I have been looking into RDP settings and have found out that you can Enable RDP to act like VNC (ie - see the other person using the PC, take control etc) but it's disabled by default.
I guess that it is modifying the registry in some area but can't see where. My plan is that if I can find the key its adding/changing, I can create a batch file, distribute to multiple servers/workstations and enable it on all devices.
- Open the Group Policy snap-in (Gpedit.msc).
- In the left pane, under the Computer Configuration branch, expand the Administrative Templates branch.
- Expand the Windows Components branch.
- Click the Terminal Services folder.
- In the right pane, double-click Sets rules for remote control of Terminal Services user sessions.
- On the Setting tab, click Enabled.
- In the Options box, click Full Control with users' permission, and then click OK.
Any suggestions on how I can proceed?
No it doesn't, this is the whole point of group policy. On each domain, create a policy object and apply to it everything. Every machine will pick it up without any further effort from you.
Using CentraStage, I can create a batch file to add a key to the registry to enable Shadow mode using RDP, and distribute the file to every single device within one click. A 10 second job. I just need to find the correct key entry in the registry.
Don't know where the registry key is, but if you use sysinternals process explorer it can capture all registry changes in real time.
It's probably going to be explorer making the change and it's likely to be a section of the registry with Microsoft in the name so that should help narrow down the search (process explorer can be a bit verbose ...)
you have 250+ domains or 250+ computers
what are you StarBucks??
So taking an average of 50 machines per domain multiplied by 250 domains = 12,500 machines. Your best option/method is without a doubt setting it on 250 domains using GPOs. Even if you created a script, you'd still need to copy that script to 250 servers.It needs to be enabled via a script as there are 250+ servers on different domains and each server has between 20 and 100 workstations connected to each.
I believe we're talking about Remote Assistance? If so you'll have problems authenticating unless your workstation is in the same domain as the target.250+ domains
This may or may not be fixable somehow (haven't looked hard yet).
Sounds all very big-scale and complex. The best advice I can offer is do some research, but you're right, the policy will be changing a registry entry somewhere on the system.
Offtopic: If you don't mind me asking why do you have so many separate domains?
Your domains should be under the same forest. You then link the GPO in at Forest level and it'll propergate down into each domain and therefore each server/client.
You will need Enterprise Admin rights to achieve this.
If your domains are not under the same forest, the whole question is moot as you will not be able to authenticate correctly cross-domain. Stick with VNC.
There are currently 1 users browsing this thread. (0 members and 1 guests)