use wddm graphics display driver for remote desktop connections

Configure the system to use legacy Dictionary Attack Prevention Parameters setting for TPM 2.0. The WDDM graphics display driver for Remote Desktop Connection which is enabled by default in Windows 10 v2004 and above needs to be disabled as it is not supported by the Citrix VDA. Fix: Desktop Window Manager High CPU Usage 'dwm.exe' - Appuals XP Display Driver Model (XPDM or XDDM): XPDM drivers supply a user interface that visually resembles the Windows XP*/2000* user . Use hardware graphics adapters for all Remote Desktop Services sessions But give thanks to Carlieo. Why do I get black boxes when I use remote desktop? - Masiero The six solutions for the errors are presented in the following content, select the proper ones. To solve "Your Remote Desktop Service session has ended. Background Intelligent Transfer Service (BITS), Microsoft Peer-to-Peer Networking Services, Windows Resource Exhaustion Detection and Resolution, Windows Standby/Resume Performance Diagnostics, Windows System Responsiveness Performance Diagnostics, Periodic check for updates to Internet Explorer and Internet Tools, Microsoft Secondary Authentication Factor, Windows Customer Experience Improvement Program, Resultant Set of Policy snap-in extensions, Search in Group Policy Administrative Templates, Force a specific background and accent color, Force a specific default lock screen and logon image, Prevent changing lock screen and logon image, Allow users to enable online speech recognition services, Force selected system UI language to overwrite the user UI language, Restricts the UI language Windows uses for all logged users, Apply the default user logon picture to all users, Do not allow the BITS client to use Windows Branch Cache, Do not allow the computer to act as a BITS Peercaching client, Do not allow the computer to act as a BITS Peercaching server, Limit the age of files in the BITS Peercache, Limit the maximum network bandwidth for BITS background transfers, Limit the maximum network bandwidth used for Peercaching, Limit the maximum number of BITS jobs for each user, Limit the maximum number of BITS jobs for this computer, Limit the maximum number of files allowed in a BITS job, Limit the maximum number of ranges that can be added to the file in a BITS job, Set default download behavior for BITS jobs on costed networks, Set up a maintenance schedule to limit the maximum network bandwidth used for BITS background transfers, Set up a work schedule to limit the maximum network bandwidth used for BITS background transfers, Configure Client BranchCache Version Support, Enable Automatic Hosted Cache Discovery by Service Connection Point, Set percentage of disk space used for client computer cache, Allow DNS suffix appending to unqualified multi-label name queries, Allow NetBT queries for fully qualified domain names, Prefer link local responses over DNS when received over a network with higher precedence, Register DNS records with connection-specific DNS suffix, Turn off smart multi-homed name resolution, Handle Caching on Continuous Availability Shares, Offline Files Availability on Continuous Availability Shares, Disable password strength validation for Peer Grouping, Turn off Microsoft Peer-to-Peer Networking Services, Windows Defender Firewall: Allow ICMP exceptions, Windows Defender Firewall: Allow inbound file and printer sharing exception, Windows Defender Firewall: Allow inbound remote administration exception, Windows Defender Firewall: Allow inbound Remote Desktop exceptions, Windows Defender Firewall: Allow inbound UPnP framework exceptions, Windows Defender Firewall: Allow local port exceptions, Windows Defender Firewall: Allow local program exceptions, Windows Defender Firewall: Define inbound port exceptions, Windows Defender Firewall: Define inbound program exceptions, Windows Defender Firewall: Do not allow exceptions, Windows Defender Firewall: Prohibit notifications, Windows Defender Firewall: Prohibit unicast response to multicast or broadcast requests, Windows Defender Firewall: Protect all network connections, Windows Defender Firewall: Allow authenticated IPsec bypass, Do not show the "local access only" network icon, Prohibit installation and configuration of Network Bridge on your DNS domain network, Prohibit use of Internet Connection Firewall on your DNS domain network, Prohibit use of Internet Connection Sharing on your DNS domain network, Require domain users to elevate when setting a network's location, Route all traffic through the internal network, Specify domain location determination URL, Domains categorized as both work and personal, Enterprise resource domains hosted in the cloud, Allow or Disallow use of the Offline Files feature, At logoff, delete local copy of user's offline files, Enable file synchronization on costed networks, Prohibit user configuration of Offline Files, Remove "Make Available Offline" for these files and folders, Specify administratively assigned Offline Files, Synchronize all offline files before logging off, Synchronize all offline files when logging on, Turn on economical application of administratively assigned Offline Files, Set IP Stateless Autoconfiguration Limits State, Disable power management in connected standby mode, Enable Windows to soft-disconnect a computer from a network, Minimize the number of simultaneous connections to the Internet or a Windows Domain, Prohibit connection to non-domain networks when connected to domain authenticated network, Prohibit connection to roaming Mobile Broadband networks, Configuration of wireless settings using Windows Connect Now, Prohibit access of the Windows Connect Now wizards, Allow Windows to automatically connect to suggested open hotspots, to networks shared by contacts, and to hotspots offering paid services, Set Per-App Cellular Access UI Visibility, Sets how often a DFS Client discovers DC's, Add Printer wizard - Network scan page (Managed network), Add Printer wizard - Network scan page (Unmanaged network), Allow Print Spooler to accept client connections, Always rasterize content to be printed using a software rasterizer, Automatically publish new printers in Active Directory, Change Microsoft XPS Document Writer (MXDW) default output format to the legacy Microsoft XPS format (*.xps), Custom support URL in the Printers folder's left pane, Disallow installation of printers using kernel-mode drivers, Do not allow v4 printer drivers to show printer extensions, Enable Device Control Printing Restrictions, Execute print drivers in isolated processes, Extend Point and Print connection to search Windows Update, Limits print driver installation to Administrators, List of Approved USB-connected print devices, Override print driver execution compatibility setting reported by print driver, Package Point and print - Approved servers, Pre-populate printer search location text, Prune printers that are not automatically republished, Remove "Recently added" list from Start Menu, Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands, Customize message for Access Denied errors, Enable access-denied assistance on client for all file types, Microsoft Customer Experience Improvement Program (CEIP), Enable automatic cleanup of unused appv packages, Enable background sync to server when on battery power, Allow First Time Application Launches if on a High Cost Windows 8 Metered Connection, Specify what to load in background (aka AutoLoad), Include command line in process creation events, Allow delegating default credentials with NTLM-only server authentication, Allow delegating fresh credentials with NTLM-only server authentication, Allow delegating saved credentials with NTLM-only server authentication, Remote host allows delegation of non-exportable credentials, Restrict delegation of credentials to remote servers, Deploy Windows Defender Application Control, Enable Device Health Attestation Monitoring and Reporting, Allow administrators to override Device Installation Restriction policies, Allow installation of devices that match any of these device IDs, Allow installation of devices that match any of these device instance IDs, Allow installation of devices using drivers that match these device setup classes, Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria, Display a custom message title when device installation is prevented by a policy setting, Display a custom message when installation is prevented by a policy setting, Prevent installation of devices not described by other policy settings, Prevent installation of devices that match any of these device IDs, Prevent installation of devices that match any of these device instance IDs, Prevent installation of devices using drivers that match these device setup classes, Prevent installation of removable devices, Time (in seconds) to force reboot when required for policy changes to take effect, Allow remote access to the Plug and Play interface, Do not send a Windows error report when a generic driver is installed on a device, Prevent creation of a system restore point during device activity that would normally prompt creation of a restore point, Prevent device metadata retrieval from the Internet, Prevent Windows from sending an error report when a device driver requests additional software during installation, Prioritize all digitally signed drivers equally during the driver ranking and selection process, Specify search order for device driver source locations, Specify the search server for device driver updates, Turn off "Found New Hardware" balloons during device installation, Prevent redirection of devices that match any of these device Ids, Log event when quota warning level exceeded, Configure Per-Process System DPI settings, Allow local activation security check exemptions, Define Activation Security Check exemptions, Allow non-administrators to install drivers for these device setup classes, Turn off Windows Update device driver search prompt, Allow only USB root hub connected Enhanced Storage devices, Configure list of Enhanced Storage devices usable on your computer, Configure list of IEEE 1667 silos usable on your computer, Do not allow non-Enhanced Storage removable devices, Do not allow password authentication of Enhanced Storage devices, Do not allow Windows to activate Enhanced Storage devices, Lock Enhanced Storage when the computer is locked, File Classification Infrastructure: Display Classification tab in File Explorer, File Classification Infrastructure: Specify classification properties list, Configure maximum age of file server shadow copies. Simple fix! Remove Default Programs link from the Start menu. In Windows 10 v1903 and later, there is a bug in the WDDM (Windows Display Driver Model) that prevents remote desktop sessions from connecting multiple times. If you have an RDP shortcut you use right click it and select edit, other wise when you open RDP click show options in the bottom left. Do not turn off system power after a Windows system shutdown has occurred. Do not allow pinning programs to the Taskbar, Do not allow pinning Store app to the Taskbar, Do not allow taskbars on more than one display, Do not display any custom toolbars in the taskbar, Do not display or track items in Jump Lists from remote locations, Do not keep history of recently opened documents, Do not search programs and Control Panel items, Do not use the search-based method when resolving shell shortcuts, Do not use the tracking-based method when resolving shell shortcuts, Force Start to be either full screen size or menu size, Go to the desktop instead of Start when signing in, Gray unavailable Windows Installer programs Start Menu shortcuts, Prevent changes to Taskbar and Start Menu Settings, Prevent users from adding or removing toolbars, Prevent users from customizing their Start Screen, Prevent users from moving taskbar to another screen dock location, Prevent users from uninstalling applications from Start, Remove access to the context menus for the taskbar, Remove All Programs list from the Start menu, Remove Clock from the system notification area, Remove common program groups from Start Menu. Show message when opening sites in Microsoft Edge using Enterprise Mode, Specify use of ActiveX Installer Service for installation of ActiveX controls, Turn off ability to pin sites in Internet Explorer on the desktop, Turn off add-on performance notifications, Turn off configuration of pop-up windows in tabbed browsing, Turn off Managing SmartScreen Filter for Internet Explorer 8, Turn off suggestions for all user-installed providers, Turn off the auto-complete feature for web addresses, Turn off the Security Settings Check feature, Automatic Maintenance Activation Boundary, Turn off Automatic Download and Update of Map Data, Turn off unsolicited network traffic on the Offline Maps settings page, Enable automatic MDM enrollment using default Azure AD credentials, Block all consumer Microsoft account user authentication, Display additional text to clients when they need to perform an action, Configure local setting override for reporting to Microsoft MAPS, Configure the 'Block at First Sight' feature, Send file samples when further analysis is required, Exclude files and paths from Attack Surface Reduction Rules, Prevent users and apps from accessing dangerous websites, Define the rate of detection events for logging, Specify additional definition sets for network traffic inspection, Configure local setting override for the removal of items from Quarantine folder, Configure removal of items from Quarantine folder, Configure local setting override for monitoring file and program activity on your computer, Configure local setting override for monitoring for incoming and outgoing file activity, Configure local setting override for scanning all downloaded files and attachments, Configure local setting override for turn on behavior monitoring, Configure local setting override to turn off Intrusion Prevention System, Configure local setting override to turn on real-time protection, Configure monitoring for incoming and outgoing file and program activity, Define the maximum size of downloaded files and attachments to be scanned, Monitor file and program activity on your computer, Scan all downloaded files and attachments, Turn on network protection against exploits of known vulnerabilities, Turn on process scanning whenever real-time protection is enabled, Configure local setting override for the time of day to run a scheduled full scan to complete remediation, Specify the day of the week to run a scheduled full scan to complete remediation, Specify the time of day to run a scheduled full scan to complete remediation, Configure time out for detections in critically failed state, Configure time out for detections in non-critical failed state, Configure time out for detections in recently remediated state, Configure time out for detections requiring additional action, Configure Windows software trace preprocessor components, Check for the latest virus and spyware security intelligence before running a scheduled scan, Configure local setting override for maximum percentage of CPU utilization, Configure local setting override for scheduled quick scan time, Configure local setting override for scheduled scan time, Configure local setting override for schedule scan day, Configure local setting override for the scan type to use for a scheduled scan, Configure low CPU priority for scheduled scans, Define the number of days after which a catch-up scan is forced, Specify the day of the week to run a scheduled scan, Specify the interval to run quick scans per day, Specify the maximum depth to scan archive files, Specify the maximum percentage of CPU utilization during a scan, Specify the maximum size of archive files to be scanned, Specify the scan type to use for a scheduled scan, Specify the time of day to run a scheduled scan, Start the scheduled scan only when computer is on but not in use, Turn on removal of items from scan history folder, Allow notifications to disable security intelligence based reports to Microsoft MAPS, Allow real-time security intelligence updates based on reports to Microsoft MAPS, Allow security intelligence updates from Microsoft Update, Allow security intelligence updates when running on battery power, Check for the latest virus and spyware security intelligence on startup, Define file shares for downloading security intelligence updates. use wddm graphics display driver for remote desktop connections Configure Microsoft Defender Application Guard clipboard settings, Configure Microsoft Defender Application Guard print settings, Prevent enterprise websites from loading non-enterprise content in Microsoft Edge and Internet Explorer, Turn on Microsoft Defender Application Guard in Managed Mode, Use a common set of exploit protection settings, Allow Address bar drop-down list suggestions, Allow configuration updates for the Books Library, Allow extended telemetry for the Books tab, Allow Microsoft Edge to pre-launch at Windows startup, when the system is idle, and each time Microsoft Edge is closed, Allow Microsoft Edge to start and load the Start and New Tab page at Windows startup and each time Microsoft Edge is closed, Always show the Books Library in Microsoft Edge, Configure search suggestions in Address bar, Configure the Adobe Flash Click-to-Run setting. Sorry, the version of OpenGL is too low, please upgrade the graphics driver Enable the WDDM graphics display driver for Remote Desktop Connections Restart the VM The first step in this process is to deploy a high GPU VM Windows 10 Multi-session instance with the correct graphics cards selected (instance selected).

use wddm graphics display driver for remote desktop connections 2023