Terminal Services for mixed legacy clients: you deploy a Windows 2000 Server (not a domain controller) in Application Server mode so Windows 3.1, Windows 95, and Windows 2000 Professional clients can run a 32-bit app. The IT team must be able to remotely control user sessions for support. What should you do to enable this capability?

Difficulty: Easy

Configure the Terminal Server to run in Remote Administration mode
Grant the IT group Full Control permission on the RDP protocol object
Add the IT staff to the Power Users group on the Terminal Server
Use third-party software for remote control of Terminal Services sessions
None of above

Correct Answer: None of above

Explanation:

Introduction / Context:
Windows 2000 Terminal Services supports 'remote control' (shadowing) of user sessions natively when the server runs in Application Server mode. Proper configuration is done in Terminal Services Configuration (tscc.msc) and/or per user account properties—no third-party software is necessary, and Remote Administration mode would limit concurrent sessions to administrative use only.

Given Data / Assumptions:

Server is in Application Server mode (multi-user app hosting).
IT needs to shadow users' sessions for troubleshooting.
The server is not a domain controller (not required).

Concept / Approach:

Enable remote control in Terminal Services Configuration under the RDP-Tcp connection properties (Permissions and Remote Control tabs), and/or set 'Remote control' on user accounts (allow, require user’s permission, view or interact). Additionally, grant the IT group the 'Full Control' permission on the RDP-Tcp connection and the 'Remote Control' user right via the Terminal Services permissions dialog—not by changing generic RDP object permissions or server mode.

Step-by-Step Solution:

Open Terminal Services Configuration (tscc.msc) → Connections → RDP-Tcp → Properties.On the Remote Control tab, enable remote control (choose 'Interact' and whether to require user consent).On the Permissions tab, add the IT group and grant 'Full Control' for the connection.Optionally, in each user's account properties, set remote control options.

Verification / Alternative check:

Use Shadow (or MMC tools) to attach to a live session; prompt and interaction confirm configuration.

Why Other Options Are Wrong:

Remote Administration mode disables multi-user app hosting and limits to 2 admin sessions.

Granting Full Control on 'RDP protocol' generically is not how shadowing is enabled; it requires the remote control setting.

Power Users membership does not grant shadow rights.

Third-party tools are unnecessary because Windows provides native shadowing.

Common Pitfalls:

Misunderstanding server mode; not enabling Remote Control on the RDP-Tcp connection; forgetting user consent prompts block shadowing if not allowed.

Final Answer:

None of above

Discussion & Comments

No comments yet. Be the first to comment!

More Questions from Windows 2000 Server

Discussion & Comments