• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Questions for you Active Directory Guru's

Bulldog13

Bulldog13

Golden Member
We are using Windows Server 2000 and Active Directory 2000.

Basically, I want it so that all pcs have remote desktop enabled. As it is now, it s a mix between some having is enabled, some having it enabled without domain admins under it, and some just not having it enabled.

It's kind of annoying to have to have a user log under an admin account and enable it.

Is there a way through Active Directory and GPO to do this ? I did some googling and found a way that looked like it should have worked, but I was missing the option to enable it.
GPO -> Comp Config -> admin templates -> windows components -> terminal services . I did not find anything about enabling it.


Also, does anyone know how to set the dns / wins settings on login ?

 
You should be able to do the opposite of this like you said you tried:

http://support.microsoft.com/kb/306300/en-us

As far as set dns/wins in login do in in the login script:

netsh -c interface ip set dns "Local Area Connection" 192.168.0.1
netsh -c interface ip set wins "Local Area Connection" 192.168.0.1

The 192 address is the address you want to make the dns/wins server and "Local Area Connection" is the name of the NIC
 
That's the problem.

From your link,

"3. Double-click the Allow users to connect remotely using Terminal Services policy.
4. Set the policy to Enabled, and then click OK.".

The "Allow users to connect remotely" option is not there. Does anyone have an idea as to how to install it.

BTW, for your dns/wins answer...I appreciate it 🙂 , Would I have to add extra lines for "Local Area Connection", would I also have to add "Local Area Connection 1" (etc) for extra LAN connections ?
 
Originally posted by: Bulldog13
That's the problem.

From your link,

"3. Double-click the Allow users to connect remotely using Terminal Services policy.
4. Set the policy to Enabled, and then click OK.".

The "Allow users to connect remotely" option is not there. Does anyone have an idea as to how to install it.

BTW, for your dns/wins answer...I appreciate it 🙂 , Would I have to add extra lines for "Local Area Connection", would I also have to add "Local Area Connection 1" (etc) for extra LAN connections ?
Click to expand...

Yes.
 
I couldn't find the GP setting, but I found the reg entry:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]
"fDenyTSConnections"=dword:00000000


Put this entry into a custom Group Policy, MSI, or send it out to all machines via SMS or Altiris.
 
^^That might be the only way to do it for 2000 clients.

There's an XP GPO, Computer Configuration\Administrative Templates\Windows Components\Terminal Services\Do Not Allow New Client Connections that needs to be set to disabled. You can upgrade your 2000 GPO to the XP version by using the procedure in this article: http://support.microsoft.com/kb/q307900/

You might want to try that and see if it works on the 2000 clients if you have an XP box somewhere to upgrade the GPO.
 
Sorry, I pasted the wrong GPO. The one listed earlier in the thread is the one you want. It doesn't appear because you still need to upgrade the GPO to XP using the article I linked. But looking at the description for that GPO, it says it requires at least an XP client.

I would stick with setting fDenyTSConnections to 0 using a script of some kind. Or upgrade to XP 😉
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top