TS - FR keyboard by default

Keyboard
Data collected on: 4/21/2015 1:44:16 PM

General

Details

Domain	domain.local
Owner	DOMAIN\Admins du domaine
Created	4/21/2015 1:32:00 PM
Modified	4/21/2015 1:42:44 PM
User Revisions	18 (AD), 18 (sysvol)
Computer Revisions	1 (AD), 1 (sysvol)
Unique ID	{0E240A4C-8A26-4761-8907-DB164F024AFC}
GPO Status	Enabled

Links

Location	Enforced	Link Status	Path
TS	No	Enabled	domain.local/Member Servers/TS

This list only includes links in the domain of the GPO.

Security Filtering

The settings in this GPO can only apply to the following groups, users, and computers:

Name

NT AUTHORITY\Authenticated Users

Delegation

These groups and users have the specified permission for this GPO

Name	Allowed Permissions	Inherited
NT AUTHORITY\Authenticated Users	Read (from Security Filtering)	No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS	Read	No
NT AUTHORITY\SYSTEM	Edit settings, delete, modify security	No
		No

Computer Configuration (Enabled)

Policies

Administrative Templates

Policy definitions (ADMX files) retrieved from the local machine.

System/Group Policy

Policy	Setting	Comment
User Group Policy loopback processing mode	Enabled
Mode: Merge

User Configuration (Enabled)

Preferences

Windows Settings

Registry

2 (Order: 1)

General

Action

Update

Properties

Hive	HKEY_CURRENT_USER
Key path	Keyboard Layout\Preload
Value name	2
Value type	REG_SZ
Value data	00000409

Common

Options

Stop processing items on this extension if an error occurs on this item	No
Run in logged-on user's security context (user policy option)	No
Remove this item when it is no longer applied	No
Apply once and do not reapply	No

1 (Order: 2)

General

Action

Update

Properties

Hive	HKEY_CURRENT_USER
Key path	Keyboard Layout\Preload
Value name	1
Value type	REG_SZ
Value data	00000c0c

Common

Options

Stop processing items on this extension if an error occurs on this item	No
Run in logged-on user's security context (user policy option)	No
Remove this item when it is no longer applied	No
Apply once and do not reapply	No

ShowStatus (Order: 3)

General

Action

Update

Properties

Hive	HKEY_CURRENT_USER
Key path	Software\Microsoft\CTF\LangBar
Value name	ShowStatus
Value type	REG_DWORD
Value data	0x4 (4)

Common

Options

Stop processing items on this extension if an error occurs on this item	No
Run in logged-on user's security context (user policy option)	No
Remove this item when it is no longer applied	No
Apply once and do not reapply	No

Label (Order: 4)

General

Action

Update

Properties

Hive	HKEY_CURRENT_USER
Key path	Software\Microsoft\CTF\LangBar
Value name	Label
Value type	REG_DWORD
Value data	0x0 (0)

Common

Options

Stop processing items on this extension if an error occurs on this item	No
Run in logged-on user's security context (user policy option)	No
Remove this item when it is no longer applied	No
Apply once and do not reapply	No

AutoAdjustDeskBand (Order: 5)

General

Action

Update

Properties

Hive	HKEY_CURRENT_USER
Key path	Software\Microsoft\CTF\MSUTB
Value name	AutoAdjustDeskBand
Value type	REG_DWORD
Value data	0x0 (0)

Common

Options

Stop processing items on this extension if an error occurs on this item	No
Run in logged-on user's security context (user policy option)	No
Remove this item when it is no longer applied	No
Apply once and do not reapply	No

Your system administrator does not allow the use of saved credentials to log on to the remote computer RDP terminal server because its identity is not fully verified.

In order to use saved RDP or Terminal Server credentials you need to do the following:

1. On the local machine, Open Group Policy Editor via Run -> gpedit.msc

2. Navigate to Local Computer Policy>Computer Configuration>Administrative Templates>System>Credentials Delegation

3.Open Setting Allow Delegating Saved Credentials with NTLM-only Server Authentication, set it to Enabled click on button Show... and in Show Contents window add Value TERMSRV/*. Close the windows by pressing OK.

*Repeat step 3 on the following settings:

Allow Delegating Default Credentials

Allow Delegating Saved Credentials

Allow Delegating Default Credentials with NTLM-only Server Authentication

4. Open comman prompt and enter gpupdate /force command to update your policy.

TS-Remote-App: Create a launcher box containing the programs from C:\Users\Public\Desktop

This compiled .ahk will behave like an application launcher for multiple programs from TS in Remote-App mode. If you don't want it to launch the first program automatically, replace || with a single | on line #9.

Enjoy!

;(c)2014 sorin@xxxxxxxx.com under the terms of LGPL v2

#SingleInstance force

files =

Directory = C:\users\public\desktop

Loop, %Directory%\*.lnk, , 1

{

  fullfile = %A_LoopFileName%

  filename := RegExReplace(fullfile,"\.lnk","")

  files = %filename%||%files%

}

Gui, Color, 22BBFF

Gui -Caption +Border +AlwaysOnTop 

Gui, Font, S11, Tahoma

Gui, Add,Button, x255 Y3 w35 h22 gButtonOK, OK

Gui, Add,Button, x10 Y3 w35 h22 gButtonKill, X

Gui Add, ComboBox, X50 Y1 h10 r20 W200 vScript, %files%

Gui Show, x50 y0 H28 W300

ButtonOK:

GuiControlGet Script,, script

if script <>

Run, %Directory%\%script%.lnk, , ,PID

Return

ButtonKill:

Process, Close, %PID%

Sleep, 1000

exitapp

return

return

RD Shadow in 2012 R2

PS:>

Import-Module RemoteDesktopServices

Get-RDUserSession | select UserName,SessionId,UnifiedSessionId

mstsc /shadow:%UnifiedSessionId” /control /noConsentPrompt

the SessionId and UnifiedSessionId might have to be used, depending on how the wind blows and at what angle the Sun is on the sky :)

Windows Shell for TS - without Domain Controller

On the RD Session Host Configuration ,the following (compiled as c:\windows\tssession.exe) script is executed as initial shell:

;(c)2014  sorinakis@g**il.com

;msgbox, Username: %A_UserName%
AuthUsers = Administrator|administrator
Loop Parse, AuthUsers, |
{
 ifEqual, A_LoopField, %A_Username%
 {
  Sleep, 500
  Run, explorer.exe
  ;MsgBox EXPLORER Executed.
  GoTo, End
 }
else
 {
  ;MsgBox In the ELSE branch.
  Sleep, 500
  Run, D:\Partages\apps\LCM\Bin\wrun32.exe -ws -c D:\Partages\apps\LCM\etc\CBLCONFI-RZ_APP.ini utmenu
  Sleep 500
  WinMaximize, ahk_class AcucobolWClass
  IfWinExist, Cie(01)
  {
   WinMaximize,  Cie(01)
   Sleep, 500
   WinWaitClose, Cie(01)
   Sleep, 500
   Run, shutdown /l
  }
  Return
 }
}
End:
Sleep, 100
;MsgBox At the END.

Clear Win7 UserProfile

' Clear Win7/Win2008 User Profile and registry
' to be executed on each Terminal Server
'(c)2012-2014 sorinakis@gmail

Set WshShell = CreateObject("WScript.Shell")
Set WshNet = WScript.CreateObject("WScript.Network")
Set WMIService = GetObject("winmgmts:\\.\root\cimv2")
Set objRegistry = GetObject("winmgmts:\\.\root\default:StdRegProv")
set WshFSO = CreateObject("Scripting.FileSystemObject")
const HKEY_LOCAL_MACHINE = &H80000002

dim strUser
Do
strUser = InputBox(vbCrLf & "Please enter the username you wish to reset: ", "Profile Cleaner")

 If TypeName(strUser) = "Empty" Then
     WScript.Quit
 End If
If Len(Trim(strUser)) = 0 Then
     MsgBox "You have to Enter Username To Reset",48
 End If
Loop While Len(Trim(strUser)) = 0
'' debug
'with createobject("wscript.shell")
'.popup "User: " & strUser , 5 , "Info"
'end with
'' end debug
if CStr(CheckUser(strUser)) then
Set Account = WMIService.Get("Win32_UserAccount.Name='" & strUser & "',Domain='" & WshNet.UserDomain & "'")
strRegKey = "SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" + Account.SID

if CheckRegKey(strRegKey) then
strUserProfile = WshShell.ExpandEnvironmentStrings(WshShell.RegRead("HKEY_LOCAL_MACHINE\" + strRegKey + "\ProfileImagePath"))
strRmtFldr = WshShell.ExpandEnvironmentStrings(WshShell.RegRead("HKEY_LOCAL_MACHINE\" + strRegKey + "\CentralProfile"))
Else
MsgBox "  The registry key for user " & strUser & " does not exist! Can NOT backup and clean anything!" & vbCrLf & vbCrLf & "Please manually check for and rename the USERPROFILE and ROAMINGPROFILE Folders.",16
wscript.quit
End If
strRegFile = strUserProfile & "\reg_backup.reg"
regCmd = "regedit.exe /E """ & strRegFile & """ " & """HKEY_LOCAL_MACHINE\" & strregKey & """"

If WshFSO.FolderExists (strUserProfile) Then
 '' debug
 'with createobject("wscript.shell")
 '.popup "Backup: " & strUserProfile , 5 , "Info"
 'end with
 '' end debug
WshShell.Run regCmd, 0, True
 WshFSO.MoveFolder strUserProfile , strUserProfile & ".backup"
End If

If WshFSO.FolderExists (strRmtFldr) Then
 '' debug
 'with createobject("wscript.shell")
 '.popup "Backup: " & strRmtFldr , 5 , "Info"
 'end with
 '' end debug
   WshFSO.MoveFolder strRmtFldr , strRmtFldr & ".backup"
End If

 '' debug
 'with createobject("wscript.shell")
 '.popup "Removing: HKEY_LOCAL_MACHINE\" & strRegKey , 5 , "Info"
 'end with
 '' end debug
 DeleteSubkeys HKEY_LOCAL_MACHINE, strRegKey
 Sub DeleteSubkeys(HKEY_LOCAL_MACHINE, strRegKey)
    objRegistry.EnumKey HKEY_LOCAL_MACHINE, strRegKey, arrSubkeys
    If IsArray(arrSubkeys) Then
        For Each strSubkey In arrSubkeys
            DeleteSubkeys HKEY_LOCAL_MACHINE, strRegKey & "\" & strSubkey
        Next
    End If
    objRegistry.DeleteKey HKEY_LOCAL_MACHINE, strRegKey
 End Sub


' Open the backed up profile it in explorer...

'strPath = "explorer.exe /e, strRmtFldr" & ".backup"
'WshShell.Run strPath 

'debug
  with createobject("wscript.shell")
 .popup "Profile of " & strUser & " has been processed.", 5 , "Info"
 end with
 '' end debug
wscript.quit                  
Else
MsgBox  "USER " & strUser & " NOT FOUND!", 16
wscript.quit
End If

Function CheckRegKey(strRegKey)
On Error Resume next 
strUserProfile = WshShell.ExpandEnvironmentStrings(WshShell.RegRead("HKEY_LOCAL_MACHINE\" + strRegKey + "\ProfileImagePath"))
  If Err.Number <> 0 Then
    Err.Clear
CheckRegKey = false
else
   Err.Clear
CheckRegKey = true
End If
end function

          
Function CheckUser(user)
On Error Resume next
with CreateObject("WScript.Shell")
Set Account = WMIService.Get("Win32_UserAccount.Name='" & User & "',Domain='" & WshNet.UserDomain & "'")
end with
CheckUser = (Err.Number = 0)
On Error Goto 0
end function