Win7 / Win10 RDP InitialProgram location not checked

    General discussion

  • When configuring a program to run when an RDP connection is established (via Group Policy on Win7 and Win10), the specified program gets stored in the following registry keys (for the 'Computer Configuration' and 'User Configuration' respectively):

    HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Terminal Services\InitialProgram

    HKEY_USERS\<user SID>\Software\Policies\Microsoft\Windows NT\Terminal Services\InitialProgram

    It looks like Autoruns checks InitialProgram in HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp, but doesn't check the InitialProgram values in the locations indicated above.

    Also, I wonder whether the corresponding keys in the Wow6432Node redirection equivalent should be checked for these?

    • Edited by lasereyes Wednesday, June 5, 2019 5:17 PM formatting issues
    Wednesday, June 5, 2019 5:17 PM

All replies