Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Need To Access All Clients On Network From My XP Pro Box

Posted on 2003-12-03
Medium Priority
Last Modified: 2013-12-04
At the risk of sounding like a "total" noob, I am going to be administering another department in our office. I need to set up all the clients so I can access them from my computer with various software to make sure the employees are doing what they are supposed to be doing and nothing else.

The clients are Windows XP Pro and a few Win 98 (mine is XP Pro). I don't want to reinstall the Op Sys on any of them. I need to set them up so when I do a probe or try and monitor their pc I have the access I need. Most of the time I get an "Access Denied" message, no matter what software I am using, and I need this to stop.

It would seem that I need to create another user account on all of the clients that is for Administrator but my reasoning tells me this won't work because they will be logged in under a different User name than the one I am trying to get in with. Is this correct or not?  Some of them have a User name that is the "default" Administrator account that has been renamed to their user name.

BTW I have the correct administrator rights on the server Win2kAdv Serv. I don't know as much as I should about Win2k Server to be able to run scripts when clients log on and I know some of this can probably be done in that way.

What can I do to make this work correctly the first time I set this up and remain in place?


Question by:elixxer
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2

Expert Comment

ID: 9879898
For the 98 boxes, I don't have a good suggestion. Win98 is not good at this type of thing.
For XP, we are in luck. Are all XP boxes part of your Windows domain. where you have "correct administrator rights on the server Win2kAdv Server"? So, are you a Domain Admin in your Domain? If so, then your user account would have permissions to do things like read the Event Viewer logs of the user XP machines.
That is, providing there are no firewall or router ACLs preventing connectivity between you and the other workstations.
If you are not a Domain Admin member, you could be a member of the Server Operators group, and members of that group can do things on a SERVER but not have the same permissions on a user Workstation.
I bet you aren't a Domain Admin, so that is why your probes against the user workstations are failing. And I bet you do have Server rights, but those do not necessarily translate into Workstation rights.
So, yes, you COULD have an account made locally on each XP workstation that has local Administrator rights. Make the account on each XP workstation, and remember this is NOT a domain account. It is local to each machine. Obviously, you will need to log into each XP machine as the local Administrator or as the Domain Administrator or as a Domain Admin account to set yourself up with a local adminstrator-level account.
Ok, then when you start to connect to each remote user workstation, you will need to "manually authenticate" to each workstation using the local Administrator-level account you made. The best way is to use the NET USE command from the Command Prompt. Say you want to connect to \\WKSTATION1 using a local Admin acount you made called BOB. Your command syntax from the command line would be:
Hit Enter, and it will then ask you for the password for the BOB account on that machine. Type it in, hit Enter again, and that's it. Connection Completed Successfully.
THEN you would connect with whatever program you are gonna use to remotely monitor the user workstation.
My preference is to use Dameware NT Utilities to check remote user Event Viewer logs, running Processes, and other fun stuff:
I do this type of thing every day at work. All public-accessible servers in our Internet DMZ are stand alone, not domain members. You gotta manually authenticate to them using local Adminstrator-level accounts to then be able to use Dameware to look at their logs.

hope this helps

Author Comment

ID: 9904155
Joseph, I have tried your suggestions. It got me a little bit closer but still not capable of doing what I need.
I am starting to think there is another setting that I am overlooking. I did set myself up as a Domain Admin. I got a copy of DameWare NT Utilities and tried that too. (Very nice program thanks for this tip on that one for sure).

What I am thinking is that the Domain Security Policies are not set up correctly. This why I say that.
1. they are all still at their default setting.

2. I tried this as well from the server: Start -> Run -> mmc. Then, in MMC, File -> Add/Remove Snap-in... -> Add button -> Group Policy -> specify the computer name for the client computer that you want to view -> click Finish button -> click Close button from the Add Standalone Snap-in dialog box -> click OK button from the Add/Remove Snap-in dialog box. Now, on the server, you are able to configure the client computer of Group Policy (Local Policy for that computer). In there, expand Computer Configuration, Windows Settings, Security Settings, Local Policies.

**when I get to this last step "Windows Settings, Security Settings, Local Policies" there is only one policy available to configure. It's the IP policy setting. I had assumed that when I got to the Local Policy setting at this stage that I would see something similar to what you see when you are sitting at the client computer in gpedit, under the same heading, all the local policy setting.**

Any suggestion?
LVL 12

Accepted Solution

trywaredk earned 2000 total points
ID: 10479915
A policy must be linked to a container object in Active Directory to be effective.

Many Regards
Jorgen Malmgren

:o) Your brain is like a parachute. It works best when it's open
LVL 12

Expert Comment

ID: 10966997
:o) Glad I could help you - thank you for the points

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question