realized Posted September 3, 2005 Posted September 3, 2005 What are the steps i need to take to setup a GROUP in my Active Directory Domain, so that any user in this group can REMOTE DESKTOP to any Workstation (XP) machine on the domain.
chilifrei64 Posted September 4, 2005 Posted September 4, 2005 (edited) Here is a Group Policy Administrative Template and Group Policy configuration to enable Remote Desktop and configure Remote Desktop Users on Windows XP Professional workstations. NOTE: This article assumes you know how to apply Group Policies. Copy and Paste this text into notepad Code:CLASS MACHINE CATEGORY "Remote Desktop Configuration" KEYNAME "SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" POLICY !!DENY_CONNECT #if version >= 4 SUPPORTED !!WinXP #endif EXPLAIN !!DENY_CONNECT_EXPLAIN ACTIONLISTON VALUENAME "fDenyTSConnections" VALUE NUMERIC 1 END ACTIONLISTON ACTIONLISTOFF VALUENAME "fDenyTSConnections" VALUE NUMERIC 0 END ACTIONLISTOFF END POLICY End Category [strings] WinXP="At least Windows XP Professional or .NET Server" DENY_CONNECT="Do not allow client connections" DENY_CONNECT_EXPLAIN="Prevents remote desktop connections to the system." Save file to C:\windows\inf as Remote_Desktop_Configuration.adm Open Group Policy Management Navigate to Computer Configuration -> Administrative Templates Right Click on Administrative Templates and select "Add or Remove Templates" Select Add and add "Remote_Desktop_Configuration.adm" and hit open Hit close on the next screen Expand Administrative Templates in Group Policy Management Select Remote_Desktop_Configuration Select "Do Not Allow Client Connections" Delect Disable Now to Select your Remote Desktop Users Still under Group Policy Management, navigate to: Computer Configuration-> Windows Settings-> Security Settings-> Local Policies-> User Rights Assignments-> Allow Log on through Terminal Services. Select your user groups or users which you want to have access to Remote Desktop into the workstations. Hit OK and close out of Group Policy Object Editor Apply this group policy to to the OU for the computers you want to apply this to. Edited September 4, 2005 by chilifrei64
alexanrs Posted September 4, 2005 Posted September 4, 2005 (edited) #if version >= 4 SUPPORTED !!WinXP#endifThe way it is written it seems that the second line, which seem to abort the policy and ask for XP, will be executed in Nt 4 and NT5.0 (2000), NT 5.1 (XP), NT 5.2 (2003) and even Vista (NT 6?)...Shouldn't it look like:#if version <= 4?????Sorry if I'm wrong Edited September 4, 2005 by alexanrs
chilifrei64 Posted September 5, 2005 Posted September 5, 2005 The code is written version>=4 which means if the version is greater than or equal to 4The way you wrote it, it would mean if the version is less than or equal to 4I can see how you might be reading it but the word "version" is an actual variable in the equation
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now