• Thanks! Fixed it!

    0
  • When I need to troubleshoot a problem in Windows, the first things I ask my customer to provide are a Process Monitor trace and a network trace. Process Monitor is the second most downloaded tool from the Sysinternals toolkit. You can download it as part of the Sysinternals Suite. Sometimes you don't have access to the computer to run the tool interactively, or you don't want the end user seeing Procmon running on the computer. In the next post, I will show how you can acquire a Process Monitor trace from a remote computer.

    0
  • A simple hack for resetting a Windows 10 password by abusing tools such as Ultiman.exe, StickyKeys, or DisplaySwitch.exe has existed for some time. Microsoft recently raised the hurdle a little by preventing these Windows modifications with Windows Defender. In this post, I show you how you can easily hack into Windows anyway.

    0
  • Which OS?

    Are you sure the Task Manager you are using is running as SYSTEM?

    Sami

    0
  • Jukka Puisto and Profile picture of Sami LaihoSami Laiho are now friends 1 month ago

    0
  • I haven't at any point said this would work over RDP if the other user is logged on to the console. Can you point out where I say so? And I have now answered to you several times that YES you can't do that over RDP.

    What I am saying is that when everyone agreed that this can't be done you started saying this can't be done because of "authentication" or something like that. And someone even answered "thanks for clearing that out". That is not true. Windows Client only allows one interactive session (unless you have Multipoint service like school classes - where this will work from RDP session to another). On a server the licensing says that you can have multiple interactive sessions and this will work as long as the clients connect with RDP to RDS or Citrix (not if one user is logging on from the server console which apparently is something you want to point out although I believe no one does this - uses a server as a client or would logon to RDS console or Citrix console as an end user). You can do this from an RDP session to another even without RDS for 50 users as long as both are logging on to the server with RDP. 

    If the ultimate question is "Why can't I have an RDP session to Windows 10 workstation and take over another users session that is already logged on to the machine?" The answer is "Because the client license will not allow multiple sessions at the same time".

    0
  • And like I said early on in the comments, that won't work. But it is not an RDP issue but a difference in Workstation vs Server. It does work on a client that uses multipoint services, even with RDP as there the license allows this.

     

    0
  • You need to be running in an RDP session yourself. In my video both windows are RDP-sessions and not the physical KVM-connection. 
     

    please test it so that you take two sessions via mstsc.exe to that brand new server of yours with the RDS. And not from you VmWare console.

    0
  • 0
  • Try on a server 2019 that has RDS like I said. Server 2019 licensing allows only one console session at a time - just like the client.

    0
  • With no disrespect Leos but you are incorrect. And yes I have tried this via RDP. I didn't mention RDP at any point of the article and wasn't even talking about it so I don't really understand the need to point out that it wouldn't work with something I didn't even talk about... 

    The reason why it doesn't work against a Windows 10 workstation is because of licensing. Windows workstation versions only allow one interactive user at a time - Either locally or remote. This works fine via RDP against a server that has RDS and is not a limitation of RDP not allowing this - It's really just licensing.

    Why I chose not to talk about RDP in this is because currently most security aware companies don't use RDP for connecting to end user desktops. First because of the security issues with RDP but even more because Remote Desktop will lock out the user while you connect to it --> Some other mechanism like SCCM Remote Control, TeamViewer or Bomgar are needed anyway, and my tip works on those. So I did not use RDP here as an example because I never really logon to workstations with it.

     

    0
  • You can also use other tools if the SERVER-service is not running. You can use Process Hacker (malicious by most antimalware) or you can use SC.exe to build a service to do this. PSEXEC is just the easiest.

    0
  • Well then you have to reset the AD account.

    0
  • Are you sure that you are running the Task Manager from the CMD that is running as SYSTEM? And that you remembered to shutdown all other Task Manager instances before ?

    0
  • When it comes to troubleshooting a running application on a user's Windows desktop, the first problem you face is that you need to access the user session. If you don't know the user password, it can be a bit tricky. Let's learn how to access a user's session without knowing their password.

    0
  • This is the exactly same experience for Autopilot and OOBE. Compared to an attended installation of an end user machine you have no idea how compromised the machine is. If I deliver you a machine with BitLocker on it, prebuilt in your deployment solution, you won't get admin rights - this way you can. Of course if you are doing self-provisioning you need accept certain risk. My point is just that it might not have to A. Be THIS easy. B. That debugging window could run something else that full admin. 

    0
  • In this post, I will reveal a security flaw in Autopilot, Microsoft's new solution to deploy Windows machines to end users. I will show you how end users easily can get administrator rights during the installation process.

    0
  • Sami Laiho's profile was updated 2 months ago

    0
  • Sami Laiho changed their profile picture 2 months ago

    0