Solved

Allow non administrators to access Windows 7 clients via RDP

Posted on 2014-04-14
3
555 Views
Last Modified: 2014-04-14
Hi,
I have been looking for a way to allow a Jr Admin who does not have administrator or domain admin rights to RDP into our Windows 7 machines for support.  I don't really want to touch all 50 of our PCs and add this person manually to the RD Users group locally.  Is there a way within AD/Group Policy to allow this person RDP rights into our Windows 7 machines without giving this person more rights?  Thanks so much!
0
Comment
Question by:cbsykes
3 Comments
 
LVL 3

Expert Comment

by:aces4all00
ID: 40000603
You have a couple of options.  You can make use of restricted groups or write a script that will add a domain security group to the Remote desktop users group then add your support personnel to that group.  See http://blogs.technet.com/b/heyscriptingguy/archive/2010/08/19/use-powershell-to-add-domain-users-to-a-local-group.aspx for one way you can do that.

Another alternative would be to set things up so you're support personal can offer remote assistance.  This is a feature of Windows that will allow a support technician to shadow a users session with the user logged in and request control from the user if they need it.  See http://community.spiceworks.com/how_to/show/210-offer-unsolicited-remote-assistance-to-ms-domain-computers for more information.
0
 
LVL 14

Accepted Solution

by:
dmwynne earned 500 total points
ID: 40000612
You can create a group policy to do this.  Create a group in Active Directory and then create  a GPO to add  that group to the Remote Desktop Users group.  

Steps are detailed in this Technet article:

http://social.technet.microsoft.com/wiki/contents/articles/17671.how-to-add-domain-usersgroup-to-remote-desktop-users-group-on-servers-using-group-policy.aspx
0
 

Author Comment

by:cbsykes
ID: 40000835
Thanks dmwynne.  Exactly what I was looking for.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Microsoft VPN Access - Routing and Remote Access 2 31
NTFS Permissions 6 47
Non admin needs to install programs 17 35
Unable to print after system state restore 32 21
If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question