Tuesday 16 September 2014

List users on a terminal services server

qwinsta /server:servername1

  SESSIONNAME       USERNAME                 ID  STATE   TYPE        DEVICE
 services                                    0  Disc
 console                                     1  Conn
                   bob5                      2  Disc
 rdp-tcp#1         bob4                      3  Active
                   bob3                      4  Disc
 rdp-tcp#4         bob2                      5  Active
 rdp-tcp#0         bob                       6  Active
Posted by at No comments:

Tuesday 9 September 2014

Disabling clipboard, Drive Mappings, client redirection etc within a RDP session

So you want to disable
* clipboard copy/paste
* Drive mappings
* printer mappings
fDisableClip , fDisableCdm, fDisableCpm,
and you don't have the PC/Server on the domain?

Easiest thing to do is set it manually using reg query/add like so:
echo off
set server=%1
set passwd=%2
echo =====================================================================
echo %server% %passwd%
psexec \\%server% -u %server%\administrator -p %passwd% reg query "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" | findstr /i fdisable

psexec \\%server% -u %server%\administrator -p %passwd% reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v fDisableClip /t REG_DWORD /d 0x1 /f
psexec  \\%server%  -u %server%\administrator -p %passwd% reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v fDisableCdm /t REG_DWORD /d 0x1 /f
psexec \\%server% -u %server%\administrator -p %passwd% reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v fDisableCpm /t REG_DWORD /d 0x1 /f
psexec \\%server% -u %server%\administrator -p %passwd% reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v fDisableLPT /t REG_DWORD /d 0x1 /f
psexec \\%server% -u %server%\administrator -p %passwd% reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v fDisablePNPRedir /t REG_DWORD /d 0x1 /f

psexec \\%server% -u %server%\administrator -p %passwd% reg query "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" | findstr /i fdisable

 And if for some reason, domain PCs don't have it applied:

echo off
set server=%1
echo =====================================================================
echo %server%
psexec \\%server% reg query "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" | findstr /i fdisable

reg add "\\%server%\HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v fDisableClip /t REG_DWORD /d 0x1 /f
reg add "\\%server%\HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v fDisableCdm /t REG_DWORD /d 0x1 /f
reg add "\\%server%\HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v fDisableCpm /t REG_DWORD /d 0x1 /f
reg add "\\%server%\HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v fDisableLPT /t REG_DWORD /d 0x1 /f
reg add "\\%server%\HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v fDisablePNPRedir /t REG_DWORD /d 0x1 /f

psexec \\%server% reg query "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" | findstr /i fdisable
 
 
Posted by at No comments:
Subscribe to: Posts (Atom)