How to clear RDP Connection History
The built-in Remote Desktop Connection (RDP) Windows client (mstsc.exe) saves in the system its name (or ip address) and the username under which the login was performed on each successful connection to a remote computer. The next time the RDP client is started, it prompts the user to select one of the connections they have used before. The user can select a remote RDP/RDS server name from the list, and the client automatically substitutes the username previously used to log in.
This is convenient from the end user's point of view, but not secure. Especially when you are connecting to your RDP server from a public or untrusted computer.
Information about all RDP sessions is stored individually for each computer user in the registry, i.e. a normal user (non-administrator) will not be able to view another user's remote connection history.
Deleting the RDP connection log from the system registry
The information of all RDP connections of each user is stored in the registry. Which can be easily viewed. It will not work to remove the computer(s) from the list of RDP connection history using regular Windows tools. You will have to manually delete the settings from the system registry.- Open the registry editor regedit.exe and navigate to the HKEY _ CURRENT _ USER \ Software \ Microsoft \ Terminal Server Client branch ;
2.Inside this section, we are interested in two branches: Default (stores the history of the last 9 RDP connections) and Servers (contains a list of all RDP servers and usernames previously used to log in);
5 - You will need to clear the server branch to clear the username and rdp connection history. Because it will not work to select all nested branches, the easiest way is to delete the entire Servers branch, and then recreate it manually;
6 - In addition to deleting the following criteria registry branches, you must also delete the default rdp connection file. . This file stores information about the most recent RDP connection. The file is hidden and is located in the Documents directory
7 - Windows also stores RDP connection history in jump lists. If you type mstsc in Windows Search, a list of recently used RDP connections will appear.. You can turn off fast navigation history using the dword registry entry Start _ TrackDocs in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced , or you can clear the Resent Items lists by deleting the files in the %AppData%\Microsoft\Windows\Recent\AutomaticDestination
Note - The described method for clearing the Remote Desktop Connection history is applicable to all desktop versions (from Windows XP to Windows 10) and for Windows Server server platforms.
-----------------------------------------------------------------------------------------
Script for clearing the history (logs) of RDP connections
Above, we showed you how to manually clear the RDP connection history on Windows. However, doing this manually (especially on multiple computers) is very time-consuming a task. Therefore, to make things even easier we will create a small script (bat-file) that will allow you to automatically clear the history of remote desktop connections.
To automate the cleaning of the RDP history, this script can be placed at startup, or distributed to users' computers using the Group Policy script logo.
@echo off
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default" /va /f
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Servers" /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Servers"
attrib -s -h %userprofile%\documents\Default.rdp
del %userprofile%\documents\Default.rdp
del /f /s /q /a %AppData%\Microsoft\Windows\Recent\AutomaticDestinations
Let's analyze all the commands of the script one by one:
1 - Disabled output of information to the console;
2 - Deleting all parameters in the HKCU\Software\Microsoft\Terminal Server Client\Default branch (clearing the list of the last 10 RDP connections);
3 - Deleting the HKCU\Software\Microsoft\Terminal Server Client\Servers branch along with nested elements (clearing the list of all RDP connections and saved usernames);
4 - Recreate the Servers registry branch;
5 - Remove the Hidden and System attributes from the default.rdp file in the current user's profile directory;
6 - Removing the default.rdp file;
7 - Clearing Recent Items.
You can download the finished script here -
Alternatively, you can clear the RDP connection history with the following PowerShell script:
Get-ChildItem "HKCU:\Software\Microsoft\Terminal Server Client" -Recurse | Remove-ItemProperty -Name UsernameHint -Ea 0
Remove-Item -Path 'HKCU:\Software\Microsoft\Terminal Server Client\servers' -Recurse 2>&1 | Out-Null
Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Terminal Server Client\Default' 'MR*' 2>&1 | Out-Null
$docsfoldes = [environment]::getfolderpath("mydocuments") + '\Default.rdp'
remove-item $docsfoldes -Force 2>&1 | Out-Null
Note . By the way, the RDC log cleaning function is built into many system and registry cleaners, such as CCCleaner, etc.