none
Enable Remote Assistance with OFFER Remote assistance configured RRS feed

  • Question

  • Working with MDT 2012 and I'm trying to figure out how to enable Remote Assistance for a Windows 7 Work Group PC via a PowerShell script.

    To save on having to come back and explain this let me take a moment to expound on what I mean. I HAVE Remote Assistance working on a work group PC WITH the ability to offer remote assistance to the PC from both inside and outside the workgroup (for the Helpers in the Offer Remote Assitance GPO Instead of <Domain>\<Group or User> i'm using <PC>\<Local PC Account> namely the Administrator and a user Admin account) So that WORKS. if I set it manually. what I need to do is figure out how to automate it for an imaging task sequence in MDT.

     Normal domain PC's are configured through GPO so I KNOW where the settings are and I have run Process Monitor and determined the registry keys that the GPO ultimately sets but when I manually set those values in the registry it does not work.

    To be clear i DO understand that GPO is the cleanest and best way to go with this,  but I have a rock and a hard place situation where we utilize a few AS/400s that we interface with though IBM Client Access and we discovered that the Local GPO pack that we were using was setting a conflicting GPO regarding NTLM or Kerberos or something along those lines that did not reflect how the AS/400 server security was negotiated, causing logon issues, dropped sessions etc. So we disabled the GPO Pack part of each task sequence.

    So I'm not sure if I am just missing something i need to do after setting the registry keys (e.g. restart a service, force a gpupdate, etc) 

    I guess the better starting question is this EVEN POSSIBLE without doing it through GPO

    If it's not possible is there a way via say vbscript or powershell to import a specific GPO via a admx file?

    I'm completely up for solutions, suggestions, guidance

    Thanks in advance,

    Ryan


    Quidquid latine dictum sit, altum videtur

    Thursday, April 7, 2016 10:29 AM

All replies

  • You can change the GPO pack to not have the NTLM settings.

    Logs are very important. https://keithga.wordpress.com/2014/10/24/video-mdt-2013-log-files-basics-bdd-log-and-smsts-log/ Mention any customizations you have made.


    Thursday, April 7, 2016 7:10 PM
    Moderator