Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3678
  • Last Modified:

GPO to place an Remote Desktop Connection on clients desktop...

Hello,

I'm pretty new to Group Policy but I've been asked to create a GPO to place remote desktop shortcuts on some client computers.

The Server is 2008 and so far I've created the Group Policy Object and linked it to the OU that I'm using to test; I then edited that GPO as follows:

User Configuration; Preferences; Windows Settings; Files
       
I've created a shared folder on the server and placed the remote desktop shortcut in that folder.  

In the properties of the GPO, under Files, I set the Action to "Replace", Source File to
\\<servername>\RDP\remotedesktop.RDP (which is the shared folder where I placed the shortcut).  For the Destination File, I used C:\Apps\remotedesktop.RDP (I am assuming that this folder will be created on the Client within the OU that the GPO is linked to). Under the Common tab, I checked Apply once and do not reapply.

User Configuration; Preferences; Windows Settings; Shortcuts

For the Shortcuts option, I set the Action to "Replace"; Target type "File System Object", Location "All Users Desktop"; Target Path "C:\Apps\remotedesktop.RDP "; Start in "C:\Apps".  Under the Common , I checked "Run in logged-on user's security context " and "Apply once and do not reapply".

On the client side, when I do a gpupdate /force no the C:\Apps folder isn't being created and no shortcut appears.  Instead I get an error in the applications log Event ID 4098 -

"Log Name:      Application
Source:        Group Policy Shortcuts
Date:          12/16/2013 8:59:38 AM
Event ID:      4098
Task Category: (2)
Level:         Warning
Keywords:      Classic
User:          SYSTEM
Computer:      
Description:
The user 'REMOTEDESKTOP.RDP' preference item in the 'Remote Desktop Shortcut {D8E2EAB3-30F5-473A-ABCE-E0F340BE2E20}' Group Policy object did not apply because it failed with error code '0x80070002 The system cannot find the file specified.' This error was suppressed.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Group Policy Shortcuts" />
    <EventID Qualifiers="34305">4098</EventID>
    <Level>3</Level>
    <Task>2</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-12-16T12:59:38.000000000Z" />
    <EventRecordID>7118</EventRecordID>
    <Channel>Application</Channel>
    <Computer>COMPUTERNAME.DOMAIN</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data>user</Data>
    <Data>ops-pdc-1.RDP</Data>
    <Data>Remote Desktop Shortcut {D8E2EAB3-30F5-473A-ABCE-E0F340BE2E20}</Data>
    <Data>0x80070002 The system cannot find the file specified.</Data>
  </EventData>
</Event>

I hope I haven't confused the issue but any help would be greatly appreciated!

Thanks in advance.
0
BadToro
Asked:
BadToro
  • 4
  • 3
  • 3
1 Solution
 
Joseph DalyCommented:
To me this seems like it is a permissions issues to the location where the RDP file is located. Have you confirmed that the users who will be accessing accessing this share have permissions?

Once logged on you can try going to the UNC path where the files are located as that user. If you cant access it this is probably your problem.
0
 
Raj-GTSystems EngineerCommented:
This is a permission issue. You need to ensure that the users have the right to create folders on C:\ without elevation/UAC. Why not just create the RDP file on the user's desktop or drop it inside their user profile/My Documents and create the shortcut on the desktop.
0
 
BadToroAuthor Commented:
Thanks for responding so quickly.  I can access the file using a UNC path to the folder, tested that by using UNC and copying the .RDP file directly to my C: drive.  Which means that I can create a folder on the C drive as well.

The reason i'm looking to use a GPO is because this shortcut will have to be created on many different PCs across various locations.
0
NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

 
Raj-GTSystems EngineerCommented:
Of course you should use GPOs, what I am suggesting is that you copy the RDP file (using GPO) to %userprofile%\desktop instead of C:\Apps
0
 
BadToroAuthor Commented:
Ok, gotcha.  So I changed my paths in Files and the Shortcuts to %userprofile%\desktop\remotedesktop.RDP but I still get the error when I fun gpupdate /force.

Log Name:      Application
Source:        Group Policy Shortcuts
Date:          12/16/2013 11:28:11 AM
Event ID:      4098
Task Category: (2)
Level:         Warning
Keywords:      Classic
User:          SYSTEM
Computer:      
Description:
The user 'remotedesktop.RDP' preference item in the 'Remote Desktop Shortcut {D8E2EAB3-30F5-473A-ABCE-E0F340BE2E20}' Group Policy object did not apply because it failed with error code '0x80070002 The system cannot find the file specified.' This error was suppressed.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Group Policy Shortcuts" />
    <EventID Qualifiers="34305">4098</EventID>
    <Level>3</Level>
    <Task>2</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-12-16T15:28:11.000000000Z" />
    <EventRecordID>7180</EventRecordID>
    <Channel>Application</Channel>
    <Computer>XXXXXXXXX</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data>user</Data>
    <Data>ops-pdc-1.RDP</Data>
    <Data>Remote Desktop Shortcut {D8E2EAB3-30F5-473A-ABCE-E0F340BE2E20}</Data>
    <Data>0x80070002 The system cannot find the file specified.</Data>
  </EventData>
</Event>
0
 
Raj-GTSystems EngineerCommented:
Can you try changing the action from Replace to Create and see if you get the same error.
0
 
BadToroAuthor Commented:
Changed to Create instead but got the same error : Group Policy Object did not apply because it failed with error code:0x80070003  The system cannot find the path specified
0
 
Joseph DalyCommented:
Ok so it's still a permissions issue. Gpp applies using the local system context. This will not have access to your share.

Under the common options for the Gpp you need to set it to run as the logged on user.  

http://technet.microsoft.com/en-us/library/cc772371.aspx
0
 
Joseph DalyCommented:
If the Run in logged-on user's security context option is selected, it changes the security context under which the preference item is processed. The preference extension processes preference items in the security context of the logged-on user. This allows the preference extension to access resources as the user rather than the computer. This can be especially important when using drive maps or other preferences in which the computer may not have permissions to resources or when using environment variables. The value of many environment variables differs when evaluated in a security context other than the logged-on user.
0
 
BadToroAuthor Commented:
Thanks for all the help guys, this was definitely the issue - as soon as I enabled that option and updated the group policy on the client the shortcut appeared.

Thanks again.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 4
  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now