Solved

Setting a domain level group policy to enable remote control for all desktops

Posted on 2008-10-21
11
1,003 Views
Last Modified: 2012-05-05
I would like to set a domain level group policy that enables remote desktop on all PC's connected to the domain on a SBS 2003 server.
0
Comment
Question by:JackAitken
  • 6
  • 4
11 Comments
 
LVL 13

Expert Comment

by:SagiEDoc
ID: 22773538
As far as I am aware this is set under computer's and users on the properties of the user under the remote control tab.
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22773539
The http://connectcomputer wizard does this out of the box during the workstation configuration.
Philip
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22773547
Are your users local admins? If they are, they can log on via the Remote Web Workplace.
You can manually enable the Remote Connection in the My Computer properties --> Remote tab. Then add any domain users to the Remote Desktop Users group on the local machine.
Otherwise, you will need to modify GPOs and setup others to get things done ... which defeats the purpose since SBS has all that setup for you already.
Philip
0
 

Author Comment

by:JackAitken
ID: 22776551
Thanks for the comments, but I know how to set it up manually.  What I would like to do is set a group policy that enables remote desktop on the PC's automatically so when a PC is added to the domain, it doesn't have to be set manually, the group policy takes care of it.

Thanks
0
 
LVL 38

Accepted Solution

by:
Philip Elder earned 500 total points
ID: 22777575
SBS has this built-in by default. When the http://ConnectComputer wizard is used to connect the computer to the domain, you choose the users that are going to be on the system. Once the wizard completes the install routine, those users are able to RDP via RWW or VPN or LAN.
Philip
0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 

Author Comment

by:JackAitken
ID: 22777644
I'll need to try the connectcomputer option.  I've never used that option before.  I'll look it up.  

On existing servers, and Windows2003 non SBS domains, what would be the solution using group policy?

Thanks
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22777909
Enable the logon via Terminal Services in your default domain policy. Add your domain users to the local computer's Remote Desktop Users group.
Not a good idea on the SBS domain because that will mess things up even more.
Philip
0
 

Author Comment

by:JackAitken
ID: 22885984
Sorry for the delayed response.  I'm short handed and have been burried.  Philip, why would setting a group policy defaulting to enabled remote control on the PC mess things up in an SBS environment.

Thanks
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 22886779
Jack,
Because SBS has everything setup for you by default. Use the wizards, follow the SBS best practices and things work.
Don't follow them, make changes with the various components, and things break.
Philip
0
 

Author Closing Comment

by:JackAitken
ID: 31508620
Using connectcomputer only assigns the 1 user that was specifed when creating the package.  I now have Kaseya and connect with KVNC, and then run a script to enable remote connections.

Thanks
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 24370801
The script works, but if you choose the option to set multiple users in the ConnectComputer wizard and authenticate with the domain admin credentials, then any number of users can be allowed to RDP in.

Philip
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Funa@india.com 6 426
Can’t delete a file 14 140
Forcibly removing a 2003 server from the Domain 4 36
Windows Server Backup - behind the scenes management algorithm 8 39
This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now