Solved

Script to add 'Domain Users' to the local 'Remote Desktop' group

Posted on 2006-11-27
3
480 Views
Last Modified: 2012-05-05
Howdy,

  We need to add our Doman Users group into the Local Remote Desktop Users group on every Client PC we have here, does anyone have a good effeciant idea on how to do this ? Ive heard a script being mentioned but wouldnt know where to start so if someone could give advise or point in the right direction id be great.

Cheers


 Matt
0
Comment
Question by:mattash55
  • 2
3 Comments
 
LVL 67

Accepted Solution

by:
sirbounty earned 500 total points
Comment Utility
The command to do so would be:

net localgroup "Remote Desktop Users" "DOMAINNAME\Domain Users" /add

ref: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/net_localgroup.mspx?mfr=true for more info

One method to accopmlish applying this to all your clients would be to use something like psexec (from sysinternals/now Microsoft):

http://www.microsoft.com/technet/sysinternals/utilities/psexec.mspx

Step 1 would be to formulate a list of all client's computername

Workstation1
Workstation2
Workstation3
[etc]

Step 2, from a 'management' console - logged in with an administrator account, run the following:

for /f %a in (c:\computerlist.txt) do psexec \\%a net localgroup "Remote Desktop Users" "DOMAINNAME\Domain Users" /add

If that step fails, we can convert it to a batch file easy enough - copy/paste the following into notepad, save it as UpdateGroup.cmd and either type the name or double-click it to run...

::begin code copy
@echo off
for /f %%a in (C:\computerList.txt) do call :process %%a
goto :eof

:process
set pc=%1
psexec \\%pc% net localgroup "Remote Desktop Users" "DOMAINNAME\Domain Users" /add
::end code copy

post back if you need more help or are having trouble (I didn't test the above, for obvious reasons)...
0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
Restricted Groups can also do it.

On a policy attached to the Domain, right click Restricted Groups (under Computer Config>Security Settings)
Add New Group.
Browse to Domain Users to select it.
Click ok.
On the next applet, in the lower section (This group is a member of)
Add.
Manually type in - Remote Desktop Users.
Ok your way out.

When the policy applies your done.
0
 
LVL 67

Expert Comment

by:sirbounty
Comment Utility
Thanx.  Happy to have helped. :^)
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now