Is it possible, natively in Kace, to run a report that would tell me who has RDP access on all computers checking into Kace?

We've been having an RDP spam issue lately which is leading to a flurry of locked AD accounts. We want to turn it off globally and then restore RDP access for select individuals and create a custom firewall rule for their access.

Thanks,

-- Ray
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Answers

2

There's nothing specifically native to the K1000. However, you could easily create a Custom Inventory item. The rule for that item would be something like:

ShellCommandTextReturn(cmd /c net localgroup "Remote Desktop Users"|findstr /v "^$ Alias Comment Members --- command")

This will return the output of the net localgroup command, without all of the extra headers. The findstr is in there to help clean up the output. Feel free to play around with it to suit your needs. For instance, if you want to only return domain users that have been added, you could change it to look like:

ShellCommandTextReturn(cmd /c net localgroup "Remote Desktop Users"|findstr \\")

Hope this helps!

Answered 05/02/2016 by: BHC-Austin
Fourth Degree Black Belt

Please log in to comment
Answer this question or Comment on this question for clarity