Solved

2k8 term server RESET PASSWORD remotely

Posted on 2014-09-22
2
279 Views
Last Modified: 2014-09-22
Where in GPO do I control non-admins to have the option to reset their password when they select Ctrl+Alt+End when connected to terminal server?

I have the option to reset my password (Admin) non-admins do not. Assume this is controlled in GRO

Thanks
0
Comment
Question by:sparkis
2 Comments
 
LVL 2

Accepted Solution

by:
Livin Jose earned 500 total points
Comment Utility
Hi,

I am not pretty sure about the settings in Terminal server. But in normal scenario you can control the permission of users to change the password by editing below GPO.

1. Click the Group Policy object (GPO) that you want to work with, and then click Edit.
2. Expand the GPO->expand User Configuration->expand Administrative Templates-> and then expand System.
3. Click Ctrl+Alt+Del Options.
4. Here you can find the GPO 'Remove Change Password'. If this policy is enabled users won't be able to
change the password.
5. Disable the policy and see if this helps you.
0
 

Author Comment

by:sparkis
Comment Utility
Thanks that worked -

I changed Comp->Policies->AdminTemp->WinComponents->RemoteDesktopServices->RemoteDestktopSessionHost->RemoteSessionEnv->RemoveWindowsSecurityItemfromStartMenu "Disabled"

"Specifies whether to remove the Windows Security item from the Settings menu on Remote Desktop clients. You can use this setting to prevent inexperienced users from logging off from Remote Desktop Services inadvertently.

If the status is set to Enabled, Windows Security does not appear in Settings on the Start menu. As a result, users must type a security attention sequence, such as CTRL+ALT+END, to open the Windows Security dialog box on the client computer.

If the status is set to Disabled or Not Configured, Windows Security remains in the Settings menu."
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now