Windows 2000 Active Directory does not expose the Terminal Services attributes of a user. These settings are stored...
as a string in the UserParameters attribute. This attribute also stores the settings for Remote Access. I suggest that any testing that can affect multiple users should be tried and tested in a lab environment.
In order to apply the same Terminal Services Settings to all the users in the same OU you can perform the following steps:
- Create a test user with the terminal services settings adjusted to your environment.
- Perform an LDIFDE export of the test user. Then using notepad copy the UserParameters information to a textfile called UP.txt. The following is an example listing of UP.TXT:
ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgUBAaCAFDdHhDZ mdQcmVzZW5045S15pSx5oiw44GiGAgBQ3R4Q2ZnRmxhZ3Mx44Cw44Gm46Cy44C5FggBQ3R4Q2FsbG JhY2vjgLDjgLDjgLDjgLASCAFDdHhTaGFkb3fjhLDjgLDjgLDjgLAoCAFDdHhNYXhDb25uZWN0aW9 uVGltZeOAsOOAsOOAsOOAsC4IAUN0eE1heERpc2Nvbm5lY3Rpb25UaW1l44C045y35oix44CwHAgB Q3R4TWF4SWRsZVRpbWXjgLTjnLfmiLHjgLAiCAFDdHhLZXlib2FyZExheW91dOOAsOOAsOOAsOOAs CoCAUN0eE1pbkVuY3J5cHRpb25MZXZlbOOEsCACAUN0eFdvcmtEaXJlY3RvcnnjgLAgAgFDdHhOV0 xvZ29uU2VydmVy44CwGAIBQ3R4V0ZIb21lRGly44CwIgIBQ3R4V0ZIb21lRGlyRHJpdmXjgLAgKAF DdHhXRlByb2ZpbGVQYXRo5oy144C144i15pi045i046S05oy045S044y15oy145S144y145S044i1 44y15pSy5pC044S05pS044CwIgIBQ3R4SW5pdGlhbFByb2dyYW3jgLAiAgFDdHhDYWxsYmFja051b WJlcuOAsA===
- Create the following script file with a wsf extension. You will need to modify the LDAP path for your environment.
Listing of TS.WSF
<package> <job id = "get user objects and create ldifde formated file"> <script language = "VBScript"> Const ForReading = 1 Const ForWriting = 2 Const ForAppending = 8 Input = InputBox("Please Enter an OU Name:","OU Select") WScript.Echo Input Dim aFile aFile = "users.txt" Set Up = CreateObject ("Scripting.FileSystemObject") set u = Up.OpenTextFile ("up.txt", ForReading, True) uContents = u.ReadAll u.close Set objOu = GetObject _ ("LDAP://ou=****,ou=" + Input + ",ou=****,dc=****,dc=****,dc=****") For Each objUser In objOu Set fy = CreateObject ("Scripting.FileSystemObject") If (fy.FileExists(aFile)) Then Set x = fy.OpenTextFile (aFile, ForAppending) x.WriteLine "dn: " & objUser.Get("distinguishedName") x.WriteLine "changetype: modify" x.WriteLine "replace: UserParameters" x.WriteLine uContents x.WriteLine "-" x.WriteLine () x.close() Else Set x = fy.OpenTextFile (aFile, ForWriting, True) x.WriteLine "dn: " & objUser.Get("distinguishedName") x.WriteLine "changetype: modify" x.WriteLine "replace: UserParameters" x.WriteLine uContents x.WriteLine "-" x.WriteLine () x.close() End If Next </Script> <script language = "JScript"> var aFile = "users.txt" var w = WScript.CreateObject("WScript.Shell") w.Run("ldifde -i -f " + aFile, 1, "True") WScript.Echo ("FINISHED LDIFDE IMPORT") var fs = new ActiveXObject ("Scripting.FileSystemObject"); fs.DeleteFile (aFile); </Script> </job> </package>
Explanation of TS.WSF:
The VB portion of the script is used to format the LDIF file used to apply the changes. It first prompts the user for an OU to apply the changes to. It then searches the OU for User objects and formats the Users.txt file in the proper LDIFE format using the UserParameters settings from the UP.TXT file.