Is there a way to manipulate the Permissions list for Windows NT Security? For example to use a script to permission a local group to have full control - without manully configuring it through Radmin Server Settings?
Hi Eugene, I tried running procmon to see what regkey rserver3.exe is modifying when I change the permission list, but I could not find anything obvious. Can you specify which regkey value/data I need to capture?
Thank you - I could've sworn I checked this key and couldn't see this key was changed after changing the permissioning.
I guess since we're using local groups for permissioning, and each local group is a different SID for machines, I'll just have to backup regkey per machine prior to upgrade, and merge it back in afterwards.
"...manipulate the Permissions list for Windows NT Security? For example to use a script to permission a local group to have full control - without manully configuring it through Radmin Server Settings?"
But I need to add a list of users and not a group. Here is what I have tried with no success.
- Added the users to Radmin NtUsers manually. Then exported that reg key. Then imported it on another machine. It didn't work.
Is this doable?
It looks like the machine name is being appended to the user name?
Great advice! I did not think of using something like AutoIT, I will look into it.
Also, I had another thought. The majority of my systems were imaged from one master Windows image. I wonder if they are enough alike that the SID would be the same. Something I will test. But AutoIT looks like the way to go.
That is, when I need to add another AD group to access, I need to overwrite that registry key with a new set of groups, rather than add another registry key, such as 2, which would be added by the new group.
Is there any way to add security groups to the registry key without overwriting
Well I am unsure actually, but it looks like for now it is a single registry key. However you can make an experiment: add AD group to Radmin, export key, remove AD group, repeat with another one, restore first key (so you have 2 keys) and check what happens )
Good! But in anticipation of the new version, I decided to proceed as follows.
In the setting of Radmin Server only add the local administrators group.
And when I need to provide access to some domain security group via Radmin, just add to the local administrators.
However, this method provides the extra administrative privileges to those who only permitted to be granted the right to connect to computer via Radmin.
And I hope You are correct the method of storing NT security settings in System Registry in new version of Radmin Server...