Hi,
I have to give access of of only task manager of Windows Server to TL/Head so that they can monitor users. Is there any way out so that I can give access to Non-Admin i.e. Domain Users access of only task manager of Windows Server by any means say Powershell / Tool or likewise.
Please help!
I was just trying to verify that when you say "logged in", that you were referring to users who have a remote desktop session on your server as opposed to mapping a network drive to the server.
I did not see anything in the group policy documentation that looked like it might allow the access that you desire.
https://www.microsoft.com/en-us/download/details.aspx?id=25250
I have heard of this 3rd party tool that allows a user to run a program as an administrator account. I don't know if that would work for task manager or not.
https://robotronic.de/runasroben.html
Have you tried having your manager access the Terminal Services mmc snapin's?
http://woshub.com/how-to-run-tsadmin-msc-and-tsconfig-msc-snap-ins-on-windows-server-2012-rds/
In addition, there is no Security tab in the tsconfig.msc console in the RDP-Tcp connection properties. This tab was handy for granting permissions to the tech support team (non-admin group) to connect and manage user sessions on RDS host. I use the following command to give a specific group full control over the RDP sessions on the server:
wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSPermissionsSetting WHERE (TerminalName ="RDP-Tcp") CALL AddAccount "woshub\helpdeskteam",2
What specific information are they looking for?
In a Powershell prompt, the quser command should show who is logged on. You can then see the program names they are running via Get-Process and filtering on session ID.
quser
Get-Process | Where-Object -Property SI -eq 1
This is from Win10, but I would expect to set similar results on WinServer.
I want that my domain user can have access of Task Manager of Server so that he can see all the task same as Administrator can. How to implement such thing ? Hope this is clear.
On my test VM, I have a non-administrator account named TestUser. It can launch task manager and see just about everything. One thing that I noticed was that the details tab does not display all of the processes, and it does not include the user name on every process.
I don't know of any way to make a user an administrator, but only for task manager. I check the Local Security Policy, but other than "Profile system performance", I didn't see anything that looked related.
This is why I asked: what specific information are they looking for? There may be other ways to get that data.
Thanks for all the pains.
The non-administrator is a person working as Team Lead and wants to see as to how many users have logged in etc.. details which related to Users. Is there any way around ?
Yes, that gives them list of there profile only. They want to know all users who have logged in.
Just to verify.... this is a terminal server, and you have multiple users connecting to a remote desktop, correct? And when you log in as an administrator and run quser you can see the list of users. Is that correct?
Instead of Administrator I want the Domain User to login and can view list of all users logged in same as the Administrator can log. Hope you are clear ?
15 people are following this question.
