Solved

Enable Remote Desktop for Windows 7 from remote command line

Posted on 2014-04-10
7
840 Views
Last Modified: 2014-04-10
I have a multitude of Windows 7 workstations that I can access via command line via Dameware.  I need to enable Remote Desktop for them all and specify Network Level Authentication as well as the user.  I know that I can enable using:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

... but beyond that, I'm a bit stuck.  Can anyone advise of the command that would enable NLA and allow me to specify the domain user?

Thanks in advance!
0
Comment
Question by:PERSJWM
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 25

Accepted Solution

by:
Tony Giangreco earned 300 total points
ID: 39991615
You should be able to edit the default domain GPO and add it in.
0
 
LVL 1

Author Comment

by:PERSJWM
ID: 39991622
I don't want to do this via GPO.  I need the commands.  Thanks!
0
 
LVL 35

Assisted Solution

by:Kimputer
Kimputer earned 150 total points
ID: 39991663
For point 3:

net localgroup "Remote Desktop Users" domain\user /add

Point 2 is more difficult, as you ADD something to a string in your registry, you don't replace it so easily with just one command.
0
MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

 
LVL 1

Author Comment

by:PERSJWM
ID: 39991690
I can access remote registry as well so that's ok.  Can you advise what string to add and where?  Thank  you.
0
 
LVL 35

Expert Comment

by:Kimputer
ID: 39991795
Configure Network Level Authentication
1. Click Start, click Run, type regedit, and then press ENTER.
2. In the navigation pane, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3. In the details pane, right-click Security Packages, and then click Modify.
4. In the Value data box, type tspkg. Leave any data that is specific to other SSPs, and then click OK.
5. In the navigation pane, locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
6. In the details pane, right-click SecurityProviders, and then click Modify.
7. In the Value data box, type credssp.dll. Leave any data that is specific to other SSPs, and then click OK.
8. Restart the computer to check the result.
0
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 50 total points
ID: 39991990
Really surprised no one has thought of this - POWERSHELL.

invoke-command –ComputerName (Get-Content .\machines.txt) –Scriptblock {(Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(1)}

See:
http://roger.steneteg.org/70/70/
0
 
LVL 1

Author Closing Comment

by:PERSJWM
ID: 39992034
In retrospect it actually did end up being more proficient to use GPO so that's what I'm doing.  I awarded other points respectively.  Thanks so much for all of the suggestions and help.
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
On some Windows 7 (SP1) computers, Windows Update becomes super slow even the computer is reasonably fast.  There's one solution that seemed to have worked well for me (after trying a few other suggested solutions).
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question