by Toufiq Ali, NII Consulting
Before you read further make sure you back up all the original settings of the registry or set create a restore point of your system. I assume reader know what a windows remote terminal service is. If not please refer to http://en.wikipedia.org/wiki/Terminal_Services
In Windows XP when a remote user tries to connect using the Remote Desktop Connection (RDC) client in Windows XP, the local user is disconnected from his current session forcefully. RDC, unlike Terminal Server Services in Windows 2000, Server 2003 and Server 2008, is designed for only one session at a time.. This excerpt aims at making terminal services functionality of multiple user login from Windows server 2000, windows server 2003 etc in Windows XP. This would be very useful in environment where the network admin often troubleshoots problem on the network using RDC.
Keep reading as the hack unfolds to enable concurrent remote desktop connection sessions support in Windows XP using the following patched files.
- Download files.zip from the link given below on the system where you want to enable concurrent RDC connections.
Windows XP SP1 and SP2: Windows XP RTM, SP1 and SP2.zip
Windows XP SP2: Windows XP SP2.zip
Windows XP SP3: Windows XP SP3.zip
Before you go ahead further, you should be in the safe mode (Press F8 during boot up). If you don’t want to prolong your wait to see this work,
1. goto ‘Start’ > ‘Run’ services.msc
2. Right click on Terminal services & goto Properties.
3. From the startup type drop down choose disable or simply stop the services.
4. Click on apply or Ok & exit the services.msc file.
2. Go to %windir%System32 and & rename the termsrv.dll to anything that you can remember.
3. Go to %windir%System32dllcache & rename the termserv.dll.
4. Copy the downloaded termsrv.dll in the following two locations
1. to %windir%System32
Note: when you copy the files Windows will pop up the Windows File Protection dialog box. Click the cancel button & then Yes to keep this copy of the patched file.
5. Now, download and run the concurrent_sessions.bat file. Click yes to add these values to the registry or you can run Registry Editor to manually add the following registry value:
[HKEY_LOCAL_MACHINESYSTEMControlSet001ControlTerminal ServerLicensing Core]
6. Click on Start Menu -> Run command and type gpedit.msc,
7. Navigate to Computer Configuration -> Administrative Templates -> Windows Components -> Terminal Services.
8. Enable Limit Number of Connections and set the number of connections to number of concurrent sessions you want to allow
9. Restart the terminal services on that system again. Also enable Remote Desktop from the System Properties’ Remote tab & check for Allow users to connect remotely to this computer.
10. Turn on Fast User Switching in Control Panel -> User Accounts -> Change the way users log on or off.
11. Restart the computer normally.
If the Windows XP computer is connected to a domain, every time you restart your computer Windows will set the value of the regkey “AllowMultipleTSSessions” to “0″. To ensure that multiple or unlimited Remote Desktop connection sessions is allowed in AD domain environment, the value data for “AllowMultipleTSSessions” has to be set to “1″ on system startup. To change the value, run the concurrent_sessions.bat every time the computer is started. Instead, put the concurrent_sessions.bat at C:Documents and SettingsAll UsersStart MenuProgramsStartup folder.
With the release of Service Pack 2 (SP2) for Microsoft Windows XP, SP2 has introduced a feature that limits concurrent TCP connection attempts that are possible to 10 per seconds. In Service Pack 1 or without Service Pack, there is no limit on concurrent TCP connection attempts. So if you have set the value of “Limit Number of Connections” in step 8 greater than 10 and you happen to run a SP2, you need to apply the patch to override the max limit. You can download the file from the following link.
Just for your information on disassembling the original & patched file following HEX code bits have being changed:
00022A17: 74 75
00022A69: 7F 90
00022A6A: 16 90