Group Policy

Jharrison

We have roughly about 250 users and some of them have Teamviewer on them. I'm wanting to add all the computer that get my group policy to give them the settings that we are wanting like disabled teamviewer shutdown, assign a special password also we want to import the ID \ Hostname or if it can import the username. 

 

Anything that help do this?

TotalPC

Hello @Jharrison ,

You have a couple options, but if TeamViewer is already installed on the systems, I personally would just push registry updates to set the settings you want. I would install TeamViewer on a system that has never had it, so the settings are fresh, then set all the options you want and match the settings in the registry located in:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TeamViewer]
or for 32-bit: [HKEY_LOCAL_MACHINE\SOFTWARE\TeamViewer]
Many options you can set in TeamViewer are there, but use caution with some settings, they can be encrypted or specific to the machine and not work as expected on another machine.

"ClientID" is the local system's TeamViewer ID.

"Security_Disableshutdown" when set to 1 is for preventing the user from closing TeamViewer completely.

If you want random passwords assigned that the user has to provide to allow remote access, the "Password strength" setting in TeamViewer’s options, look for "Security_PasswordStrength"
0 = Standard (4 digits)
1, default, or none = Secure (6 characters)
4 = Secure (8 characters)
2 = Very secure (10 characters)
3 = Disabled (no random password)

"PermanentPassword" is ...well... the permanent password you can set to remote in whenever you want without it ever changing, but I know this is encrypted. It can be set during installation with command arguments, but I'm not certain on the encryption method at the moment to provide you with exactly how to set this setting. If I figure it out I'll add it to this discussion, or maybe someone else can help. Or, to get around the issue of figuring out the encryption, you could instead maybe use the "Security_WinLogin" registry option. Setting the value to 1 will allow Windows Administrators to remotely access using TeamViewer. Setting the value to 2 will allow all users. Removing the value, TeamViewer defaults to "Not allowed", no windows login.

TeamViewer must be fully restarted, the service too, for any settings set in the registry to be applied.

Hope this information helps. I'm going to research the encryption methods for setting the passwords. That's interested me for a while now anyway.

Cheers!