Enable RDP to act like VNC?

**Rawns** · 20th October 2009, 11:54 AM

I have been looking into RDP settings and have found out that you can Enable RDP to act like VNC (ie - see the other person using the PC, take control etc) but it's disabled by default.

Open the Group Policy snap-in (Gpedit.msc).
In the left pane, under the Computer Configuration branch, expand the Administrative Templates branch.
Expand the Windows Components branch.
Click the Terminal Services folder.
In the right pane, double-click Sets rules for remote control of Terminal Services user sessions.
On the Setting tab, click Enabled.
In the Options box, click Full Control with users' permission, and then click OK.

I guess that it is modifying the registry in some area but can't see where. My plan is that if I can find the key its adding/changing, I can create a batch file, distribute to multiple servers/workstations and enable it on all devices.

Any suggestions on how I can proceed?

**powdarrmonkey** · 20th October 2009, 12:47 PM

Originally Posted by Rawns

Any suggestions on how I can proceed?

Enable it in a group policy object and apply it to your choice of clients.

**Rawns** · 20th October 2009, 12:55 PM

Originally Posted by powdarrmonkey

Enable it in a group policy object and apply it to your choice of clients.

It needs to be enabled via a script as there are 250+ servers on different domains and each server has between 20 and 100 workstations connected to each.

**powdarrmonkey** · 20th October 2009, 01:06 PM

No it doesn't, this is the whole point of group policy. On each domain, create a policy object and apply to it everything. Every machine will pick it up without any further effort from you.

**Rawns** · 20th October 2009, 01:11 PM

Originally Posted by powdarrmonkey

No it doesn't, this is the whole point of group policy. On each domain, create a policy object and apply to it everything. Every machine will pick it up without any further effort from you.

That still means creating a policy object on 250+ domains.

Using CentraStage, I can create a batch file to add a key to the registry to enable Shadow mode using RDP, and distribute the file to every single device within one click. A 10 second job. I just need to find the correct key entry in the registry.

**srochford** · 20th October 2009, 01:14 PM

Don't know where the registry key is, but if you use sysinternals process explorer it can capture all registry changes in real time.

It's probably going to be explorer making the change and it's likely to be a section of the registry with Microsoft in the name so that should help narrow down the search (process explorer can be a bit verbose ...)

**Cools** · 20th October 2009, 01:14 PM

you have 250+ domains or 250+ computers

what are you StarBucks??

**Rawns** · 20th October 2009, 01:22 PM

Originally Posted by Cools

you have 250+ domains or 250+ computers

what are you StarBucks??

250+ servers all on their own domains. Each domain has 1 or 2 servers and between 20 and 100 workstations.

No, I'm not Starbucks.

**Michael** · 20th October 2009, 01:25 PM

It needs to be enabled via a script as there are 250+ servers on different domains and each server has between 20 and 100 workstations connected to each.

So taking an average of 50 machines per domain multiplied by 250 domains = 12,500 machines. Your best option/method is without a doubt setting it on 250 domains using GPOs. Even if you created a script, you'd still need to copy that script to 250 servers.

**PiqueABoo** · 20th October 2009, 01:26 PM

250+ domains

I believe we're talking about Remote Assistance? If so you'll have problems authenticating unless your workstation is in the same domain as the target.

This may or may not be fixable somehow (haven't looked hard yet).

**Rawns** · 20th October 2009, 01:29 PM

Originally Posted by Michael

Even if you created a script, you'd still need to copy that script to 250 servers.

Hence why I'd be using CentraStage to distribute it. Every device has CentraStage installed on it which connects each device to the CentraStage server. Using the CentraStage interface, I can select a script (bat, vbs etc), choose which devices to send it to and it will automaticly copy the script file to every device I choose and run it.

**Michael** · 20th October 2009, 01:34 PM

Sounds all very big-scale and complex. The best advice I can offer is do some research, but you're right, the policy will be changing a registry entry somewhere on the system.

**p858snake** · 20th October 2009, 01:38 PM

Offtopic: If you don't mind me asking why do you have so many separate domains?

**Geoff** · 20th October 2009, 01:44 PM

Your domains should be under the same forest. You then link the GPO in at Forest level and it'll propergate down into each domain and therefore each server/client.

You will need Enterprise Admin rights to achieve this.

If your domains are not under the same forest, the whole question is moot as you will not be able to authenticate correctly cross-domain. Stick with VNC.

**Rawns** · 20th October 2009, 01:46 PM

Originally Posted by p858snake

Offtopic: If you don't mind me asking why do you have so many separate domains?

Each School has it's own domain.

LinkBack

Thread Tools

Search Thread

Enable RDP to act like VNC?

Similar Threads

Ultra VNC vs Real VNC

Cannot connect to any VNC or RDP servers

Changes to data protection act

RIPA Act

amendments to computing act

Thread Information

Users Browsing this Thread

Tags for this Thread

Posting Permissions