Advanced Windows PowerShell Scripting Video Training

Advanced Windows PowerShell Scripting Video Training
Advanced Windows PowerShell Scripting Video Training

Monday, August 23, 2010

How to add a user or group to the Remote Desktop Users group on Server Core

On a standard installation of Windows Server 2008, you can easily add users to the Remote Desktop Users group to allow them to access the server with Remote Desktop. In Server Core, you do not get the nice GUI to work with. You have two options for adding users; command line and Group Policy.

Command Line option:

Log into Server Core

To see a list of users currently in the Remote Desktop Users group, type: net localgroup “Remote Desktop Users”

To add a user, type: net localgroup “Remote Desktop Users” /add

Group Policy Option:

The command line option works well if you are only setting it for one or two servers. For many servers, Group Policy is the option of choice. In particular, we are going to be looking at the GPO for Restricted Groups.

For this to work you need to make sure this policy setting applies only to your Server Cores, or other systems that you want this setting .

Open Group Policy Management

Create and GPO and give it the name of your choice.

Edit the policy.

Expand Computer Configuration \ Windows Settings \ Security Settings \ Restricted Groups.

Right mouse click Restricted Groups and select New Group.

Click Browse.

Type Remote and click Check Names.

Click OK

Click OK. You should see the window below.



In the Members of this Group section, click Add.

Add the users or groups that you want to ensure they are a member of the Remote Desktop Users Group. Click Browse if you need help finding the users or groups.

This will also ensure that only these users and groups are the only accounts listed in this group To add others later or to remove them, you will have to edit the list in this Group Policy.

Make sure you link the group policy to the OUs that hold the computer accounts of the Server Cores.

No comments: