Author Posts

September 15, 2015 at 5:34 am

can someone help in providing cmdlets on enabling RDP and administrative rights on local machine

September 15, 2015 at 5:55 am

Hi Srikanth,

Please provide some additional information on what you are trying to accomplish:
– OS version?
– running remotely or local to the system you are trying to enable rdp for?
– are you looking to add user to local Administrator's group?

In general there is not a specific cmdlet that will enable RDP or grant admin rights, but a short script should be able to accomplish these tasks. However, depending on your specific situation the script may need to be modified.

September 15, 2015 at 6:02 am

operating system : windows 7 ,64-bit.

1.need cmdlet or script to add domain users to local administrative group
2.need cmdlet or script to add domain users to remote desktop users group.

September 15, 2015 at 7:19 am

Try this:

$DomainName = 'whatever.com'
([ADSI]"WinNT://./'Administrators',group").Add("WinNT://$DomainName/'Domain Users'")
([ADSI]"WinNT://./'Remote Desktop Users',group").Add("WinNT://$DomainName/'Domain Users'")

September 15, 2015 at 7:59 am

To enable RDP on Windows 7 you pretty much have to perform 2 tasks:
1. Enable RDP (via registry)
2. Enable RDP firewall rule – for Windows 7 I believe you have to rely on good ole netsh, don't think there is a Powershell equivalent (Windows 8 I believe has one)

If you are running locally you can accomplish this with two lines (needs to be run as admin):

Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -Name "fDenyTSConnections" -Value 0
netsh advfirewall firewall set rule group=”remote desktop” new enable=Yes

September 15, 2015 at 8:09 am

hi Jim,

i tried both the cmdlets but it didn't work for me.

error :The following exception occurred while retrieving member "add": "The group name could not be found.

kindly suggest.

many thanks.

September 15, 2015 at 9:24 am

Hi Srikanth,

Try breaking things up to see where things are failing:

$groupName = "Administrators"
$computer = "localhost"
$userName = "jsmith"
$domain = "yourdomain.com"

#bind to group and user
$group = [ADSI]"WinNT://$computer/$groupName,group"
$user = [ADSI]"WinNT://$domain/$userName,user"

#Add user to group
$group.Add($user.Path)

September 15, 2015 at 11:37 am

I just remembered I had a function I wrote awhile back to make it easier. I wanted to go back to it and clean it up a bit but never got around to it. It should work both remotely and locally if you have the permissions (running locally requires Run As Admin rights):