Pages

Thursday, February 03, 2011

[Windows GPO] Permitindo Acesso Remoto a usuários.


GPO Editor
Atributos alterados:

Nó Computer Configuration:

+ Windows Settings
 + Security Settings
  + Local Policies
   + User Rights Assigment
    - Allow log on through Terminal Services
      |X| Define these policy settings:
       * Adicionar o grupo que deve ter acesso remoto ao computador

- Administrative Templates 
 + Network
  + Network Connections
   + Windows Firewall
    + Domain Profile
     - Windows Firewall: Allow inbound Remote Desktop exceptions = ENABLED
 + Windows Components
  + Terminal Services
   + Terminal Server
    + Connections
     - Allow user to connect remotely using Terminal Services = ENABLED

e agora o segredinho:

 wmic RDPermissions Where "TerminalName='RDP-Tcp'" Call AddAccount "dominio\grupo",2

    * Faça um script .BAT e chame pela mesma GPO no startup da maquina.

depois de feito tudo isso:

gpupdate /target:computer /force


Testei esta GPO com XP, Windows 7.

Bibliografia:
Microsoft´s Remote Desktop Services (RDS) Team Blog
Microsoft´s Windows Management Instrumentation (WMI) Start Page 
Microsoft´s WMI Code Creator
The Daily Reviewer | non-admin users connect to remote desktop 

No comments:

Post a Comment