As time goes on, you will see more references to WinRM, especially with Windows Server 2008. Windows 2003 R2 had a form of WinRM that has now been updated to support the WS-Management industry standard.

Who should be interested in this? People that manage servers remotely and need a firewall friendly protocol to use. People that are looking into deploying Windows Server 2008 and especially Windows Server 2008 Core. People that need to interface with the BMC adapters on servers from remote.

Anyway, KB 936059 updates Windows XP SP2 and Windows Server 2003 WinRM components to bring them more in line with what Windows Vista and Windows Server 2008 are using. 

Windows Server 2003 has the ability to allow two Remote Desktop connections for administrative purposes.  This can be enabled by going to the properties of "My Computer", clicking on the "Remote" tab and enabling "Remote Desktop".  This can also be enabled on each server individually, using the registry setting below, or by creating a custom ADM template and deploying the setting via Group Policy.

Registry Settings Involved:
Using regedit, navigate to
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal Server

If the value "fDenyTSConnections" does not exist, create it as a DWORD.

Setting it to 0 will permit remote desktop connections and setting it to 1 will prohibit them.

Below are before and after screenshots of Remote Desktop being enabled. 

NOTE: The setting does not become grayed out.

Before the policy setting is applied

 

After the policy setting is applied
 

Custom .adm Template

This can be deployed via Group Policy by creating an ADM file using the following code. 

**IMPORTANT**  This will be created as a preference, not a policy.  To revoke the settings this template performs, you must specifically "Disable" the setting and allow your clients to embrace the settings. This is the only way for clients to purge this registry key. It will not automatically be removed when they fall out of the Scope of Management of the policy. (See our FAQ on SOM: Scope of Management)

CLASS MACHINE

CATEGORY StartMenu

 POLICY "Enable Remote Desktop"

  KEYNAME "SYSTEMCurrentControlSetControlTerminal Server"

   EXPLAIN "Enabling this setting will allow Remote Desktop Connections to be made to the Server. Disabling this setting will prohibit Remote Desktop Connections from being made to the Server. Setting this to 'Not Configured' will keep the previous registry setting."

   VALUENAME "fDenyTSConnections"
   VALUEON NUMERIC 0
   VALUEOFF NUMERIC 1

 END POLICY

END CATEGORY

 

A GUI interface is great for novice administrators but is cumbersome if you have to perform the same task over and over again. Command line tools can be more efficient than GUI tools. Dnscmd.exe is one of the support tools from Support.cab, which is located in the supporttools directory on the Windows 2000 CD. 

Dnscmd is provided as a command-line interface for managing DNS servers. This tool can be used to script batch files, to help automate management and update of existing DNS server configurations or to perform setup and configuration of new DNS servers on your network.

DNSCmd displays and changes the properties of DNS servers, zones, and resource records. It manually modifies these properties, creates and deletes zones and resource records, and forces replication events between DNS server physical memory and DNS databases and data files. Some operations of this tool work at the DNS server-level while others work at the zone-level.

You can use Dnscmd on any Windows 2000 or XP computer as long as the user that is running the application is a member in the Administrators or Server Operators group on the target computer. Both the user account and the server computer must be members of the same domain or reside within trusted domains.

Dnscmd.exe can be used to:

• Get DNS server info;
• Initiate server scavenging;
• Enumerate and view zone info;
• Create, delete, pause, and resume zones;
• Change zone type (standard primary, standard secondary, AD integrated);
• Add, delete, and enumerate records in a zone.

For example, to create a new standard primary zone called caloni.net on a server named srv1.caloni.net and stored in caloni.net.dns files:

dnscmd srv1.caloni.net /ZoneAdd caloni.net /Primary /file dpetri.net.dns

The syntax for adding DNS A records is similar:

Dnscmd server_name /RecordAdd zone_name computer_name A IP_address

To add an A record for comp1 with an IP address of 192.168.1.100 in the caloni.net zone on srv1.caloni Windows Server 2003:

Dnscmd srv1.caloni.net /RecordAdd caloni.net comp1 A 192.168.1.100

To manually force zone replication:

Dnscmd server_name /ZoneRefresh zone_name

Links

Download Windows 2000 SP4 Support Tools (11.24mb)