Tacobell2000
asked on
enable remote desktop using group policy
Helllo,
We are a small company of 50 computers running Windows XP sp1 and 4 Windows 2000 sp4 servers. I would like to log on to individual computers from home using remote desktop. VPN is created and works like a charm. I am able to log on to my servers from anywhere in the world.
I would like to configure all Windows XP machines with remote desktop enabled. Is there a way to configure a group policy using active directory that will enable me to do this?
Many thanks,
Tacobell2000
We are a small company of 50 computers running Windows XP sp1 and 4 Windows 2000 sp4 servers. I would like to log on to individual computers from home using remote desktop. VPN is created and works like a charm. I am able to log on to my servers from anywhere in the world.
I would like to configure all Windows XP machines with remote desktop enabled. Is there a way to configure a group policy using active directory that will enable me to do this?
Many thanks,
Tacobell2000
ASKER
Hello and thanks for the reply. I found no such policy under computerconfiguration>Wind ows-Settin gs>local policies>assign of userrights>"Allow to logon via Terminalservices . I am running Windows 2000 sp4.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I just got lucky. I was looking for the answer to this same question, and came across this post. Thirty minutes later, while still goofing around trying to solve this I think I did it. Unfortunately it doesn't enable all machines via a policy, but this will allow you to enable one XP Pro machine at a time:
- Logon as a domain administator, via Terminal Services, to a domain member machine, such as Windows 2000 Server.
- Open "Regedit" and select "Connect Network Registry..." from the "File" menu.
- Enter the name of the WinXP machine you want to connect to and click OK.
- Navigate to the "HKLM\SYSTEM\CCS\Control\T erminal Services" key.
- Change the "fDenyTSConnections" value to 1 (enabled).
The change is effective immediately and you can now TS to that XP machine.
- Logon as a domain administator, via Terminal Services, to a domain member machine, such as Windows 2000 Server.
- Open "Regedit" and select "Connect Network Registry..." from the "File" menu.
- Enter the name of the WinXP machine you want to connect to and click OK.
- Navigate to the "HKLM\SYSTEM\CCS\Control\T
- Change the "fDenyTSConnections" value to 1 (enabled).
The change is effective immediately and you can now TS to that XP machine.
Doh! I think I got the "value" backwords, you need to change the value to 0 (enabled), not 1 (which is really "disabled").
Add here your admin, group, etc.