Script to add "Last User" to the "Remote Desktop Users" group
We are currently going through the process of removing local admin rights on our pc's and we still need the ability for our users to remote desktop to their pc. I don't want to give everyone access to remote into all of our computers, only their primary. Is there a way of scripting this in KACE?
Thanks,
Chad
0 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
cmccracken
9 years ago
Hey Chad,
I think powershell can help with this one.
Make a powershell script with the following (verifying for your environment):
#Read the most recent inventory
[xml]$inventory = Get-Content C:\ProgramData\Dell\KACE\inventory.xml
#Get the last user
$user = $inventory.MachineStruct.LAST_USER.InnerText
#Add user to group
net localgroup "Remote Desktop Users" /add $user
Add the powershell script as a dependency to an online shell script (running as local system). For the script text use:
powershell.exe -nologo -noninteractive -windowstyle hidden -executionpolicy bypass -noprofile -file DependencyNameHere.ps1
I tested the powershell script, but didn't test deploying it from the kbox (though the code to do so is from another powershell script I have) so please make sure you test it first.
Casey
