I needed an easy way to “Allow access” under “Network Access Permission” in the “Dial-in” tab of the “Active Directory Users and Computers” console for several users in a Windows 2003\/2008 ADS environment. <\/p>\n
At first, I approached this task from a scripting angle. I developed a VBscript that would worked in my test environments, but not in production. I am still not sure why, but I have not had to time to look into it further. I suspect it has to do with some policy restrictions or permissions. I know the script was working, because I could see that the “msNAPllowDialin” ADS attribute was being modified. However, when I opened up “Active Directory Users and Computers,” the change was not reflected. Also, I was still not able to use our VPN that requires the attribute be enabled. <\/p>\n
Being short on time, I looked for a powershell command, or some other command line solution. It was then that I rediscovered the netsh command. I had used this command in the past, but did not document anything about it. I want to get something posted on it, because it is a tremendously powerful command and one that every seasoned Windows administrator should know about. In my case, this command helped solve my issue quickly. I used the following command syntax to choose “Allow access” on the “Network Access Permission” radio button:<\/p>\n
netsh RAS set user name=username<\/em> dialin=PERMIT<\/p>\n The netsh command has many options. Among them, I found that looked pretty interesting (netsh dump). It creates a script of your current settings. There is another option, netsh exec, that you can use to execute a netsh script like the the “netsh dump” creates. These could be incredible useful. There are several other options. You can find help and syntax for all the options by entering a “?” when you need more information. For example, “netsh ?” or “netsh set ?”, etc. You can add to question mark to any level to find more information. Very useful command. I wish I had written down what I used it for before. <\/p>\n","protected":false},"excerpt":{"rendered":" I needed an easy way to “Allow access” under “Network Access Permission” in the “Dial-in” tab of the “Active Directory Users and Computers” console for several users in a Windows 2003\/2008 ADS environment. At first, I approached this task from a scripting angle. I developed a VBscript that would worked in my test environments, but [&hellip<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[163,162,36],"class_list":["post-491","post","type-post","status-publish","format-standard","hentry","category-documentation","tag-msnpallowdialin","tag-netsh","tag-windows"],"share_on_mastodon":{"url":"","error":""},"_links":{"self":[{"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=\/wp\/v2\/posts\/491","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=491"}],"version-history":[{"count":1,"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=\/wp\/v2\/posts\/491\/revisions"}],"predecessor-version":[{"id":492,"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=\/wp\/v2\/posts\/491\/revisions\/492"}],"wp:attachment":[{"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=491"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=491"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=491"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}