I have been running Cisco Any Connect 4.4.00243 for some time but recently I have used a Remote Desktop Connection from this PC and following this I cannot connect due to the following error.
" AnyConnect profile settings mandate a single local user, but multiple local users are currently logged into your computer. A VPN connection will not be established."
I have checked in Task Manager and there is only one user logged on.
When I check further in Windows Power Shell with command "get-process | SessionId -unique" I can see another entry which I assume is stored from the RDC.
with command prompt "query session" I also see the entry.
How do I get around this issue
When I have to log into VPN on a host that I normally access via RDP I instead use the VMware remote console (VMRC).
Of course that requires you have access to the ESXi host and that the machine is a VM.
If the VPN is split tunnel you might be able to use some other remote control mechanism like a PC Anywhere, Teamviewer or Webex/Zoom etc. remote control session.
There are two specific settings in the AnyConnect profile that can allow or disallow you to perform what you need:
1. Windows VPN Establishment which can be set to "Local Users Only" or "Allow Remote Users"; assuming you chose the second option, you'll be allowed to use a remote user
2. Windows Logon Enforcement which can be set to "Single Local Logon" or "Single logon"; assuming you choose the second option, you'll be allowed to use a remote user, but none of the options allows multiple logons, which is your problem
There is one fix for this though, by using the AnyConnect Management Tunnel function, which by the name, i guess it was designed for engineer to manage stuff. With this functionality, Windows Logon Enforcement is disabled and Windows VPN Establishment is unconditionally set to "Allow Remote Users". Look in the AnyConnect Configuration Guide for the "Management Tunnel".