In the Use WDDM graphics display driver for Remote Desktop Connections dialog, select Disabled. In Windows 10 v1903 and later, there is a bug in the WDDM (Windows Display Driver Model) that prevents remote desktop sessions from connecting multiple times. You must restart the VM after enabling the WDDM graphics display driver for the changes to take effect. blank windows. Set a default associations configuration file, Start File Explorer with ribbon minimized, Turn off Data Execution Prevention for Explorer, Turn off numerical sorting in File Explorer, Verify old and new Folder Redirection targets point to the same share before redirecting, Turn off tracking of last play time of games in the Games folder, Prevent the computer from joining a homegroup, Restrict Accelerators to those deployed through Group Policy, Bypass prompting for Clipboard access for scripts running in any process, Bypass prompting for Clipboard access for scripts running in the Internet Explorer process, Define applications and processes that can access the Clipboard without prompting, Turn off the ability to launch report site problems using a menu option, Include updated website lists from Microsoft, Turn on Internet Explorer 7 Standards Mode, Turn on Internet Explorer Standards Mode for local intranet, Use Policy List of Internet Explorer 7 sites, Prevent specifying the code download path for each computer, Prevent access to Delete Browsing History, Prevent deleting ActiveX Filtering, Tracking Protection, and Do Not Track data, Prevent deleting InPrivate Filtering data, Prevent deleting temporary Internet files, Prevent deleting websites that the user has visited, Prevent the deletion of temporary Internet files and cookies, Allow active content from CDs to run on user machines, Allow Install On Demand (except Internet Explorer), Allow Install On Demand (Internet Explorer), Allow Internet Explorer to use the HTTP2 network protocol, Allow Internet Explorer to use the SPDY/3 network protocol, Allow software to run or install even if the signature is invalid, Automatically check for Internet Explorer updates, Check for signatures on downloaded programs, Do not allow ActiveX controls to run in Protected Mode when Enhanced Protected Mode is enabled, Do not allow resetting Internet Explorer settings, Empty Temporary Internet Files folder when browser is closed, Turn off loading websites and content in the background to optimize performance, Turn off sending UTF-8 query strings for URLs, Turn off the flip ahead with page prediction feature, Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows, Allow websites to store application caches on client computers, Allow websites to store indexed databases on client computers, Set application caches expiration time limit for individual domains, Set application cache storage limits for individual domains, Set indexed database storage limits for individual domains, Set maximum application cache individual resource size, Set maximum application cache resource list size, Set maximum application caches storage limit for all domains, Set maximum indexed database storage limit for all domains, Start Internet Explorer with tabs from last browsing session, Allow active content over restricted protocols to access my computer, Allow cut, copy or paste operations from the clipboard via script, Allow drag and drop or copy and paste files, Allow loading of XAML Browser Applications, Allow only approved domains to use ActiveX controls without prompt, Allow only approved domains to use the TDC ActiveX control, Allow OpenSearch queries in File Explorer, Allow previewing and custom thumbnails of OpenSearch query results in File Explorer, Allow script-initiated windows without size or position constraints, Allow scripting of Internet Explorer WebBrowser controls, Allow VBScript to run in Internet Explorer, Allow video and animation on a webpage that uses an older media player, Allow websites to open windows without status bar or Address bar, Allow websites to prompt for information by using scripted windows, Don't run antimalware programs against ActiveX controls. Allow Secure Boot for integrity validation, Choose how BitLocker-protected operating system drives can be recovered, Configure pre-boot recovery message and URL, Configure TPM platform validation profile (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2), Configure TPM platform validation profile for BIOS-based firmware configurations, Configure TPM platform validation profile for native UEFI firmware configurations, Configure use of hardware-based encryption for operating system drives, Configure use of passwords for operating system drives, Disallow standard users from changing the PIN or password, Enable use of BitLocker authentication requiring preboot keyboard input on slates, Enforce drive encryption type on operating system drives, Require additional authentication at startup (Windows Server 2008 and Windows Vista), Require additional authentication at startup, Reset platform validation data after BitLocker recovery, Use enhanced Boot Configuration Data validation profile, Allow access to BitLocker-protected removable data drives from earlier versions of Windows, Choose how BitLocker-protected removable drives can be recovered, Configure use of hardware-based encryption for removable data drives, Configure use of passwords for removable data drives, Configure use of smart cards on removable data drives, Control use of BitLocker on removable drives, Deny write access to removable drives not protected by BitLocker, Enforce drive encryption type on removable data drives, Choose default folder for recovery password, Choose drive encryption method and cipher strength (Windows 8, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, Windows 10 [Version 1507]), Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later), Choose drive encryption method and cipher strength (Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2), Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista), Disable new DMA devices when this computer is locked, Provide the unique identifiers for your organization, Store BitLocker recovery information in Active Directory Domain Services (Windows Server 2008 and Windows Vista), Validate smart card certificate usage rule compliance, Do not display the password reveal button, Enumerate administrator accounts on elevation, Prevent the use of security questions for local accounts, Require trusted path for credential entry, Allow device name to be sent in Windows diagnostic data, Configure Authenticated Proxy usage for the Connected User Experience and Telemetry service, Configure collection of browsing data for Desktop Analytics, Configure Connected User Experiences and Telemetry, Configure diagnostic data upload endpoint for Desktop Analytics. The black screen issue has to do with a new RDP display driver (WDDM) used in 1903. The Windows Display Driver Model (WDDM) requires that a graphics hardware vendor supply a paired user-mode display driver and kernel-mode display driver (or display miniport driver ). To solve "Your Remote Desktop Service session has ended. Spice (1) flag Report. In the window that opens, select Disabled, and hit OK. Update configuration of group policies to apply new settings with the command: gpupdate /force. Have a question about this project? You are right - when I set the GPO "Use WDDM graphics display driver for Remote Desktop Connections -> Disable" it does fix the CPU issue and the freezing issue. This policy setting lets you enable WDDM graphics display driver for Remote Desktop Connections. Step 2: Expand the Display adapters and right-click on the built-in graphics device. Save or just connect, but now you should utilize all your monitors. Configure additional sources for untrusted files in Windows Defender Application Guard. For this change to take effect, you must restart Windows. Block launching desktop apps associated with a file. Disable binding directly to IPropertySetStorage without intermediate layers. Use WDDM graphics display driver for Remote Desktop Connections This policy setting lets you enable WDDM graphics display driver for Remote Desktop Connections. [Computer Configuration->Policies->Windows Settings->Administrative Templates->Windows Components->Remote Desktop Services->Remote Desktop Session Host->Remote Session Environment], set the Policy [Use WDDM graphics display driver for Remote Desktop Connections] to Disabled. Always prompt for password upon connection; Do not allow local administrators to customize permissions WDDM 1.2 compatible driver . On the left, click the Citrix VDA Non-Admin Users GPO to highlight it. Use DNS name resolution when a single-label domain name is used, by appending different registered DNS suffixes, if the AllowSingleLabelDnsDomain setting is not enabled. To create these display drivers, perform the following steps: Step 1: Learn about Windows architecture and drivers. Block launching Universal Windows apps with Windows Runtime API access from hosted content. If you have Windows 10 Pro, run gpedit.msc and navigate to the following: Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Remote Session Environment Set the Use WDDM graphics display driver for Remote Desktop Connections policy to Disabled Disable the built-in graphics card will force the system to use a single card. Share Improve this answer Follow answered Oct 4, 2019 at 16:32 When using Windows Remote Desktop Connection, some users may have encountered an issue where Vic-3D 9 has a program failure when importing or viewing images in a project file. . Do not allow compression on all NTFS volumes, Do not allow encryption on all NTFS volumes, Disable delete notifications on all volumes, Selectively allow the evaluation of a symbolic link, Redirect folders on primary computers only, Use localized subfolder names when redirecting Start Menu and My Documents, Configure Applications preference logging and tracing, Configure Data Sources preference logging and tracing, Configure Devices preference logging and tracing, Configure Drive Maps preference logging and tracing, Configure Environment preference logging and tracing, Configure Files preference logging and tracing, Configure Folder Options preference logging and tracing, Configure Folders preference logging and tracing, Configure Ini Files preference logging and tracing, Configure Internet Settings preference logging and tracing, Configure Local Users and Groups preference logging and tracing, Configure Network Options preference logging and tracing, Configure Network Shares preference logging and tracing, Configure Power Options preference logging and tracing, Configure Printers preference logging and tracing, Configure Regional Options preference logging and tracing, Configure Registry preference logging and tracing, Configure Scheduled Tasks preference logging and tracing, Configure Services preference logging and tracing, Configure Shortcuts preference logging and tracing, Configure Start Menu preference logging and tracing, Allow asynchronous user Group Policy processing when logging on through Remote Desktop Services, Allow cross-forest user policy and roaming user profiles, Always use local ADM files for Group Policy Object Editor. The six solutions for the errors are presented in the following content, select the proper ones. Remove Default Programs link from the Start menu. In the Windows search box, type gpedit.msc, and press Enter. Disable WDDM graphics driver. Double-click Use WDDM graphics display driver for Remote Desktop Connections (available for Windows 10 version 1903 and newer Windows versions). Go to Use WDDM graphics display driver for Remote Desktop Connections, double-click it and choose Disabled . Click Display Make sure "Use all my monitory for the remote session" is checked. Step-By-Step Guide Step 1. Register domain joined computers as devices, Configure the server address, refresh interval, and issuer certificate authority of a target Subscription Manager, Control Event Log behavior when the log file reaches its maximum size, Events.asp program command line parameters, Hide previous versions list for local files, Hide previous versions list for remote files, Hide previous versions of files on backup location, Prevent restoring local previous versions, Prevent restoring previous versions from backups, Prevent restoring remote previous versions, Allow the use of remote paths in file shortcut icons. By typing gpedit.msc in the Start menu or Run box (Win+R) Browse to: Local Computer Policy\Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment Find the item "Use WDDM graphics display driver for Remote Desktop Connections" and disable it. Do not prompt for client certificate selection when no certificates or only one certificate exists. For this, double the option, select ' Disable '. (I don't remember the exact error message.) On the VM RDP connections are going to: Local Group Policy Editor (Phys svr is not part of a domain) ->Local Computer Policy -> Computer Configuration -> Administrative Templates -> All Settings -> Use WDDM graphics display driver for Remote Desktop Connections -> Disabled Reboot VM . set the policy "Use WDDM graphics display driver for Remote Desktop Connections" to DISABLED. XP Display Driver Model (XPDM or XDDM): XPDM drivers supply a user interface that visually resembles the Windows XP*/2000* user . Allow devices compliant with InstantGo or HSTI to opt out of pre-boot PIN. content, Turn off Help and Support Center Microsoft Knowledge Base search, Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com, Turn off Internet download for Web publishing and online ordering wizards, Turn off Internet File Association service, Turn off Registration if URL connection is referring to Microsoft.com, Turn off Search Companion content file updates, Turn off the "Publish to Web" task for files and folders, Turn off the Windows Messenger Customer Experience Improvement Program, Turn off Windows Customer Experience Improvement Program, Turn off Windows Network Connectivity Status Indicator active tests, Turn off Windows Update device driver searching, Do not allow changes to initiator iqn name, Do not allow changes to initiator CHAP secret, Do not allow sessions without mutual CHAP, Do not allow sessions without one way CHAP, Do not allow adding new targets via manual configuration, Do not allow manual configuration of discovered targets, Do not allow manual configuration of iSNS servers, Do not allow manual configuration of target portals, KDC support for claims, compound authentication and Kerberos armoring, KDC support for PKInit Freshness Extension, Provide information about previous logons to client computers, Allow retrieving the cloud kerberos ticket during the logon, Always send compound authentication first, Define host name-to-Kerberos realm mappings, Define interoperable Kerberos V5 realm settings, Disable revocation checking for the SSL certificate of KDC proxy servers, Fail authentication requests when Kerberos armoring is not available, Kerberos client support for claims, compound authentication and Kerberos armoring, Require strict target SPN match on remote procedure calls, Set maximum Kerberos SSPI context token buffer size, Specify KDC proxy servers for Kerberos clients, Support device authentication using certificate, Enumeration policy for external devices incompatible with Kernel DMA Protection, Disallow copying of user input methods to the system account for sign-in, Disallow user override of locale settings, Allow users to select when a password is required when resuming from connected standby, Always wait for the network at computer startup and logon, Block user from showing account details on sign-in, Do not display the Getting Started welcome screen at logon, Do not enumerate connected users on domain-joined computers, Enumerate local users on domain-joined computers, Hide entry points for Fast User Switching, Turn off app notifications on the lock screen, Do not process incoming mailslot messages used for domain controller location based on NetBIOS domain names, Do not use NetBIOS-based discovery for domain controller location when DNS-based discovery fails, Set Priority in the DC Locator DNS SRV records, Set Weight in the DC Locator DNS SRV records, Specify address lookup behavior for DC locator ping, Specify DC Locator DNS records not registered by the DCs, Specify dynamic registration of the DC Locator DNS Records, Specify Refresh Interval of the DC Locator DNS records, Specify sites covered by the application directory partition DC Locator DNS SRV records, Specify sites covered by the DC Locator DNS SRV records, Specify sites covered by the GC Locator DNS SRV Records, Use automated site coverage by the DC Locator DNS SRV Records.