Re: Configure TS Automatically for Logged On User

I'll have to look into that.

I think that we are doing something similar via Citrix, but I don't deal
with that end of things so I'm not completely sure how it works. I plan to
meet with our Citrix people to get more info. One problem that we've run
into is that some people want to be setup without going through Citrix so
that they can still reach their desktops in the event that the Citrix
servers are having problems. Those are the people who are giving us
headaches because right now we just set them up manually (there aren't very
many). I'd like to get to the point where we don't need to visit the
machine, but we're struggling with how to do that in a way that doesn't
leave the employee with the ability to remotely access any machine that
they've logged in to previously.

--Tom

"Patrick Rouse" <PatrickRouse@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A7CD129F-6DA3-4A7D-81A4-6A846AA58781@xxxxxxxxxxxxxxxx
We have a solution called Virtual Access Suite, Desktop Services Edition
which allows publishing of desktops or individual applications from
Managed
Virtual Desktops (on VMware or Virtual Iron), Standard XP Pro or Vista
Desktops or Blade PCs. With our solution the administrator assigns users
to
desktops, or users get a desktop from a pool (and return it to a pool at
logoff) or users get a desktop from a pool and retain it permanently. Our
solution removes the users name from the Remote Desktop Users Group at
logoff, so users can not connect via remote desktop w/o connecting via our
Connection Broker.

Users can connect via Web Browser w/ SSL Gateway, CE Client, Linux Client
or
Win32 non-web client.

With this an administrator can offer a managed desktop/application
solution
for internal and external users (VDI) and stop paying a recurring fee for
services such as GoToMyPC.



--
Patrick C. Rouse
Microsoft MVP - Terminal Server
SE, West Coast USA & Canada
Quest Software, Provision Networks Division
Virtual Client Solutions
http://www.provisionnetworks.com


"Thomas M." wrote:

Yep, that sounds like what I am looking for. I could create a security
group called something like TSUsers and then add an IF statement to run
your
command if the user is a member of the TSUsers group. That should work.

Now I've come up with two other questions. First, is there a registry
hack
or something that will cause the "Allow users to connect remotely to this
computer" box to be checked? That box is on the Remote tab of the system
properties.

Ideally, when we get a request to configure someone to use TS we would
just
drop them into a domain group and then the login script, based on
membership
in that group, would check the box and add the user to the Remote Desktop
Users group. That would allow us to do this with essentially no
overhead.

Second, say that Betty logs on to Mike's computer and that the login
script
configures Mike's computer so that Betty can use TS to control the
machine.
After Betty logs off, does her user name remain a member of the Remote
Desktop Users group, meaning that she would retain the ability to
remotely
control Mike's machine?

--Tom

"Marcin" <marcin@xxxxxxxxxxxxxxxx> wrote in message
news:7028CF0A-13C6-4753-8EEC-C1E69B7327B6@xxxxxxxxxxxxxxxx
Thomas,
include the following
net localgroup /add "Remote Desktop Users" %username%
in the logon script (this will succeed if the current user is a member
of
local Administrators - which, from what I understand, is what you are
looking for)

hth
Marcin






.

Relevant Pages

  • Re: RD from Win98 to server 2003
    ... It is the latest RD client. ... athlon is not a domain member) ... >> Use remote desktop from marijab to w2k3. ... >> I can browse network neighborhood and see both machines (ibmthinkpad ...
    (microsoft.public.windowsxp.work_remotely)
  • Re: Explorer
    ... They are using Citrix for the better bandwidth compression in the ICA protocol. ... Remote Web Workplace is a great tool for remote access using Remote Desktop. ... I have a client with an SBS network and a terminal server with Citrix ... The shortcut is on her desktop. ...
    (microsoft.public.windows.server.sbs)
  • Re: Hacking Citrix Faq (fwd)
    ... Subject: Hacking Citrix Faq ... Terminal Services RDP (Remote Desktop Protocol). ... administrator to specify certain applications to be run on ... able to directly access the Citrix Server itself. ...
    (Bugtraq)
  • Re: Citrix Pen Test,
    ... The way its works is that the client need to connect ... to the remote server through Citrix and run the application. ... I noticed that the Citrix Client used ...
    (Pen-Test)
  • [Full-disclosure] 0day: Hacking secured CITRIX from outside
    ... integrated remote CITRIX servers. ... any client/server vulnerabilities nor client/server misconfiguration ... The success of the attack relays on the fact that the victim (the ...
    (Full-Disclosure)