Awesome script, thanks so much for this. I wanted to do this same thing, RDC into my Windows account from a Mac - except I run steam on a non-admin account. I prefer to run as non-admin for regular Windows use for better security, and only switch to admin when really necessary. So I had to make a few tweaks to the script. It's a bit clunkier than amorpheous' method and requires two passwords to be entered when run (an admin password then the non-admin acct password). But it works, so here's what I did.

Because I could not figure out how to execute a PowerShell script directly as a non-admin, I created two files:

FIrst, create a file UnlockScreen.bat with this content:

Second, create a file UnlockScreen.ps1 with this content, but replace YourUserNameHere with, you guessed it, the user name of the non-admin Windows account where you're running Steam.

Now, create a Shortcut link to the first ".bat" file, same as amorpheous' instructions, including setting the attribute for "run as administrator".

When you double-click the shortcut link, you'll get a UAC prompt to enter your admin credentials. Enter the credentials for an admin account on your Windows box. Next, a command line window will open and it will prompt you to enter a password. This time, you enter the password for the non-admin Windows account from which you are running this (and Steam).

Note for PowerShell execution policy I used RemoteSigned rather than unrestricted. You could do the same even with amorpheous' original script. This is just for slightly better security. RemoteSigned still allows local unsigned script execution but scripts downloaded from the internet are required to be signed.

So: this requires an extra file, it hard codes the user account name in the script, and you have to enter two passwords, 1 admin and 1 non-admin when you use it. Hopefully someone else can improve it - I'm no Windows expert. But it will allow you to fix the locked screen problem from a non-admin account.

A big thank-you to amorpheous for this super helpful script that solved my Steam Link pain!

Zileene eredeti hozzászólása:

I use TightVNC on the windows host.
It lets you remote in and unlock the screen like you were at the machine itself from any computer that supports VNC protocol (f.ex. another windows machine with TightVNC, or any *nix-based system).

Works wonders. :)

Have Fun! :D

The point of my script is not to have to install any additional software on the host machine whilst maintaining a secure connection. VNC is not a secure protocol. RDP clients exist for Mac and Linux so you could still remote in from most, if not all, systems.

Punctual Donkey eredeti hozzászólása:

Awesome script, thanks so much for this. I wanted to do this same thing, RDC into my Windows account from a Mac - except I run steam on a non-admin account. I prefer to run as non-admin for regular Windows use for better security, and only switch to admin when really necessary. So I had to make a few tweaks to the script. It's a bit clunkier than amorpheous' method and requires two passwords to be entered when run (an admin password then the non-admin acct password). But it works, so here's what I did.

Because I could not figure out how to execute a PowerShell script directly as a non-admin, I created two files:

FIrst, create a file UnlockScreen.bat with this content:

@ECHO OFF PowerShell.exe -NoProfile -ExecutionPolicy RemoteSigned -Command "& '%~dpn0.ps1'"

Second, create a file UnlockScreen.ps1 with this content, but replace YourUserNameHere with, you guessed it, the user name of the non-admin Windows account where you're running Steam.

$sessionid=((quser YourUserNameHere | select -Skip 1) -split '\s+')[2]; tscon $sessionid /password:* /dest:console

Now, create a Shortcut link to the first ".bat" file, same as amorpheous' instructions, including setting the attribute for "run as administrator".

When you double-click the shortcut link, you'll get a UAC prompt to enter your admin credentials. Enter the credentials for an admin account on your Windows box. Next, a command line window will open and it will prompt you to enter a password. This time, you enter the password for the non-admin Windows account from which you are running this (and Steam).

Note for PowerShell execution policy I used RemoteSigned rather than unrestricted. You could do the same even with amorpheous' original script. This is just for slightly better security. RemoteSigned still allows local unsigned script execution but scripts downloaded from the internet are required to be signed.

So: this requires an extra file, it hard codes the user account name in the script, and you have to enter two passwords, 1 admin and 1 non-admin when you use it. Hopefully someone else can improve it - I'm no Windows expert. But it will allow you to fix the locked screen problem from a non-admin account.

A big thank-you to amorpheous for this super helpful script that solved my Steam Link pain!

Nice work.

I don't remember why I opted for Unrestricted as the execution policy for my script but I do know that the execution policy only affects that session of Powershell. I've run `Get-ExecutionPolicy` in another normal Powershell window and it returned RemoteSigned. However, I'll test the script with RemoteSigned and see if it still works on my machine. If so, I'll amend the script in my original post.

amorpheous eredeti hozzászólása:

The point of my script is not to have to install any additional software on the host machine whilst maintaining a secure connection. VNC is not a secure protocol. RDP clients exist for Mac and Linux so you could still remote in from most, if not all, systems.

So you'd rather have them run a random script from a total stranger on a forum as admin?

You're connecting over LAN to maintain the machine, so I find VNC adequate to run updates and boot/shut down the machine remotely.
If you don't trust your router/firewall to be secure enough for that, then VNC is the least of your problems.

Besides, not all versions of Windows have RDP available, and I don't think everyone's ready to pay more to upgrade for a feature that should be in all versions by default.

I'll stick with TightVNC, thank you.

Any ideas what could I use if my Win10 does not have tscon?

I really would be interested in the psexec method, as it would allow for much easier automation, if I understand things correctly. I've tried doing it but it seems to conflict with UAC on Win 8.1, even turning it off (which was a temporary measure, as I wouldn't want it off).

Zileene eredeti hozzászólása:

So you'd rather have them run a random script from a total stranger on a forum as admin?

Anyone can take the time to read the script and see for themselves what it does. It's not some closed source binary blob where you can't see the code.

You're connecting over LAN to maintain the machine, so I find VNC adequate to run updates and boot/shut down the machine remotely.
If you don't trust your router/firewall to be secure enough for that, then VNC is the least of your problems.

Not everyone lives alone. :) I don't want kids messing around with my machine when I'm remoted in though I'm willing to risk it when I'm using In-Home Streaming.

gorman42 eredeti hozzászólása:

I really would be interested in the psexec method, as it would allow for much easier automation, if I understand things correctly. I've tried doing it but it seems to conflict with UAC on Win 8.1, even turning it off (which was a temporary measure, as I wouldn't want it off).

Unfortunately, I don't have a second Windows machine to test the PsExec method. I don't really have much time to figure it out at the moment either. Hopefully someone else can help out.

suside eredeti hozzászólása:

Any ideas what could I use if my Win10 does not have tscon?

If you're using Windows 10 Home then it doesn't come with RDP. As someone else suggested, VNC seems like the other option.

The problem with VNC is that it doesn't support full automation. There's no way to pass Windows credentials automatically from my HTPC to the server machine.

Since I control everything by remote (using EventGhost), both the VNC and RDP approach are unsatisfactory. VNC forces me to use the keyboard to type in credentials, RDP, well... I'd need to take out the keyboard/mouse to double click on amorpheous shortcut I'll give a look to the Chrome thing...

Edit: I found this LogonExpert product (unfortunately not free, http://www.logonexpert.com/) which does what I need. It has a commandline version, allowing automation through EventGhost from the client, using PSexec. It works just fine... although, clearly... if they did it, Valve could do it as well, with a revenue stream guaranteed from all the business they have with gamers.

If there was a trustable executable that did the same thing, EventGhost could handle it through a server/client configuration, using TCP comands to activate triggers from the client to the server (the machine to be unlocked). With the above, instead, one doesn't need EventGhost installed on the server (not even on the client if you don't want to automate it and you're fine with an icon to click). The nice thing is that it allows for re-locking the server once done.

And now with a Fit Headless adapter I have a fully functional headless solution.
In Win 8.1 I set through Control Panel\Display\Screen Resolution\Multiple displays to "Show desktop only on 1" (which is the real monitor connected to the graphic card). The Fit Headless is seen as monitor 2 and slots in the HDMI port.

Launching Steam Big Picture on the client unlocks the machine (through EventGhost\PSexec\LogonExpert), even with the monitor off it works fine (thanks to the Fit Headless), when I close Steam on the client, the server locks once more (again EventGhost\PSexec\LogonExpert).

Happy. :)

Hi everyone

I have developed a one-click-solution for the streaming logon problem. It bases on a Windows service and TCP request.
- No RDP or other remoting program needed
- No "always auto logon"
- No admin rights needed for gaming account

Features:
- Logon on remote computer by sending a TCP request (no session like RDP).
- I have only developed a Powershell script for sending the request, but it would also work on a Linux and Steam Link.
- Integrated Wake-On-Lan functionality.
- Could be setup as fully automated solution with just powering up your Steam Link.

Unfortunately, it is a bit more complex to setup but once it is done, the usage is easy.

I have made all (service, scripts) open source, so if you are interested check it out on GitHub:
https://github.com/dwettstein/Steam_AutoLogon_Service

I'm open for any improvement suggestions or pull requests on GitHub.

Cheers

DaWee, I think you should open your own discussion. Your works warrants it. Once this is perfected it will solve a real problem for many people, I think.

I replied to you in the other discussion, concerning some questions and doubts.

Gorman42, thanks for your response. I've just open a new discussion about it. See here: http://steamcommunity.com/groups/homestream/discussions/0/405690850608007612/

Sorry for spamming.

amorpheous eredeti hozzászólása:

Anyone can take the time to read the script and see for themselves what it does. It's not some closed source binary blob where you can't see the code.

I don't have the time to learn PowerShell scripting to verify scriptlets.

And TightVNC is open source.

Not everyone lives alone. :) I don't want kids messing around with my machine when I'm remoted in though I'm willing to risk it when I'm using In-Home Streaming.

You can lock the VNC with a password to mitigate the kids-with-admin-access risk.

But, actually, the best solution is to cram Windows in a VM with GPU passthrough, then all those issues become moot. (^_^)