Solved

Powershell to check Remote desktop with the latest feature enabled or not ?

Posted on 2012-03-14
8
1,877 Views
Last Modified: 2013-11-21
Hi People,

Is there any way to test if Remote Desktop is available in a list of server ?

I'm in the process of filtering and searching through hundreds of Windows Server VM which could be affected with this issue: http://technet.microsoft.com/en-us/security/bulletin/ms12-020

so If anyone can come up with powershell script to identify which RDP version or feature is installed (with NLA or not) that'd be great.

Thanks.
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
8 Comments
 
LVL 11

Expert Comment

by:Joe Klimis
ID: 37724178
Hi ,
This will give you what you want except the NLA information

 $servers = get-content servers.txt
 $results = @()
 

 ForEach ($server in $servers)
{
#  get the TS Setting object for current server
 $result = @()
 $result = "" | select ServerName, RDPenabled, Logons, LicenseType
 $ts = get-WMIObject Win32_TerminalServiceSetting  -computername $server -Namespace ROOT\CIMV2\TerminalServices
 $result.ServerName  = $ts.ServerName
 $result.RDPenabled  = $ts.AllowTSConnections
 $result.Logons      = $ts.Logons
 $result.LicenseType = $ts.LicensingType
 $results +=  $result
}

$results

Open in new window


Can you confirm which version of powershell you are using as there may be a way of using remote registry call to find out the NLa info.

Regards
Joe
0
 
LVL 11

Accepted Solution

by:
Joe Klimis earned 500 total points
ID: 37724220
I have tested the following that works in Powershell 2.0

 $servers = get-content servers.txt
 #$servers = "Localhost","Localhost" # for testing
 $results = @()
 

 ForEach ($server in $servers)
{
#  get the TS Setting object for current server
 $result = @()
 $result = "" | select ServerName, RDPenabled, Logons, LicenseType,NLA
 $ts = get-WMIObject Win32_TerminalServiceSetting  -computername $server -Namespace ROOT\CIMV2\TerminalServices
 $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $ServerName)
 $result.NLA         = ($reg.OpenSubKey("System\\CurrentControlSet\\Control\\Terminal Server\\WinStations\\RDP-Tcp" )).GetValue("UserAuthentication")
 $result.ServerName  = $ts.ServerName
 $result.RDPenabled  = $ts.AllowTSConnections
 $result.Logons      = $ts.Logons
 $result.LicenseType = $ts.LicensingType
 $results +=  $result
}

$results
# $results | Export-Csv "results.csv" -NoTypeInformation     #    uncomment to write results to CSV

Open in new window

0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 37727947
hi Joe,

I'm using PS 2.0
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 37735994
ok, I got this error:


Get-WmiObject : Invalid namespace 
At C:\Temp\bdb4988c-8ce2-4322-8e4f-ee32d4b61a01.ps1:11 char:22
+      $ts = get-WMIObject <<<<  Win32_TerminalServiceSetting  -computername $server -Namespace ROOT\CIMV2\TerminalServices
    + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], ManagementException
    + FullyQualifiedErrorId : GetWMIManagementException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

Open in new window


is there anything that I need to do to make it run as per your suggestion ?
0
 
LVL 8

Author Comment

by:Senior IT System Engineer
ID: 37736044
ok, I've just found this URL: http://blogs.technet.com/b/jamesone/archive/2009/01/31/checking-and-enabling-remote-desktop-with-powershell.aspx

which tells you about the type of RDP connection, so how do I incorporate that into the script above that you mention ?

Function Get-RemoteDesktopConfig {

if ((Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server').fDenyTSConnections -eq 1)
    {"Connections not allowed"}
 elseif ((Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp').UserAuthentication -eq 1)
    {"Only Secure Connections allowed"} 
 else     
 	{"All Connections allowed"}

} 

Get-RemoteDesktopConfig

Open in new window

0
 
LVL 11

Expert Comment

by:Joe Klimis
ID: 37765579
Hi

The problem you may be having is that the format of servers.txt  i have attached an example with localhost in it twice.

sorry for the delay in replying, let me know how you get on,



Joe
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question