Trying to enable RDP via scripted installations? Please Advise.
Trying to run a VBS script through online kscript
const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "127.0.0.1"
Set StdOut = WScript.StdOut
On Error Resume Next
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
strComputer & "\root\default:StdRegProv")
If Err.Number <> 0 Then
WScript.Echo "An error has occurred. You may have mistyped the computer name."
WScript.Quit
End If
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"
strValueName = "fDenyTSConnections"
oReg.GetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
If dwValue = 1 Then
dwValue = 0
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
WScript.Quit
End If
Script works if run locally as admin through command prompt, however it fails when running it through scripted install. Any tips?
0 Comments
[ + ] Show comments
Answers (3)
Please log in to answer
Posted by:
looshus
7 years ago
My idea would be this, configure a machine the way you want it. Then export the registry keys you need so you have a nice little ".reg" file with your settings in it. BUT, you'll need to run regedit.exe in with elevated privileges in the script. So use this elevation tool: http://www.winability.com/elevate/
Add the reg file and the Elevate executable as dependencies in your script. Then the script would look like this:
Add the reg file and the Elevate executable as dependencies in your script. Then the script would look like this:
- Launch a program...
- Directory: $(KACE_DEPENDENCY_DIR)
- File: Elevate_x64.exe
- Parameters: "C:\Windows\regedit.exe" -s "$(KACE_DEPENDENCY_DIR)\sample.reg"
The -s is for silent mode, so you can inject registry keys using this method with no user interaction or impact.
Posted by:
krhodes@clarknexsen.com
7 years ago
I typically used a batch file as my first post install task. Here is the command:
Reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
Comments:
-
Will this BAT work as a scripted install too? - Kashumee 7 years ago
-
Standby - krhodes@clarknexsen.com 7 years ago
-
I just tried it, however it failed. When i run it locally it works fine, however when I try to use Kace1000 to push it. It fails :/ - Kashumee 7 years ago
-
Attempted both running as local system and a local admin account through kace1000 and it is still failing. - Kashumee 7 years ago
-
Create a post install task and drag it over to the scripted install. You don't need to employ the K1000 for this. - krhodes@clarknexsen.com 7 years ago
-
What do you mean by post install? I'm trying to roll this out to 200+ machines that are already up and running - Kashumee 7 years ago
-
Ah, I apologize.. I saw scripted install and assumed K2000.. Any reason this can't be a logon script, then? - krhodes@clarknexsen.com 7 years ago
-
Yeah I particularly don't work on the AD and our guy that does unfortunately is not cooperative. However one way or another this needs to get done. - Kashumee 7 years ago
Posted by:
chucksteel
7 years ago
This is the batch script we use in our scripted installations:
reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 0 /f
