Monthly Archives: July 2013

Remote Desktop Protocol

Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft. RDP is encapsulated and encrypted within TCP, and used for communication between the server software – Remote Desktop Services (formerly known as Terminal Services) and the client software – Remote Desktop Connection (formerly known as Terminal Services Client).

The above lines should be enough for a simple definition of RDP, but my focus in this post is the ability of RDP to connect two computers over a network, and see the remote computer’s desktop as well as have access to all of its applications and files. Please note that this feature is included with all editions of Windows 7.

In this post I will describe a small HTA application, which I named Remote Desktop Assistant (RDA) that provides graphical user interface for a collection of VB Script functions in order to automate the repetitive tasks of enabling/disabling and configuring remote desktop settings on domain computers. RDA will help you to connect to a remote computer, enable Remote Desktop, change port settings if necessary, and help you manage Remote Desktop Users group. It will create a searchable log file for every computer enabled for RDP. Once you run RDA as a user with admin rights, the first interface you will see is the following:


Instead of ‘LocalPC’, I’ve typed the name of a remote computer: Test-AFL-10 and click the PC RDP Connect button. Since this computer was not enabled for remote access, I’ve received the following message:


Enable / Configure Remote Desktop Settings

But if I’d clicked the Remote Desktop button, the RDA would connect to the remote computer and check/display RDP Settings on this computer (Test-AFL-10), as shown in the picture below:

3_Rdp_GetInfoFromRemotePc_01I can see that RDP is not enabled, and there is no domain users listed in the RDU group, so the first step should be to enable RDP on this computer by clicking Enable RDP button. On Windows 7 computers, once you enable RDP, you need to restart remote computer in order to set RDP settings to Enabled status. Please note the prompt below:


To restart a computer, just select the appropriate radio button and click Run Selection.


Adding User to Remote Desktop Users group

The second step should be to select one of your domain users and add them to the Remote Desktop Users group. This could be done by typing the user’s logon name and selecting User radio button. You need to enter at least 3 characters to search for a domain user account.

6_Rdp_SettingUser_01 Once you have your search result back, you will see the following interface:

7_Rdp_SettingUser_02If this is the domain account you want to add to the RDU group, click Object Info button and more info will be provided with additional options to add this account to the RDU group, Local Administrators group or to go back to the list of users.

8_Rdp_SettingUser_03In my case, Mr. Peter King is the correct domain account, and only I have to do is to click Add To RD Group button. Mr. King’s name is now listed under the list of users allowed to connect remotely to the selected computer.

9_Rdp_SettingUser_04From this interface I have option to remove listed user, created RDP shortcut for his computer and paste it into user’s home drive (this HTA uses Active Directory  and checks the ‘homeDirectory’ attribute,  if ‘homeDrive’ is set and specifies a drive letter, the ‘homeDirectory’ must be a UNC). It is convenient to have all important shortcuts available on your home drive, so I’ve clicked Create RDP Shortcut button to have it created in King’s home drive, as shown below:

10_Rdp_SettingUser_05_HomeDriveShortcutNow when Mr. King double-clicks on the RDP shortcut, he just needs to type in his password and he is ready to go:


Adding Security Groups Members

You can use RDP to search for groups in Active Directory and then add the group itself or its members to the RD Users group on the selected computer. Just type the name of the security group, select Group radio button, and click Search button.

12_Rdp_SettingGroup_01Once you get your search result back, you have option to add the group itself by clicking the leftmost button on the bottom of the page, or you can add just members of this group by clicking the button next to the user listed under the List of Group Members.

13_Rdp_SettingGroup_02In my example, I’ve chosen Mr. Chris Blue and as shown in the picture below, he is now listed as a member of the RDU group of the computer named Test-AFL-10.

14_Rdp_SettingGroup_04And at the end I’ve added the security group itself, so all the members of this group can utilize Remote Desktop on this computer. RDP Settings on Test-AFL-10 computer are as follows:

15_Rdp_SettingGroup_05Log File

The last feature that I want to show you is the ability of RDA to log all the computers that are enabled / configured for RDP. It is an optional (but highly recommended) feature. If you want to keep a log of all the computers configured for Remote Desktop by this tool, please first access the Remote Desktop Log File – Configuration page by clicking Log File button, and then type the path and name of the log file (in my example): \\Test-DC-01\Data\KeepHidden$\RdpLog.ini. See the picture below:

16_Rdp_LogFile_ListUserYou can search the log file by user/computer name, and you can access remote desktop settings on a remote computer by clicking RDP button next to the computer name.


At the end I want to emphasise great results, efficiency and ability to accomplish a job of configuring and tracking remote desktop settings. It just takes 10-15 seconds and a few clicks, to have remote desktop enabled and Remote Desktop Users group populated on remote computers by this little HTA application.

I used this application not just for remote administration, but to support my clients in the following situations:

  • Access domain computer from client’s home or a hotel.
  • Very useful for clients that frequently have presentations in different conference/meeting rooms. In this scenario, a Client uses / logs on a conference machine, opens his/her home drive and double clicks the RDP shortcut to connect to his/her computer and have all the files, software and links available.
  • Reduces need to buy/install additional expensive software; having software installed on one extra PC, there is no need for additional installation of the same software on other PCs if a user has permission to access this PC a few times during a week/month.
  • Reduces need for removable media (CD/DVD, USB flash drives) as well as making multiple copies of files/folders in different network locations.

Please note: Although the author has made every reasonable attempt to achieve complete accuracy of the content, he assumes no responsibility for errors or omissions. Also, you should use this information as you see fit, and at your own risk.