Print
Close Window
From: www.itworld.com
Managing Remote Desktop settings on a remote computer
April 21, 2008 —
An article I wrote almost four years ago is still generating a lot of discussion (see the comments beneath the article). The topic was about how to remotely enable Remote Desktop on a Windows Server 2003 machine, and it's a good example of a bootstrap problem: how can I enable Remote Desktop remotely so I can connect remotely using Remote Desktop. This and other crazy problems formed the basis of my book Windows Server Hacks, which documents 100 of these problems and how to solve them.
Reader John Nordien, who is the Server & Storage Architect at Manitoba Lotteries Corporation, recently contacted me concerning my article, indicating that he had written a script called SetRDP.cmd that takes the ideas espoused in my article one step further. John says his company has a corporate policy in place that says remote desktop should be disabled by default on all Windows computers. Naturally, a policy like this can make it difficult to remotely manage such computers. So John wrote a simple script that he could use to remotely enable Remote Desktop, perform his work on the remote machine, and then disable Remote Desktop again easily.
Here's John's description of his script, followed by the script itself. Just copy the script into Notepad and save it as SetRDP.cmd. As with all advice presented in this column, this script is presented "as is" so be sure to test it before using it in a production environment.
"Description: SetRDP.cmd is a script to Enable, Disable, or Check on the setting
of the Remote Desktop checkbox on a remote computer. This script has been tested
to work on Windows XP and Windows Server 2003. The script needs to be run with
appropriate Administrator credentials on the remote computer. It is assumed
that Remote Registry is enabled and firewalls are not blocking access. In addition,
the console registry tool Reg.exe is required."
@echo off
cls
rem
rem Script to configure or check a remote system's Remote Desktop
(RDP) feature.
rem
echo.
echo Script to configure or check a remote system's Remote Desktop
(RDP) feature.
echo.
If %2x == x goto Error
If %1x == x goto Error
If %1x == ONx goto ON
If %1x == onx goto ON
If %1x == OFFx goto OFF
If %1x == offx goto OFF
If %1x == CHECKx goto CHECK
If %1x == checkx goto CHECK
goto Error
:ON
Echo.
echo Setting RDP ON for computer %2
echo.
reg query "\\%2\HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server"
/v fDenyTSConnections
reg add "\\%2\HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections
/t REG_DWORD /d 0x0 echo.
echo RDP for computer %2 should now be ON.
goto End
:OFF
Echo.
echo Setting AutoLogon OFF for computer %2 echo.
reg query "\\%2\HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server"
/v fDenyTSConnections
reg add "\\%2\HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections
/t REG_DWORD /d 0x1 echo.
echo RDP for computer %2 should now be OFF.
goto End
:CHECK
echo.
echo Checking RDP state on computer %2
echo.
reg query "\\%2\HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server"
/v fDenyTSConnections
goto End
:Error
Echo Usage:
echo SetRDP ON computername
echo SetRDP OFF computername
echo SetRDP CHECK computername
echo.
echo Example: To ENABLE RDP for computer PC1
echo SetRDP ON PC1
echo.
echo Example: To DISABLE RDP for computer PC1
echo SetRDP OFF PC1
echo.
echo Example: To CHECK RDP for computer PC1
echo SetRDP CHECK PC1
echo.
:End
Got tips or scripts you'd like to share with our readers that can help make
enterprise administration easier for them? Email me and I'll share them in a
future edition of this column.
ITworld.com