Cmdlet for enabling RDP and administrative rights on local machine

This topic contains 7 replies, has 3 voices, and was last updated by  Chris Wolfenden 2 years, 1 month ago.

  • Author
    Posts
  • #29763

    Srikanth Byram
    Participant

    can someone help in providing cmdlets on enabling RDP and administrative rights on local machine

  • #29765

    Chris Wolfenden
    Participant

    Hi Srikanth,

    Please provide some additional information on what you are trying to accomplish:
    – OS version?
    – running remotely or local to the system you are trying to enable rdp for?
    – are you looking to add user to local Administrator's group?

    In general there is not a specific cmdlet that will enable RDP or grant admin rights, but a short script should be able to accomplish these tasks. However, depending on your specific situation the script may need to be modified.

  • #29766

    Srikanth Byram
    Participant

    operating system : windows 7 ,64-bit.

    1.need cmdlet or script to add domain users to local administrative group
    2.need cmdlet or script to add domain users to remote desktop users group.

  • #29770

    Jim Topp
    Participant

    Try this:

    $DomainName = 'whatever.com'
    ([ADSI]"WinNT://./'Administrators',group").Add("WinNT://$DomainName/'Domain Users'")
    ([ADSI]"WinNT://./'Remote Desktop Users',group").Add("WinNT://$DomainName/'Domain Users'")
    
  • #29773

    Chris Wolfenden
    Participant

    To enable RDP on Windows 7 you pretty much have to perform 2 tasks:
    1. Enable RDP (via registry)
    2. Enable RDP firewall rule – for Windows 7 I believe you have to rely on good ole netsh, don't think there is a Powershell equivalent (Windows 8 I believe has one)

    If you are running locally you can accomplish this with two lines (needs to be run as admin):

    Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -Name "fDenyTSConnections" -Value 0
    netsh advfirewall firewall set rule group=”remote desktop” new enable=Yes
    
  • #29774

    Srikanth Byram
    Participant

    hi Jim,

    i tried both the cmdlets but it didn't work for me.

    error :The following exception occurred while retrieving member "add": "The group name could not be found.

    kindly suggest.

    many thanks.

  • #29777

    Chris Wolfenden
    Participant

    Hi Srikanth,

    Try breaking things up to see where things are failing:

    $groupName = "Administrators"
    $computer = "localhost"
    $userName = "jsmith"
    $domain = "yourdomain.com"
    
    #bind to group and user
    $group = [ADSI]"WinNT://$computer/$groupName,group"
    $user = [ADSI]"WinNT://$domain/$userName,user"
    
    #Add user to group
    $group.Add($user.Path)
    
  • #29780

    Chris Wolfenden
    Participant

    I just remembered I had a function I wrote awhile back to make it easier. I wanted to go back to it and clean it up a bit but never got around to it. It should work both remotely and locally if you have the permissions (running locally requires Run As Admin rights):

You must be logged in to reply to this topic.