Hi,
You can set the security group policy using secedit.
$user = "Remote desktop user"
$tmp = [System.IO.Path]::GetTempFileName()
secedit.exe /export /cfg $tmp
$settings = Get-Content -Path $tmp
$account = New-Object System.Security.Principal.NTAccount($user)
$sid = $account.Translate([System.Security.Principal.SecurityIdentifier])
for($i=0;$i -lt $settings.Count;$i++){
if($settings[$i] -match "SeInteractiveLogonRight")
{
$settings[$i] += ",*$($sid.Value)"
}
}
$settings | Out-File $tmp
secedit.exe /configure /db secedit.sdb /cfg $tmp /areas User_RIGHTS
Remove-Item -Path $tmp
Best Regards,
Ian Xue
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.