• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 415
  • Last Modified:

Allow User Access to Collection on Windows Server 2012 Remote Desktop

Is there a way to allow a Security Group (two people) access to just the Collection (or Quick Access Collection) of the Server Admin on a Remote Desktop, Windows Server 2012?  I was able to do it easily on 2008, but cannot figure out a way to allow these two "standard" users on the 2012, that sometimes need to provide remote support on the terminal server.  I want the users to be able to shadow or remote control another user (with the users permission).  I do NOT want these two users to be admin's.  It needs to be extremely easy for both sets of users - the helper and the one needing assistance.  Is this possible without third party software?  We have tried to put the tsadmin from 2008 on the 2012, but that did not work.
0
StephanieFoster
Asked:
StephanieFoster
  • 5
  • 4
1 Solution
 
yo_beeDirector of ITCommented:
add them to the Local Remote Desktop Group on the server to gain access for Remote Desktop

What you are asking sounds like Remote Assistance needs to be enabled.

Is this for only a single machine or a group of machines?
If it is for a single machine I would try this:
Enabling Remote Assistance
http://msdn.microsoft.com/en-us/library/cc505914.aspx
Enable Remote Assistance > Advance > Add to people you need.
If there are multiple machines I would create a Group Policy and apply it to those machines.
Follow the section under Offering Unsolicited Remote Assistance
My Settings
0
 
StephanieFosterAuthor Commented:
Thank you.  It didn't work quite like it used to, but we'll just have to work with it.
0
 
yo_beeDirector of ITCommented:
how did it used to work for you
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
StephanieFosterAuthor Commented:
They used to be able to Shadow a person (with the users permission).  Now the user that needs help has to send an email invite.    Used to be - right click on the user, remote control (or shadow now), user gives permission, helper can view or control other users screen.   Now only an administrator can shadow for some reason.  We still aren't live, so are still working out kinks, maybe that is just one kink that we haven't fully worked out yet.  

Thanks!
Stephanie
0
 
yo_beeDirector of ITCommented:
You can accomplish this by using the /offerRA switch.

From Windows (Start)  or Run type MSRA /offerRA <ComputerName> or <IP>
Goes directly to the computer
Or
Windows (Start) or Run tyoe MSRA /offerRA
Brings up a Window that allows you to type the name or ip of the computer
0
 
StephanieFosterAuthor Commented:
I might need to do another question, but just in case...

I found the following command, but each time I try to run it (administrator cmd prompt), i get a generic error:
wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSPermissionsSetting WHERE (TerminalName ="RDP-Tcp") CALL AddAccount "domain\security group”,2

I have put my domain and security group (even renamed it so there was no spaces).  And I still get the same error.
Stephanie
0
 
yo_beeDirector of ITCommented:
I have never done it via Windows Management Call.  

did my switches I suggested work at all?
0
 
StephanieFosterAuthor Commented:
I couldn't get it to connect to the computer it was on.  I tested it with my own account first and I knew the name.  Kept giving me an error.  Unless I'm not supposed to be on the remote desktop?
0
 
yo_beeDirector of ITCommented:
Did you add the user group to the GPO setting ?
What error are you getting?
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now