Skip to main content

How to add a user or group to the Remote Desktop Users group on Server Core

By

On a standard installation of Windows Server 2008, you can easily add users to the Remote Desktop Users group to allow them to access the server with Remote Desktop. In Server Core, you do not get the nice GUI to work with. You have two options for adding users; command line and Group Policy.

Command Line option:

Log into Server Core

To see a list of users currently in the Remote Desktop Users group, type: net localgroup “Remote Desktop Users”

To add a user, type: net localgroup “Remote Desktop Users” /add

Group Policy Option:

The command line option works well if you are only setting it for one or two servers. For many servers, Group Policy is the option of choice. In particular, we are going to be looking at the GPO for Restricted Groups.

For this to work you need to make sure this policy setting applies only to your Server Cores, or other systems that you want this setting .

Open Group Policy Management

Create and GPO and give it the name of your choice.

Edit the policy.

Expand Computer Configuration \ Windows Settings \ Security Settings \ Restricted Groups.

Right mouse click Restricted Groups and select New Group.

Click Browse.

Type Remote and click Check Names.

Click OK

Click OK. You should see the window below.



In the Members of this Group section, click Add.

Add the users or groups that you want to ensure they are a member of the Remote Desktop Users Group. Click Browse if you need help finding the users or groups.

This will also ensure that only these users and groups are the only accounts listed in this group To add others later or to remove them, you will have to edit the list in this Group Policy.

Make sure you link the group policy to the OUs that hold the computer accounts of the Server Cores.

Labels:

Comments

Post a Comment

Popular posts from this blog

How to list all the AD LDS instances on a server

By
AD LDS allows you to provide directory services to applications that are free of the confines of Active Directory.  To list all the AD LDS instances on a server, follow this procedure: Log into the server in question Open a command prompt. Type dsdbutil and press Enter Type List Instances and press Enter . You will receive a list of the instance name, both the LDAP and SSL port numbers, the location of the database, and its status.
Post a Comment
Read more

How to run GPResult on a remote client with PowerShell

By
In the past, to run the GPResult command, you would need to either physically visit this client, have the user do it, or use and RDP connection.  In all cases, this will disrupt the user.  First, you need PowerShell remoting enabled on the target machine.  You can do this via Group Policy . Open PowerShell and type this command. Invoke-Command –ScriptBlock {GPResult /r} –ComputerName <ComputerName> Replace <ComputerName> with the name of the target.  Remember, the target needs to be online and accessible to you.
Post a Comment
Read more

Error icon when creating a GPO Preference drive map

By
You may not have an error at all.  Take a look at the drive mapping below. The red triangle is what threw us off.  It is not an error.  It is simply a color representation of the Replace option of the Action field in the properties of the drive mappings. Create action This give you a green triangle. The Create action creates a new mapped drive for users. Replace Action The Replace action gives you a red triangle.  This action will delete and recreate mapped drives for users. The net result of the Replace action is to overwrite all existing settings associated with the mapped drive. If the drive mapping does not exist, then the Replace action creates a new drive mapping. Update Action The Update action will have a yellow triangle. Update will modify settings of an existing mapped drive for users. This action differs from Replace in that it only updates settings defined within the preference item. All other settings remain as configured on the mapped drive. If the
1 comment
Read more