Cmdlet for enabling RDP and administrative rights on local machine

can someone help in providing cmdlets on enabling RDP and administrative rights on local machine

Hi Srikanth,

Please provide some additional information on what you are trying to accomplish:

  • OS version?
  • running remotely or local to the system you are trying to enable rdp for?
  • are you looking to add user to local Administrator’s group?

In general there is not a specific cmdlet that will enable RDP or grant admin rights, but a short script should be able to accomplish these tasks. However, depending on your specific situation the script may need to be modified.

operating system : windows 7 ,64-bit.

1.need cmdlet or script to add domain users to local administrative group
2.need cmdlet or script to add domain users to remote desktop users group.

Try this:

$DomainName = 'whatever.com'
([ADSI]"WinNT://./'Administrators',group").Add("WinNT://$DomainName/'Domain Users'")
([ADSI]"WinNT://./'Remote Desktop Users',group").Add("WinNT://$DomainName/'Domain Users'")

To enable RDP on Windows 7 you pretty much have to perform 2 tasks:

  1. Enable RDP (via registry)
  2. Enable RDP firewall rule - for Windows 7 I believe you have to rely on good ole netsh, don’t think there is a Powershell equivalent (Windows 8 I believe has one)

If you are running locally you can accomplish this with two lines (needs to be run as admin):

Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -Name "fDenyTSConnections" -Value 0
netsh advfirewall firewall set rule group=”remote desktop” new enable=Yes

hi Jim,

i tried both the cmdlets but it didn’t work for me.

error :The following exception occurred while retrieving member “add”: "The group name could not be found.

kindly suggest.

many thanks.

Hi Srikanth,

Try breaking things up to see where things are failing:

$groupName = "Administrators"
$computer = "localhost"
$userName = "jsmith"
$domain = "yourdomain.com"

#bind to group and user
$group = [ADSI]"WinNT://$computer/$groupName,group"
$user = [ADSI]"WinNT://$domain/$userName,user"

#Add user to group
$group.Add($user.Path)

I just remembered I had a function I wrote awhile back to make it easier. I wanted to go back to it and clean it up a bit but never got around to it. It should work both remotely and locally if you have the permissions (running locally requires Run As Admin rights):

https://gist.github.com/164dd18cc2d4e838af02