ikevin Posted July 15, 2005 Share Posted July 15, 2005 Hey guys, I am just learning how to write batch files to automatically do commands that I want done with each machine I build for the company I work for.I was wondering, does anyone know a script I can use in a bat file to enable Remote Desktop Users for a windows xp machine and then add two groups to the user list (signicorp\Domain Admins and signicastdomain\Domain Admins)?All I want is those two groups to be added to the Remote Desktop Connection Users list.If you need any more details about what I am looking for a solution to, just reply with what you would like to know.Thank you very much for all your help and support! It is greatly appreciated.Thanks! Link to comment Share on other sites More sharing options...
chilifrei64 Posted July 15, 2005 Share Posted July 15, 2005 (edited) I got part of an answer... I have been looking into this for about a week or so now..This is how I do it..I use a .adm file and import it into my domain group policy to enable Remote Desktop on all my workstations.. Here is the text for the adm file.. CLASS MACHINECATEGORY "Remote Desktop Configuration" KEYNAME "SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" POLICY !!DENY_CONNECT #if version >= 4 SUPPORTED !!WinXP #endif EXPLAIN !!DENY_CONNECT_EXPLAIN ACTIONLISTON VALUENAME "fDenyTSConnections" VALUE NUMERIC 1 END ACTIONLISTON ACTIONLISTOFF VALUENAME "fDenyTSConnections" VALUE NUMERIC 0 END ACTIONLISTOFF END POLICYEnd Category[strings]WinXP="At least Windows XP Professional or .NET Server"DENY_CONNECT="Do not allow client connections"DENY_CONNECT_EXPLAIN="Prevents remote desktop connections to the system."This part works fine.. As for the users... lemme know if you figure it out... I have been looking into a few WMI scripts but I am no programmer and am having little luck with other peoples pre-made scripts. Edited July 15, 2005 by chilifrei64 Link to comment Share on other sites More sharing options...
chilifrei64 Posted July 15, 2005 Share Posted July 15, 2005 Right as I posted I thought of something in my head... In the same group policy... (or another one if you wish) Go to:Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignments -> Select "Allow Log on through Terminal Services" -> add your groupsI just tested it at the client I was trying to get it done for.. Works Great!!Thanks for spuring my thinking process Link to comment Share on other sites More sharing options...
ikevin Posted July 18, 2005 Author Share Posted July 18, 2005 Oh wow! Thanks chilifrei64. That is definatly a big help. Thanks for the answer! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now