

Based on subcoder's answer based on Uramanathan's answer, with additions from Duncan and Jimadine's comments, I created a scheduled task that runs when closing/disconnecting the RDP connection. It required a slight tweak to the findstr command to search for %USERNAME% instead of Active, because at the time of the triggering event, the session is already in the Disc state.

The task is triggered by the Microsoft-Windows-TerminalServices-LocalSessionManager/Operational event log getting a logoff event (EventID=24). Then it runs a simple command whenever a user logs off. The command gets the query session output which looks like:

SESSIONNAME       USERNAME                 ID  STATE   TYPE        DEVICE
 services                                    0  Disc
>rdp-tcp#0         Matt                      2  Active
 console                                     5  Conn
 rdp-tcp                                 65536  Listen

It searches for %USERNAME% (in my case "Matt") and gets the ID column for that row. It passes the ID to the tscon command with %k /Dest:console, which unlocks the screen for the logged in user. This command probably only works if the user logging in remotely is the same user logged in locally, but I haven't tested.

Here's a task scheduler XML to import. The Author and UserId elements are removed and will be automatically filled in with your user when you import the task.

<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
  <RegistrationInfo>
    <Date>2022-02-10T11:17:45.9347484</Date>
    <URI>\Unlock remote screen</URI>
  </RegistrationInfo>
  <Triggers>
    <EventTrigger>
      <Enabled>true</Enabled>
      <Subscription>&lt;QueryList&gt;&lt;Query Id="0" Path="Microsoft-Windows-TerminalServices-LocalSessionManager/Operational"&gt;&lt;Select Path="Microsoft-Windows-TerminalServices-LocalSessionManager/Operational"&gt;*[System[Provider[@Name='Microsoft-Windows-TerminalServices-LocalSessionManager'] and (EventID=24)]]&lt;/Select&gt;&lt;Suppress Path="Microsoft-Windows-TerminalServices-LocalSessionManager/Operational"&gt;*[UserData[EventXML[Address="LOCAL"]]]&lt;/Suppress&gt;&lt;/Query&gt;&lt;/QueryList&gt;</Subscription>
    </EventTrigger>
  </Triggers>
  <Principals>
    <Principal id="Author">
      <LogonType>InteractiveToken</LogonType>
      <RunLevel>HighestAvailable</RunLevel>
    </Principal>
  </Principals>
  <Settings>
    <MultipleInstancesPolicy>Parallel</MultipleInstancesPolicy>
    <DisallowStartIfOnBatteries>true</DisallowStartIfOnBatteries>
    <StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
    <AllowHardTerminate>true</AllowHardTerminate>
    <StartWhenAvailable>false</StartWhenAvailable>
    <RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
    <IdleSettings>
      <StopOnIdleEnd>true</StopOnIdleEnd>
      <RestartOnIdle>false</RestartOnIdle>
    </IdleSettings>
    <AllowStartOnDemand>true</AllowStartOnDemand>
    <Enabled>true</Enabled>
    <Hidden>false</Hidden>
    <RunOnlyIfIdle>false</RunOnlyIfIdle>
    <WakeToRun>false</WakeToRun>
    <ExecutionTimeLimit>PT1H</ExecutionTimeLimit>
    <Priority>7</Priority>
  </Settings>
  <Actions Context="Author">
    <Exec>
      <Command>C:\Windows\System32\cmd.exe</Command>
      <Arguments>/C "for /F "tokens=1,2,3 delims= " %i in ('query session ^| findstr "%USERNAME%"') do tscon %k /Dest:console"</Arguments>
      <WorkingDirectory>%USERPROFILE%</WorkingDirectory>
    </Exec>
  </Actions>
</Task>

Answer 5

I don't know of a way to disable the lock screen specifically when an RDP session is connected.

You could perhaps run during the session the free utilities of Insomnia or Caffeine to fool Windows into believing that some activity is going on.

Alternatively, you could do Disable Windows 10 Lock Screen, although this will have an effect everywhere.

Answer 6

1. Name the file Something.ps1, pasting the below in it:

   param($minutes = 250) $myshell = New-object -com "Wscript.Shell" for ($i = 0; -lt $minutes; $i++) { Start-Sleep -seconds 120 $myshell.sendkeys(".") }
   

2. Open notepad, and it will start filling with (.) after 120 seconds

Answer 7

There is a way on consumer (Pro and Home) licences to not have the lock screen activated while connected via Remote Desktop.

Send out remote desktop invitations from the target machine instead of connecting directly.

This is not ideal for all uses, but it is ideal when helping someone remotely which is the only valid case when you also don’t want the lockscreen to get in the way.

One extra advantage of Remote Desktop invitations is the ability to connect to machines which don’t have a public IP address or port forwarding behind a NAT - which is basically any machine of anyone you want to help via Remote Desktop.

Search for “remote assistance” right in the Start Menu search then select “invite someone to connect to your PC”.

Alternatively run “msra” through the run dialog.

You will be able to assist someone through RDP without dumping them into the lock screen while you work. They will also be able to see what you’re doing - also if they move the mouse or type they will lock your controls out temporarily which is also great when collaborating.

Here are some detailed steps: https://support.microsoft.com/en-us/windows/solve-pc-problems-remotely-with-remote-assistance-and-easy-connect-cf384ff4-6269-d86e-bcfe-92d72ed55922

The above is also the preferred way Microsoft or other organizations offer assistance remotely and it comes preinstalled with any Windows machine (no need for installing extra software).