While researching on how to make shadowing or remote controlling transparent to the end user in Server 2012 (While shadowing, now end users get an on-screen keyboard toolbar icon and somehow the ability to change the taskbar positioning even if that ability is disabled so that now they can tell when their session is being remote controlled), I came across some articles that said Microsoft had completely removed the functionality when the product first came out and I was completely and utterly flabbergasted. I seriously can not believe that they could be that freaking ignorant. I think I can speak for every system admin out there that they would stab MS in the neck with a jagged shard of broken glass if given the chance for removing that option. Administratively, the whole point of being able to remote control a users session without their consent or knowing your there tends to keep end users on task or to keep them from doing things they know they’re not supposed to be doing instead of working.
Every day is just more and more of a realization that MS doesn’t know how their end users actually use their products, nor do they give a flying fuck. Had I known that in the first place, along with all the other dozens of bullshit issues, gotchas, quirks, and workarounds I’ve had to deal with on the new operating system, I would of said fuck that shit! I went to college and have supported Windows computer networks since Server 2000 and I don’t have an ounce of faith left in them any more. There are literally less than one hand full of achievements/features in the last decade where I’ve actually felt like they’ve done something right and that it was for the benefit of the consumer. In addition to all that, even just getting to the god damned screen to be able to remote control user sessions requires like fifteen steps. Open up Server Manager, wait, click here, wait for it to load, click here wait for it to load, wait, click, wait, wait, wait, click, etc. You see a pattern starting to emerge here? It’s the loss of yet more administrative functionality. It’s enough to piss me off so you might as well learn how to do it from the command line.
Here’s how to get the list of sessions with PowerShell:
Get-RDUserSession | ft Username, UnifiedSessionId, SessionState, HostServer, ApplicationType -GroupBy Sessionstate -Wrap
Here’s how to remote control a session now:
mstsc /shadow:<Session ID> /control /noconsentprompt
Anyways, I’ve tried many different methods to disable the stupid On-Screen Keyboard toolbar button such as, disabling the “Touch Keyboard and Handwriting Panel Service” and using Software Restriction Polices to no avail but if you are ok with completely disabling the use of all custom toolbars (robbing Peter to pay Paul) and want the ability to be able to remotely control your RDP sessions transparently again (and I bet you are), you simply need to enable this entry in your Group Policy Templates for your RDS server:
User Configuration > Administrative Templates > Start Menu and Taskbar
"Do not display any custom toolbars in the taskbar"