This topic is resolved
- Fri, Nov 17 2017 at 5:14 am #324703BenParticipant
Member Points: 66Rank: Level 1
- Topics: 1
- Replies: 0
I’m trying to Logon/Unlock local screens on multiple computers from a single computer (Instructor). I initially had it working as long as all the computers have administrator privileges. I setup Remote Desktop and use Remote Desktop Plus to logon to the computers via a batch file using an encrypted password. Then once logged on, I execute the following powershell command:
@powershell -NoProfile -ExecutionPolicy unrestricted -Command “$sessionid=((quser $env:USERNAME | select -Skip 1) -split ‘\s+’); tscon $sessionid /dest:console” 2> UnlockErrors.log
This then drops my connection and allows the local display on each computer to be displayed logged on and ready to go. It also works for simply unlocking the screen. This was great until I had to change the account to Standard User.
Is there a way to allow the Standard user account to execute the powershell command above in the manner I am describing? The main thing I need to do is have the ability to remotely unlock/logon to systems so trainees can use the computers without having them to know the local passwords or any local logon interaction. I also need to be able to lock the screens remotely as well which I can do as administrator using the following:
start psexec.exe -i computername -s C:\Windows\System32\rundll32.exe user32.dll,LockWorkStation
The instructor cannot know the password as they logon with a smartcard and use a PIN with an account that is already linked to the user account locally.
Any input/ideas would be appreciated.
Users who have liked this topic:
- Wed, Nov 22 2017 at 2:35 am #329137Michael PietroforteKeymaster
Post count: 1046Member Points: 7,244Rank: Level 1
- Topics: 138
- Replies: 337
You can give standard users access to PowerShell remoting and you can configure what things users are allowed to do. Make sure that you understand the procedures in detail, otherwise you will introduce a security problem in your network. It would be great if you tell us how you configured your environment to solve the problem.
You must be logged in to reply to this topic.