Enable RDP to act like VNC?

[powdarrmonkey]

Right, after some digging through some truly baffling policy templates, the key you're looking for appears to be a DWORD value called Shadow at:

Code:

HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services

Values:
0: No remote control allowed
1: Full Control with user's permission
2: Full Control without user's permission
3: View session with user's permission
4: View session without user's permission

But if you set this with a script, the policy engine is going to come along and change it during a user session anyway, so I still think you're wasting your time.

[Rawns]

Right, after some digging through some truly baffling policy templates, the key you're looking for appears to be a DWORD value called Shadow at:

Code:

HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services

Values:
0: No remote control allowed
1: Full Control with user's permission
2: Full Control without user's permission
3: View session with user's permission
4: View session without user's permission

But if you set this with a script, the policy engine is going to come along and change it during a user session anyway, so I still think you're wasting your time.

Many thanks powdarrmonkey. I'll give this a go and see what happens.

[powdarrmonkey]

I love reverse-engineering at lunchtime

[Cools]

What client does this work on? i have tryed XP clients and it logs the user off when i login.

[powdarrmonkey]

Terminal servers.

Edit: good point. Rawns, you are still wasting your time.

[Cools]

Coz i know theres a way to watch a PC boot and see the desktop from 2003 r2 server..
never realy looked in to it just seen it at my mates old job..

[Cools]

dam powdarrmonkey you watching my laptop.. lol that was fast.

[powdarrmonkey]

Coz i know theres a way to watch a PC boot and see the desktop from 2003 r2 server..
never realy looked in to it just seen it at my mates old job..

Probably Intel vPro.

[Cools]

next yrs project shoot teachers..
might have to do TS for access at home and ease of use in school for teachers...

[localzuk]

Many thanks powdarrmonkey. I'll give this a go and see what happens.

As I'm in Somerset I thought I'd chip in I'm assuming this is for the Primaries/First schools (as us middle and secondary schools would create the policy for you).

Have you considered using Powershell scripting? It is capable of manipulating GPOs easily, without directly needing to manipulate registry settings.

The way I'd be doing it would be to create a GPO in a domain, export it/back it up, and then via PowerShell import it into all the disparate domains.

• Windows Administration: Simplify Group Policy Administration with Windows PowerShell
• Group Policy: Automating Group Policy Management with Windows PowerShell

[Rawns]

As I'm in Somerset I thought I'd chip in I'm assuming this is for the Primaries/First schools (as us middle and secondary schools would create the policy for you).

Have you considered using Powershell scripting? It is capable of manipulating GPOs easily, without directly needing to manipulate registry settings.

The way I'd be doing it would be to create a GPO in a domain, export it/back it up, and then via PowerShell import it into all the disparate domains.

• Windows Administration: Simplify Group Policy Administration with Windows PowerShell
• Group Policy: Automating Group Policy Management with Windows PowerShell

Yep, thats right - just Primary's, Firsts & PRU's. We are starting to use CentraStage at the moment for remote support. It comes with RDP and VNC built in but VNC is temperamental at best so I'm looking down the RDP route.

Powdarrmonkey, you were right. Seems to work on servers but no luck with workstations. Back to the drawing board.

[localzuk]

Yep, thats right - just Primary's, Firsts & PRU's. We are starting to use CentraStage at the moment for remote support. It comes with RDP and VNC built in but VNC is temperamental at best so I'm looking down the RDP route.

Powdarrmonkey, you were right. Seems to work on servers but no luck with workstations. Back to the drawing board.

As I say, PowerShell is your friend here. Although, this would require you to have PowerShell installed on all the servers...

[PiqueABoo]

I've previously automated (and still do coz it ain't broke) mass GPO editing with a bit of JScript wrapped around a free utility called GPScript.exe which comes as part of a collection: batch tools.zip[1]. It takes a text file as input and applies the changes therein, to a registry.pol file. YMMV but I've given that util a bit of exercise and it has always worked for me.

My script is about a) finding the right GPO to point GPScript at (I'm dealing with servers where certain GPO names are consistent), b) Updates the GPO version in the right places afterwards.


You can download Microsoft spreadsheets that are lists of standard Windows ADM[X] policy settings, with their descriptions, exact registry keys etc. Very quick and easy to search for things, but I once got bitten by a couple of mistakes in one so verify before production use.

[1] There are some other useful utils in there.

PS: The only way I've made this thread work is to RDP (or something) to domain X server as an Admin , then within that session Remote Assist to domain X workstation. Unsolicited RA from Admins needs to be configured in a GPO for the workstations first though.

[glensc]

Yep, thats right - just Primary's, Firsts & PRU's. We are starting to use CentraStage at the moment for remote support. It comes with RDP and VNC built in but VNC is temperamental at best so I'm looking down the RDP route.

Powdarrmonkey, you were right. Seems to work on servers but no luck with workstations. Back to the drawing board.

WHen your RDPing to a user if your taking control of the session you'll be connecting as them, I thought RDP on XP was only set up for members of the admin group.

I guess you could test that by loging onto one as an admin then seeing if you can RDP to it from antoter machine.

[powdarrmonkey]

WHen your RDPing to a user if your taking control of the session you'll be connecting as them, I thought RDP on XP was only set up for members of the admin group.

I guess you could test that by loging onto one as an admin then seeing if you can RDP to it from antoter machine.

That's not the problem in question - the OP wants to watch a session in progress, like Remote Assistance does.