Situation: The client has a windows 2012 R2 server as Remote Server. Their admins run qwinsta.exe to manage shadow session. However, some users get access is denied when they try.
Troubleshooting: 1. Make sure the users are in local administrators group.
2. Or create a batch file and send shortcut to desktop. When they run the shortcut, it will run as administrator and may popup for confirm it. Here is the example of batch file:
qwinsta.exe
echo.
set /p uid=Enter sessionID to control:
start mstsc.exe /shadow:%uid% /control /noConsentPrompt
3. If the user is non-admins, you can give non-admins the session shadow management using command-line tools. Reference the marked thread “Shadowing RDS 2012 Sessions” for detail suggestion:
https://social.technet.microsoft.com/Forums/windowsserver/en-US/9509bb5b-5a9a-4eb8-b913-f8200b44be5b/shadowing-rds-2012-sessions?forum=winserverTS