?
Solved

Script to add 'Domain Users' to the local 'Remote Desktop' group

Posted on 2006-11-27
3
Medium Priority
?
538 Views
Last Modified: 2012-05-05
Howdy,

  We need to add our Doman Users group into the Local Remote Desktop Users group on every Client PC we have here, does anyone have a good effeciant idea on how to do this ? Ive heard a script being mentioned but wouldnt know where to start so if someone could give advise or point in the right direction id be great.

Cheers


 Matt
0
Comment
Question by:mattash55
  • 2
3 Comments
 
LVL 67

Accepted Solution

by:
sirbounty earned 2000 total points
ID: 18020332
The command to do so would be:

net localgroup "Remote Desktop Users" "DOMAINNAME\Domain Users" /add

ref: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/net_localgroup.mspx?mfr=true for more info

One method to accopmlish applying this to all your clients would be to use something like psexec (from sysinternals/now Microsoft):

http://www.microsoft.com/technet/sysinternals/utilities/psexec.mspx

Step 1 would be to formulate a list of all client's computername

Workstation1
Workstation2
Workstation3
[etc]

Step 2, from a 'management' console - logged in with an administrator account, run the following:

for /f %a in (c:\computerlist.txt) do psexec \\%a net localgroup "Remote Desktop Users" "DOMAINNAME\Domain Users" /add

If that step fails, we can convert it to a batch file easy enough - copy/paste the following into notepad, save it as UpdateGroup.cmd and either type the name or double-click it to run...

::begin code copy
@echo off
for /f %%a in (C:\computerList.txt) do call :process %%a
goto :eof

:process
set pc=%1
psexec \\%pc% net localgroup "Remote Desktop Users" "DOMAINNAME\Domain Users" /add
::end code copy

post back if you need more help or are having trouble (I didn't test the above, for obvious reasons)...
0
 
LVL 51

Expert Comment

by:Netman66
ID: 18021301
Restricted Groups can also do it.

On a policy attached to the Domain, right click Restricted Groups (under Computer Config>Security Settings)
Add New Group.
Browse to Domain Users to select it.
Click ok.
On the next applet, in the lower section (This group is a member of)
Add.
Manually type in - Remote Desktop Users.
Ok your way out.

When the policy applies your done.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18023304
Thanx.  Happy to have helped. :^)
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question