windows server 2012 remote desktop - Send messages between standard users

Solution 1:

So Microsoft took away the Remote Desktop Session Host Configuration console in Server 2012. You can still do some things in Server Manager, but I'm not sure if you can modify the properties of the RDP-Tcp connection object. This is very annoying.

You can still do this with WMI however.

Here's the MSDN documentation for the ModifyPermissions method of the Win32_TSAccount WMI class:

http://msdn.microsoft.com/en-us/library/windows/desktop/aa383776(v=vs.85).aspx

So from PowerShell, first get the account whose permissions you want to modify:

$TSAccount = @(Get-WmiObject -Namespace Root\CIMv2\TerminalServices -Query "SELECT * FROM Win32_TSAccount WHERE TerminalName='RDP-TCP' AND AccountName='BUILTIN\\Remote Desktop Users'")

You should now have one account object in $TSAccount, something like this:

...
AccountName        : BUILTIN\Remote Desktop Users
AuditFail          : 0
AuditSuccess       : 0
Caption            :
Description        :
InstallDate        :
Name               :
PermissionsAllowed : 289
PermissionsDenied  : 0
SID                : S-1-5-32-555
Status             :
TerminalName       : RDP-Tcp
PSComputerName     : SERVER01

PermissionsAllowed is a bitmap. You want to add WINSTATION_MSG, which has a value of 7, to that PermissionsAllowed property.

Foreach($account In $TSAccount)
{
    $account.ModifyPermissions(7,1)
}

So before the change, the PermissionsAllowed bitmap of decimal 289 looks like this in binary:

100100001

But I flipped that 7th bit, so now it looks like:

110100001

Which when you convert that back to decimal, is 417.

Someone at MS probably didn't want us to be doing this for them to make it so hard on us, eh?