Windows Session Recovery
Use this runbook when a Windows agent locks unexpectedly or automation stops mid-run after a logoff event.
Path: docs/troubleshooting/LIVE_PATCH_LOCK_SCREEN_FIX.md
Why this exists
Mimic uses a guarded MimicSessionWatchdog that recovers locked sessions without killing active MimicRun_* automation tasks.
Guard rule:
- If
LogonUI.exeis detected and noMimicRun_*task is running, watchdog logs off the locked session to trigger auto-logon. - If any
MimicRun_*task is running, watchdog skips logoff and writes a guard event toC:\ProgramData\mimic_unlock.log.
This preserves the RPA-first execution path for long-running deterministic jobs.
Script pack
Use JSON command files in /docs/troubleshooting/live-patch-scripts/ with AWS SSM:
step1_registry.jsonregistry hardeningstep2_dcv.jsonDCV lock/idle settingsstep3a_unlock_script.jsonwrites unlock scriptstep3b_unlock_task.jsonregistersMimicUnlockSessionstep4a_watchdog_script.jsonwrites guarded watchdogstep4b_watchdog_task.jsonregisters and starts guarded watchdogverify.jsonpost-patch verificationdiagnose.jsonpre-patch diagnosticspatch_userdata.ps1all-in-one EC2 User Data fallback
Standard patch flow
- Run
step1_registry.json. - Run
step2_dcv.json. - Run
step3a_unlock_script.json, thenstep3b_unlock_task.json. - Run
step4a_watchdog_script.json, thenstep4b_watchdog_task.json. - Run
verify.json.
Fallback when SSM is broken
If SSM is ConnectionLost and cannot recover, stop the instance and apply /docs/troubleshooting/live-patch-scripts/patch_userdata.ps1 as EC2 User Data (base64-encoded), then start the instance.
Use this only for broken agents where the original bootstrap path is no longer recoverable.
Verification targets
Confirm all of the following:
MimicUnlockSessionexists and isReadyMimicSessionWatchdogexists and isRunning- watchdog script contains
MimicRun_*guard logic - DCV
os-auto-lock=false - no persistent
LogonUI.exewhen the session is healthy