Solved

Script to add 'Domain Users' to the local 'Remote Desktop' group

Posted on 2006-11-27
3
494 Views
Last Modified: 2012-05-05
Howdy,

  We need to add our Doman Users group into the Local Remote Desktop Users group on every Client PC we have here, does anyone have a good effeciant idea on how to do this ? Ive heard a script being mentioned but wouldnt know where to start so if someone could give advise or point in the right direction id be great.

Cheers


 Matt
0
Comment
Question by:mattash55
  • 2
3 Comments
 
LVL 67

Accepted Solution

by:
sirbounty earned 500 total points
ID: 18020332
The command to do so would be:

net localgroup "Remote Desktop Users" "DOMAINNAME\Domain Users" /add

ref: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/net_localgroup.mspx?mfr=true for more info

One method to accopmlish applying this to all your clients would be to use something like psexec (from sysinternals/now Microsoft):

http://www.microsoft.com/technet/sysinternals/utilities/psexec.mspx

Step 1 would be to formulate a list of all client's computername

Workstation1
Workstation2
Workstation3
[etc]

Step 2, from a 'management' console - logged in with an administrator account, run the following:

for /f %a in (c:\computerlist.txt) do psexec \\%a net localgroup "Remote Desktop Users" "DOMAINNAME\Domain Users" /add

If that step fails, we can convert it to a batch file easy enough - copy/paste the following into notepad, save it as UpdateGroup.cmd and either type the name or double-click it to run...

::begin code copy
@echo off
for /f %%a in (C:\computerList.txt) do call :process %%a
goto :eof

:process
set pc=%1
psexec \\%pc% net localgroup "Remote Desktop Users" "DOMAINNAME\Domain Users" /add
::end code copy

post back if you need more help or are having trouble (I didn't test the above, for obvious reasons)...
0
 
LVL 51

Expert Comment

by:Netman66
ID: 18021301
Restricted Groups can also do it.

On a policy attached to the Domain, right click Restricted Groups (under Computer Config>Security Settings)
Add New Group.
Browse to Domain Users to select it.
Click ok.
On the next applet, in the lower section (This group is a member of)
Add.
Manually type in - Remote Desktop Users.
Ok your way out.

When the policy applies your done.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 18023304
Thanx.  Happy to have helped. :^)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Trust one-way issue 2 54
Moving Files servers to DFS 11 43
Problem pinging RRAS server from outside the network 11 81
domain controller migration seems succesful, however.... 9 62
by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now