use wddm graphics display driver for remote desktop connections

For others and for clarity, it is actually: Edit Group Policy . Specify contact email address or Email ID, Hide the Firewall and network protection area, Hide the Virus and threat protection area, Select when Preview Builds and Feature Updates are received, Allow Automatic Updates immediate installation, Allow non-administrators to receive update notifications, Allow signed updates from an intranet Microsoft update service location, Allow updates to be downloaded automatically over metered connections, Always automatically restart at the scheduled time, Configure auto-restart reminder notifications for updates, Configure auto-restart required notification for updates, Configure auto-restart warning notifications schedule for updates, Delay Restart for scheduled installations, Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box, Do not allow update deferral policies to cause scans against Windows Update, Do not connect to any Windows Update Internet locations, Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box, Do not include drivers with Windows Updates, Enabling Windows Update Power Management to automatically wake up the system to install scheduled updates, No auto-restart with logged on users for scheduled automatic updates installations, Re-prompt for restart with scheduled installations, Remove access to use all Windows Update features, Reschedule Automatic Updates scheduled installations, Specify active hours range for auto-restarts, Specify deadline before auto-restart for update installation, Specify deadlines for automatic updates and restarts, Specify Engaged restart transition and notification schedule for updates, Specify intranet Microsoft update service location, Specify source service for specific classes of Windows Updates, Turn off auto-restart for updates during active hours, Turn off auto-restart notifications for update installations, Turn on recommended updates via Automatic Updates, User State Management Client Side Extension, Hide the "Add a program from CD-ROM or floppy disk" option, Hide the "Add programs from Microsoft" option, Hide the "Add programs from your network" option, Hide the Set Program Access and Defaults page, Specify default category for Add New Programs, Force a specific visual style file or force Windows Classic, Prevent changing visual style for windows and buttons, Prohibit selection of visual style font size, Browse a common web site to find printers, Default Active Directory path when searching for printers, Turn off Windows default printer management, Hide "Set Program Access and Computer Defaults" page, Hide Regional and Language Options administrative options, Hide user locale selection and customization options, Restrict selection of Windows menus and dialogs language, Restricts the UI languages Windows should use for the selected user, Turn off insert a space after selecting a text prediction, Turn off offer text predictions as I type, Always open All Control Panel Items when opening Control Panel, Prohibit access to Control Panel and PC settings, Maximum size of Active Directory searches, Do not add shares of recently opened documents to Network Locations, Hide and disable all items on the desktop, Prevent adding, dragging, dropping and closing the Taskbar's toolbars, Prohibit User from manually redirecting Profile Folders, Remove Properties from the Computer icon context menu, Remove Properties from the Documents icon context menu, Remove Properties from the Recycle Bin context menu, Turn off Aero Shake window minimizing mouse gesture, Ability to change properties of an all user remote access connection, Ability to delete all user remote access connections, Ability to Enable/Disable a LAN connection, Ability to rename all user remote access connections, Ability to rename LAN connections or remote access connections available to all users, Enable Windows 2000 Network Connections settings for Administrators, Prohibit access to properties of a LAN connection, Prohibit access to properties of components of a LAN connection, Prohibit access to properties of components of a remote access connection, Prohibit access to the Advanced Settings item on the Advanced menu, Prohibit access to the New Connection Wizard, Prohibit access to the Remote Access Preferences item on the Advanced menu, Prohibit adding and removing components for a LAN or remote access connection, Prohibit changing properties of a private remote access connection, Prohibit connecting and disconnecting a remote access connection, Prohibit deletion of remote access connections, Prohibit Enabling/Disabling components of a LAN connection, Prohibit renaming private remote access connections, Prohibit viewing of status for an active connection, Turn off notifications when a connection has only limited or no connectivity, Turn off toast notifications on the lock screen, Add "Run in Separate Memory Space" check box to Run dialog box, Clear history of recently opened documents on exit, Clear the recent programs list for new users. Remove "Map Network Drive" and "Disconnect Network Drive", Remove File Explorer's default context menu, Remove the Search the Internet "Search again" link, Remove UI to change keyboard navigation indicator setting, Remove UI to change menu animation setting, Request credentials for network installations, Turn off common control and window animations, Turn off display of recent search entries in the File Explorer search box, Turn off the caching of thumbnails in hidden thumbs.db files, Turn off the display of snippets in Content view mode. Use GPO to force use of XDDM rather than WDDM. You simply need to disable the WDDM graphics driver from the Remote Desktop Session Host. * Right-click the current Graphics item in Device manager, and select "Update driver". set the policy "Use WDDM graphics display driver for Remote Desktop Connections" to DISABLED. Not me though, I wanted to use WDDM drivers, but found it lead to frequent crashed Remote Desktop sessions on my Win 10 2004+ machines. Use WDDM graphics display driver for Remote Desktop Connections This policy setting lets you enable WDDM graphics display driver for Remote Desktop Connections. set the policy "Use WDDM graphics display driver for Remote Desktop Connections" to DISABLED. To solve "Your Remote Desktop Service session has ended. . Use WDDM graphics display driver for Remote Desktop Connections (Disabled) I have also ran the NVIDIA OpenGL RDP enabler tool so I can run applications that use OpenGL through RDP, but I removed the NVIDIA driver database where this setting is stored to disable it and determined that the problem is not related to OpenGL support state. Open Local Group Policy Editor If you have Windows 10 Pro, run gpedit.msc and navigate to the following: Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Remote Session Environment Set the Use WDDM graphics display driver for Remote Desktop Connections policy to Disabled Right-click on Windows key and select Device Manager from the list of options available. Define the number of days after which a catch-up security intelligence update is required, Define the number of days before spyware security intelligence is considered out of date, Define the number of days before virus security intelligence is considered out of date, Define the order of sources for downloading security intelligence updates, Initiate security intelligence update on startup, Specify the day of the week to check for security intelligence updates, Specify the interval to check for security intelligence updates, Specify the time to check for security intelligence updates, Turn on scan after security intelligence update, Specify threat alert levels at which default action should not be taken when detected, Specify threats upon which default action should not be taken when detected, Allow antimalware service to remain running always, Allow antimalware service to startup with normal priority, Configure detection for potentially unwanted applications, Configure local administrator merge behavior for lists, Define proxy auto-config (.pac) for connecting to the network, Define proxy server for connecting to the network, Allow auditing events in Microsoft Defender Application Guard, Allow camera and microphone access in Microsoft Defender Application Guard, Allow data persistence for Microsoft Defender Application Guard, Allow files to download and save to the host operating system from Microsoft Defender Application Guard, Allow hardware-accelerated rendering for Microsoft Defender Application Guard, Allow Microsoft Defender Application Guard to use Root Certificate Authorities from the user's device, Allow users to trust files that open in Windows Defender Application Guard. Share Improve this answer Follow answered Oct 4, 2019 at 16:32 This is the new best answer. Remove Boot / Shutdown / Logon / Logoff status messages, Restrict potentially unsafe HTML Help functions to specified folders, Restrict these programs from being launched from Help, Specify settings for optional component installation and component repair, Specify Windows installation file location, Specify Windows Service Pack installation file location, Turn off Data Execution Prevention for HTML Help Executible, ActiveX installation policy for sites in Trusted zones, Approved Installation Sites for ActiveX Controls, Remove Program Compatibility Property Page, Turn off Application Compatibility Engine, Allow a Windows app to share application data between users, Allow deployment operations in special profiles, Allows development of Windows Store apps and installing them from an integrated development environment (IDE), Disable installing Windows apps on non-system volumes, Prevent non-admin users from installing packaged Windows apps, Prevent users' app data from being stored on non-system volumes, Let Windows apps access account information, Let Windows apps access an eye tracker device, Let Windows apps access diagnostic information about other apps, Let Windows apps access user movements while running in the background, Let Windows apps activate with voice while the system is locked, Let Windows apps communicate with unpaired devices. For this, double the option, select ' Disable '. Enable the WDDM graphics display driver for Remote Desktop Connections Restart the VM The first step in this process is to deploy a high GPU VM Windows 10 Multi-session instance with the correct graphics cards selected (instance selected). Disable WDDM graphics driver. Environment Release : 3.3 Component : PRIVILEGED ACCESS MANAGEMENT Resolution There is no impact. Always prompt for password upon connection; Do not allow local administrators to customize permissions WDDM 1.2 compatible driver . On the left, click the Citrix VDA Non-Admin Users GPO to highlight it. Click Apply, OK and close the Local Group Policy Editor. Step 3: Select the Disable device option from the context menu. Environment Release : 3.3 Component : PRIVILEGED ACCESS MANAGEMENT Resolution There is no impact.. Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Remote Session Environment > Use WDDM graphics display driver for Remote Desktop Connections | set to "Disabled". Define security intelligence location for VDI clients. The black screen issue has to do with a new RDP display driver (WDDM) used in 1903. (Image-2) Version of WDDM of the GPU driver on The Windows System Back to the top Info: Turn on dynamic Content URI Rules for Windows store apps, Prevent backing up to optical media (CD/DVD), Prevent the user from running the Backup Status and Configuration program, Turn off the ability to back up data files, Turn off the ability to create a system image, Disallow locally attached storage as backup target, Allow domain users to log on using biometrics, Specify timeout for fast user switching events, Allow access to BitLocker-protected fixed data drives from earlier versions of Windows, Choose how BitLocker-protected fixed drives can be recovered, Configure use of hardware-based encryption for fixed data drives, Configure use of passwords for fixed data drives, Configure use of smart cards on fixed data drives, Deny write access to fixed drives not protected by BitLocker, Enforce drive encryption type on fixed data drives. Then reboot! On the affected machine, in Group Policy Editor, under Remote Desktop Session Host -> Remote Session Environment . Save or just connect, but now you should utilize all your monitors. In the window that opens, select Disabled, and hit OK. Update configuration of group policies to apply new settings with the command: gpupdate /force. start Hyper-V manager go to Hyper-V Settings > Physical GPUs select your GPU check the box Use this GPU with RemoteFX click OK select your virtual machine click Settings click Add Hardware > RemoteFX 3D Video Adapter click Add update RemoteFX settings for your needs click OK That is. Under Setting, right-click Use WDDM graphics display driver for Remote Desktop Connections, and click Edit. Use DNS name resolution with a single-label domain name instead of NetBIOS name resolution to locate the DC, Allow cryptography algorithms compatible with Windows NT 4.0, Specify negative DC Discovery cache setting, Specify positive periodic DC Cache refresh for non-background callers, Use final DC discovery retry setting for background callers, Use initial DC discovery retry setting for background callers, Use maximum DC discovery retry interval setting for background callers, Use positive periodic DC cache refresh for background callers, Use urgent mode when pinging domain controllers, Allow Clipboard synchronization across devices, Select the lid switch action (on battery), Select the lid switch action (plugged in), Select the Power button action (on battery), Select the Power button action (plugged in), Select the Sleep button action (on battery), Select the Sleep button action (plugged in), Select the Start menu Power button action (on battery), Select the Start menu Power button action (plugged in), Energy Saver Battery Threshold (on battery), Energy Saver Battery Threshold (plugged in), Allow applications to prevent automatic sleep (on battery), Allow applications to prevent automatic sleep (plugged in), Allow automatic sleep with Open Network Files (on battery), Allow automatic sleep with Open Network Files (plugged in), Allow network connectivity during connected-standby (on battery), Allow network connectivity during connected-standby (plugged in), Allow standby states (S1-S3) when sleeping (on battery), Allow standby states (S1-S3) when sleeping (plugged in), Require a password when a computer wakes (on battery), Require a password when a computer wakes (plugged in), Specify the system hibernate timeout (on battery), Specify the system hibernate timeout (plugged in), Specify the system sleep timeout (on battery), Specify the system sleep timeout (plugged in), Specify the unattended sleep timeout (on battery), Specify the unattended sleep timeout (plugged in), Turn on the ability for applications to prevent sleep transitions (on battery), Turn on the ability for applications to prevent sleep transitions (plugged in), Specify the display dim brightness (on battery), Specify the display dim brightness (plugged in), Turn off adaptive display timeout (on battery), Turn off adaptive display timeout (plugged in), Turn on desktop background slideshow (on battery), Turn on desktop background slideshow (plugged in), Minimum Idle Connection Timeout for RPC/HTTP connections, Propagation of extended error information, Restrictions for Unauthenticated RPC clients, RPC Endpoint Mapper Client Authentication, All Removable Storage: Allow direct access in remote sessions, All Removable Storage classes: Deny all access, Allow logon scripts when NetBIOS or WINS is disabled, Maximum wait time for Group Policy scripts, Run Windows PowerShell scripts first at computer startup, shutdown, Run Windows PowerShell scripts first at user logon, logoff, Configure the refresh interval for Server Manager, Do not display Initial Configuration Tasks window automatically at logon, Do not display Server Manager automatically at logon, Turn off automatic termination of applications that block or cancel shutdown, Allow downloading updates to the Disk Failure Prediction Model, Allow Storage Sense Temporary Files cleanup, Configure Storage Sense Cloud Content dehydration threshold, Configure Storage Sense Recycle Bin cleanup threshold, Configure Storage Storage Downloads cleanup threshold, Detect application failures caused by deprecated COM objects, Detect application failures caused by deprecated Windows DLLs, Detect application installers that need to be run as administrator, Detect applications unable to launch installers under UAC, Detect compatibility issues for applications and drivers, Configure Corrupted File Recovery Behavior, Disk Diagnostic: Configure custom alert text, Disk Diagnostic: Configure execution level, Microsoft Support Diagnostic Tool: Configure execution level, Microsoft Support Diagnostic Tool: Restrict tool download, Microsoft Support Diagnostic Tool: Turn on MSDT interactive communication with support provider, Troubleshooting: Allow users to access recommended troubleshooting for known problems, Configure MSI Corrupted File Recovery Behavior, Configure Security Policy for Scripted Diagnostics, Troubleshooting: Allow users to access and run Troubleshooting Wizards, Troubleshooting: Allow users to access online troubleshooting content on Microsoft servers from the Troubleshooting Control Panel (via the Windows Online Troubleshooting Service - WOTS), Diagnostics: Configure scenario execution level, Diagnostics: Configure scenario retention, Configure the level of TPM owner authorization information available to the operating system, Configure the list of blocked TPM commands. Under the Experiences tab, uncheck Persistent bitmap caching and continue connecting. The WDDM graphics display driver for Remote Desktop Connection which is enabled by default in Windows 10 v2004 and above needs to be disabled as it is not supported by the Citrix VDA. Remove Default Programs link from the Start menu. You must restart the VM after enabling the WDDM graphics display driver for the changes to take effect. We can disable WDDM graphics on Remote Desktop connection by modifying group policy on the host PC. You can deploy a GPO to fix this company-wide: Administrative Templates (Computers) > Windows Components > Remote Desktop Service > Remote Desktop Session Host: Disable the setting "Use WDDM graphics display driver for Remote Desktop Connection" Then click on Browse my computer for driver software > Let me pick from a list of device drivers > Microsoft Basic Display Adapter, and click OK button." Share Improve this answer Follow answered Jun 12, 2019 at 22:39 BadKitty 1 Add a comment Hide the TPM Firmware Update recommendation. Step 1: Right-click on the Windows icon and click on the Device Manager. Allow or Disallow use of encryption to protect the RPC protocol messages between File Share Shadow Copy Provider running on application server and File Share Shadow Copy Agent running on the file servers. Use WDDM graphics display driver for Remote Desktop Connections This policy setting lets you enable WDDM graphics display driver for Remote Desktop Connections. Workaround: Set "Use WDDM graphics display driver for Remote Desktop Connections" to Disabled in group policy. - Use WDDM graphics display driver for Remote Desktop Connections Background: PAM was experiencing slowness in opening RDP session for some Windows target device The issue was solved after turn off this group policy for Windows target device side. To do it, open the Local Group Policy Editor (gpedit.msc) and set Use WDDM graphics display driver for Remote Desktop Connections = Disabled in Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Remote Session Environment (or the same in the registry: reg add . Right-click on the adapter and select " Update Driver ". Block launching desktop apps associated with a URI scheme. Location where all default Library definition files for users/machines reside. In the Add Group or User window, change the Permissions to Edit settings, and click OK. Worked for me on three machines. Allow devices compliant with InstantGo or HSTI to opt out of pre-boot PIN. Step-By-Step Guide Step 1. Use the Windows + R key and the dxdiag command, then press Enter to type and then press Enter to open the DirectX Diagnostic Tool. No side affects that I see. Use DNS name resolution when a single-label domain name is used, by appending different registered DNS suffixes, if the AllowSingleLabelDnsDomain setting is not enabled. go to " Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Remote Session Environment " set the following parameters to Enabled Use hardware graphics adapters for all Remote Desktop Services sessions Allow Secure Boot for integrity validation, Choose how BitLocker-protected operating system drives can be recovered, Configure pre-boot recovery message and URL, Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2), Configure TPM platform validation profile for BIOS-based firmware configurations, Configure TPM platform validation profile for native UEFI firmware configurations, Configure use of hardware-based encryption for operating system drives, Configure use of passwords for operating system drives, Disallow standard users from changing the PIN or password, Enable use of BitLocker authentication requiring preboot keyboard input on slates, Enforce drive encryption type on operating system drives, Require additional authentication at startup (Windows Server 2008 and Windows Vista), Require additional authentication at startup, Reset platform validation data after BitLocker recovery, Use enhanced Boot Configuration Data validation profile, Allow access to BitLocker-protected removable data drives from earlier versions of Windows, Choose how BitLocker-protected removable drives can be recovered, Configure use of hardware-based encryption for removable data drives, Configure use of passwords for removable data drives, Configure use of smart cards on removable data drives, Control use of BitLocker on removable drives, Deny write access to removable drives not protected by BitLocker, Enforce drive encryption type on removable data drives, Choose default folder for recovery password, Choose drive encryption method and cipher strength (Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows 10 [Version 1507]), Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later), Choose drive encryption method and cipher strength (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2), Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista), Disable new DMA devices when this computer is locked, Provide the unique identifiers for your organization, Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista), Validate smart card certificate usage rule compliance, Do not display the password reveal button, Enumerate administrator accounts on elevation, Prevent the use of security questions for local accounts, Require trusted path for credential entry, Allow device name to be sent in Windows diagnostic data, Configure Authenticated Proxy usage for the Connected User Experience and Telemetry service, Configure collection of browsing data for Desktop Analytics, Configure Connected User Experiences and Telemetry, Configure diagnostic data upload endpoint for Desktop Analytics.