Monday, August 22, 2011

Enable Remote Desktop via WMIC CLI

Got a call from employee who called in sick and wanted to remote desktop to his machine. He did not enable the "allow remote desktop to this machine" and could not remote desktop to his machine. One of the request was "do not log me out cause I have unsaved document opened".

Had two solution.
  1. Log him off and say tough luck
  2. Reset his password to a default one and login as him/her and enable it. (Good solution if you ask me)
  3. Find a better solution! and I did and WMIC came to the rescue.
Source : http://www.vedivi.com/support/blog/71-how-to-enable-remote-desktop-programmatically.html
I had some experience with WMIC and I knew it probably had something which can do just that and finally found the above post explaing different ways to run WMIC command to enable Remtoe Desktop. I am only interested in enabling remote desktop access to remote pc. So here's the command I have to play around with :-
  • To verify if its enable or disabled use :-
wmic /node:"RemoteServer" /user:"domain\AdminUser" /password:"password"
RDToggle where servername="RemoteServer" get AllowTSConnections

  • To enable Remote Desktop Access
wmic /node:"RemoteServer" /user:"domain\AdminUser" /password:"password"
RDToggle where servername="RemoteServer" call SetAllowTSConnections 1


I used FQDN for 1st RemoteServer and used ComputerName for 2nd RemoteServer.

So before playing with our production server. I fired my test lab which is Win 2008 R2 Sp1 and Client Win 7 Pro.

From the Server I tried :-

C:\Users\Administrator>wmic /node:"testpc.plab.local" /USER:"plab\administrator" RDTOGGLE WHERE ServerName="testpc" CALL SetAllowTSConnections 1
That gives you a prompt to input password for the administrator

Enter the password :********
Executing (\\TESTPC\ROOT\CIMV2\TerminalServices:Win32_TerminalServiceSetting.ServerName="TESTPC")->SetAllowTSConnections()

Method execution successful.


Out Parameters:
instance of __PARAMETERS
{
        ReturnValue = 0;
};

In the output above look for "Method execution sucessful". If your Firewall is enabled on the Client PC then you will get RPC Service Unavailable. I turned my off after getting the error.
So basically this script works successfully on Win 2k8 R2 (Server) and Win7 (Client).

2 comments:

  1. that's the first real non-defective answer to the question; the key here was (at least for me) NOT using FQDN for both but just using host on the second parameter -- great tip. Thank you

    ReplyDelete