Remote Desktop Protocol is a proprietary protocol developed by Microsoft which provides a user with a graphical interface to connect to another computer over a network connection. Most of us are administrators and we use this technology on a daily basis. Therefore, it isn’t new to us. Here is a link discussing all you need to know about the Kerberos delegation. Microsoft Terminal Services Client (MSTSC) is the command line interface to run the Microsoft Remote Desktop (RDP) client. It enables you to establish a remote connection to your Remote Desktop Server or Session Host (RDSH) as if you were directly connected. The
mstsc command is used from within the Windows command line. I have described this topic extensively in this guide “how to protect Remote Desktop credentials with Windows Defender Remote Credential Guard or Restricted Admin Mode“.
You can type MSTSC directly into the search box on Windows 10 or from the Run dialogue box. You can also use the MSTSC command directly from the command line as well. images below show what is obtainable and how to connect via the command line. There are a few different switches which you can use. In this guide, we will learn about the various options available.
The MSTSC command arguments used by an average user are /v and /f. You can use the command to set up the connection in seconds if the remote computer is in the same network or if you know the Internet Protocol (IP) address of the remote computer. The syntax of MSTSC is.
MSTSC [<connection file>] [/v:<server[:port]>] [/g:<gateway>] [/admin] [/f[ullscreen]] [/w:<width> /h:<height>] [/public] | [/span] [/multimon] [/edit "connection file"] [/restrictedAdmin] [/remoteGuard] [/prompt] [/shadow:<sessionID> [/control][/noConsentPrompt]]
The following are the available command line arguments:
|<connectionfile>||The name of the .rdp file required for establishing the connection.|
|/v:<server[:port]>||The remote computer or server where you want to connect.|
|/g:<gateway>||The RD Gateway Server to be used for the connection. Required only if the endpoint remote PC is specified with /v.|
|/admin||To establish the connection as an admin.|
|/f||To view the Remote Desktop Window in full screen.|
|/w:<width>||To specify the width of the Remote Desktop Window.|
|/h:<height>||To specify the height of the Remote Desktop Window.|
|/public||To run the Remote Desktop Connection publicly.|
|/span||To match the width and height of the Remote Desktop with the local desktop.|
|/edit <connectionfile>||To edit the specified .rdp file.|
|/multimon||To make the monitor layout of the Remote Desktop Services session identical to the client-side configuration.|
|/restrictedAdmin||To connect to the remote PC in the Restricted Administration mode. The credentials are not sent to the remote PC in this mode, protecting you if you connect to a compromised PC.|
|/remoteGuard||To connect your device to a remote device using the Remote Guard, which prevents sending credentials to a remote PC.|
|/prompt||To prompt you to put in credentials to connect to the remote PC.|
|/shadow:<sessionID>||The ID of the session to be shadowed.|
|/control||To allow the control of the session when shadowing.|
|/noConsentPrompt||To allow shadowing without user consent.|
|/migrate||To migrate legacy connection files created with Client Connection Manager to new .rdp connection files.|
|/?||To display help in the command prompt.|
How to connect to the console session using RDP
This command will connect you to the console session on a server rather than starting a new session. Please see the following guides: How to remove saved RDP credentials entries in Windows 10, how to remove entries histories from the Remote Desktop Connection, and how to prevent the saving of Remote Desktop Credentials in Windows. In place of an RDP client, you can also use AnyDesk!
mstsc / console
Command to open Remote Desktop in full-screen mode
Starts Remote Desktop Connection in full-screen mode. Add
/f switch to the command. Input mstsc/f and then press the Enter key. After that, input the IP address, and click on Connect. Finally, type in the credentials of the remote PC and then you can connect successfully.
To connect to the console session of the remote machine. The “address” field should be replaced with the address of the remote machine. The program launched is also known as Microsoft Terminal Server Connection. Once you launch the mstsc program with the correct address and switches as indicated above, you will be able to login with the desired account. This will be the account’s console session.
mstsc /console /V:address
Note: You can use RDP to remotely connect to the console session of the device with the /admin switch as shown below. A console session is either when you’re at the computer’s physical console or a remote connection that’s the same as if you’re at the computer’s physical console. I have described a useful use case in this guide “MBAM Frequent Report Errors: Understanding Microsoft BitLocker Administration and Monitoring compliance state and error status“
mstsc.exe /admin /v:<IP address of device>
I hope you found this blog post helpful. If you have any questions, please let me know in the comment session.