RemoteApp Calling a PS1 script from a RDS environment

I’m running a 2016 RDS environment. I have a unique app that requires a antiquated OS. I’ve provisioned a Remoteapp which is just a .bat file that calls a Powershell script. The Powershell script simply queries a list of OS’s to see if a user is logged on. (not sure if this is a Powershell question or not but i’ll start here). Now as an admin launching the remoteapp (bat file) the query works fine, it successfully gets a list of who’s logged on to these antiquated servers. When launching the app as a regular user it never successfully returns data. I’ve tried this script from technet which works great as an admin. I’ve also used the qwinsta tool which also works fine as an admin. For testing, UAC is off as well as Firewall and still no dice. With auditing on i do see a failure on the RDSH server in regards to a sensitive privilege use SeTcbPreivilege which is the ‘act as part of the OS’ user right. Even if i explicitly give the user this right (to test) it doesnt execute right and always just returns that no users are logged on. I know its the interesting way in which this solution is being implemented and how its calling powershell, but I’m just not sure on my next steps here. Looking for some input or guidance. I realize its not the best option, but its one of those issues that i need to workaround. Appreciate any help.

Edit: i can add the user as a local admin on the RDSH host and the script still doesn’t execute properly. If i add the user as a domain admin it executes properly.

Edit: Found the cause to be when executing either form of the query, as a regular user, its the permissions on the server that is being queried that was inhibiting the resolution.

If you’ve resolved this, consider posting the resolution for others when they run into the same issue.

Hey Rob,


I found that this issue has to do with the permission that the regular user has on the OS’s that are being queried. I’m not sure on the exact perms needed, as we needed a quick fix, but with local admin rights it can query ok. We’ll try to dig deeper when time permits.