Solved

Setting a domain level group policy to enable remote control for all desktops

Posted on 2008-10-21
11
1,006 Views
Last Modified: 2012-05-05
I would like to set a domain level group policy that enables remote desktop on all PC's connected to the domain on a SBS 2003 server.
0
Comment
Question by:JackAitken
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
11 Comments
 
LVL 13

Expert Comment

by:SagiEDoc
ID: 22773538
As far as I am aware this is set under computer's and users on the properties of the user under the remote control tab.
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22773539
The http://connectcomputer wizard does this out of the box during the workstation configuration.
Philip
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22773547
Are your users local admins? If they are, they can log on via the Remote Web Workplace.
You can manually enable the Remote Connection in the My Computer properties --> Remote tab. Then add any domain users to the Remote Desktop Users group on the local machine.
Otherwise, you will need to modify GPOs and setup others to get things done ... which defeats the purpose since SBS has all that setup for you already.
Philip
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:JackAitken
ID: 22776551
Thanks for the comments, but I know how to set it up manually.  What I would like to do is set a group policy that enables remote desktop on the PC's automatically so when a PC is added to the domain, it doesn't have to be set manually, the group policy takes care of it.

Thanks
0
 
LVL 38

Accepted Solution

by:
Philip Elder earned 500 total points
ID: 22777575
SBS has this built-in by default. When the http://ConnectComputer wizard is used to connect the computer to the domain, you choose the users that are going to be on the system. Once the wizard completes the install routine, those users are able to RDP via RWW or VPN or LAN.
Philip
0
 

Author Comment

by:JackAitken
ID: 22777644
I'll need to try the connectcomputer option.  I've never used that option before.  I'll look it up.  

On existing servers, and Windows2003 non SBS domains, what would be the solution using group policy?

Thanks
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22777909
Enable the logon via Terminal Services in your default domain policy. Add your domain users to the local computer's Remote Desktop Users group.
Not a good idea on the SBS domain because that will mess things up even more.
Philip
0
 

Author Comment

by:JackAitken
ID: 22885984
Sorry for the delayed response.  I'm short handed and have been burried.  Philip, why would setting a group policy defaulting to enabled remote control on the PC mess things up in an SBS environment.

Thanks
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22886779
Jack,
Because SBS has everything setup for you by default. Use the wizards, follow the SBS best practices and things work.
Don't follow them, make changes with the various components, and things break.
Philip
0
 

Author Closing Comment

by:JackAitken
ID: 31508620
Using connectcomputer only assigns the 1 user that was specifed when creating the package.  I now have Kaseya and connect with KVNC, and then run a script to enable remote connections.

Thanks
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 24370801
The script works, but if you choose the option to set multiple users in the ConnectComputer wizard and authenticate with the domain admin credentials, then any number of users can be allowed to RDP in.

Philip
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question