ืืืจืืื ืื ืื ื ืขืืื, ืขืืืื ืืจืืืง ืืกืืจื ืขืงืจืื ืืช. ืืื. ืขื ืฉืืืข ืฉืขืืจ. ืืขืช ืืืื ื ืฆืจืืืื ืืืืฉื ืืืืืคืืช ืคืชืจืื. ืืืขืกืง - ืืชืืืช ืชืืืืืื ืืคืืจืื ืขืืืื ืืืฉ, ืืืืชื ื - PKI ืขื ืงืืื PIN ืืืกืืืื ืื, VPN, ืจืืฉืื ืืคืืจื ืืขืื ืืขืื.
ืืื ืืืชืจ, ืืืืจืชื ืชืฉืชืืช ืืฉืืืื ืขืืืื ืืจืืืง, ืืืืืข ืืฉื Terminal Services. ืืฉ ืื ื ืืกืคืจ ืคืจืืกืืช RDS ืืืจืืื ื ืชืื ืื ืฉืื ืื. ืืืช ืืืืจืืช ืืืืชื ืืืคืฉืจ ืืขืืืชืื ืืืืืงืืช IT ืงืฉืืจืืช ืืืชืืืจ ืืืคืืฉื ืืฉืชืืฉืื ืืืืคื ืืื ืืจืืงืืืื. ืืืืืข, ืงืืื ืื ืื ืื RDS Shadow ืกืื ืืจืื ืืื, ืืืืจื ืืงืื ืืืืชืจ ืืืืฆืื ืืืชื ืืื ืืชืช ืืืืืืช ืื ืื ืืงืืื ืขื ืฉืจืชื RDS.
ืื ื ืืืื ืืืขืจืื ืืช ืขืืืชืื, ืืื ืื ื ืืืื ืชืื ืืฆืข ืืื ืื ืืืข ืืืืืงืช ืืืืืืช ืื ืื. ๐ ืืื ืฉืืกืืื ืืืชื, ืื ื ืขืงืื ืืืจ ืืืืจื.
ืืืื, ืืืฉืืื ืืจืืจื, ืขืืฉืื ืืืื ื ืืืฉ ืืขื ืืื ืื.
ืฉืื 1
ืืืื ื ืืฆืืจ ืงืืืฆืช ืืืืื ื-Active Directory RDP_Operators ืืืืืื ืื ืืช ืืืฉืืื ืืช ืฉื ืืืชื ืืฉืชืืฉืื ืฉืืืืื ืื ื ืจืืฆืื ืืืืฆืื ืืืืืืช:
$Users = @(
"UserLogin1",
"UserLogin2",
"UserLogin3"
)
$Group = "RDP_Operators"
New-ADGroup -Name $Group -GroupCategory Security -GroupScope DomainLocal
Add-ADGroupMember -Identity $Group -Members $Users
ืื ืืฉ ืื ืืชืจื AD ืืจืืืื, ืชืฆืืจื ืืืืชืื ืขื ืฉืืื ืืฉืืืคื ืืื ืืงืจื ืืชืืื ืืคื ื ืฉืชืืฉืื ืืฉืื ืืื. ืื ืืืงื ืืืจื ืืื ืื ืืืชืจ ื-15 ืืงืืช.
ืฉืื 2
ืืืื ื ืืชื ืืงืืืฆื ืืืืืืช ืื ืื ืืคืขืืืช ืืกืืฃ ืืื ืืื ืืฉืจืชื ื-RDSH:
Set-RDSPermissions.ps1
$Group = "RDP_Operators"
$Servers = @(
"RDSHost01",
"RDSHost02",
"RDSHost03"
)
ForEach ($Server in $Servers) {
#ะะตะปะตะณะธััะตะผ ะฟัะฐะฒะพ ะฝะฐ ัะตะฝะตะฒัะต ัะตััะธะธ
$WMIHandles = Get-WmiObject `
-Class "Win32_TSPermissionsSetting" `
-Namespace "rootCIMV2terminalservices" `
-ComputerName $Server `
-Authentication PacketPrivacy `
-Impersonation Impersonate
ForEach($WMIHandle in $WMIHandles)
{
If ($WMIHandle.TerminalName -eq "RDP-Tcp")
{
$retVal = $WMIHandle.AddAccount($Group, 2)
$opstatus = "ััะฟะตัะฝะพ"
If ($retVal.ReturnValue -ne 0) {
$opstatus = "ะพัะธะฑะบะฐ"
}
Write-Host ("ะะตะปะตะณะธัะพะฒะฐะฝะธะต ะฟัะฐะฒ ะฝะฐ ัะตะฝะตะฒะพะต ะฟะพะดะบะปััะตะฝะธะต ะณััะฟะฟะต " +
$Group + " ะฝะฐ ัะตัะฒะตัะต " + $Server + ": " + $opstatus + "`r`n")
}
}
}
ืฉืื 3
ืืืกืฃ ืืช ืืงืืืฆื ืืงืืืฆื ืืืงืืืืช ืืฉืชืืฉื ืฉืืืื ืขืืืื ืืจืืืง ืืื ืืื ืืฉืจืชื ื-RDSH. ืื ืืฉืจืชืื ืฉืื ืืฉืืืืื ืืืืกืคื ืืคืขืื, ืื ื ืขืืฉืื ืืืช ืืจืืช ืืืืกืืฃ:
$Group = "RDP_Operators"
$CollectionName = "MyRDSCollection"
[String[]]$CurrentCollectionGroups = @(Get-RDSessionCollectionConfiguration -CollectionName $CollectionName -UserGroup).UserGroup
Set-RDSessionCollectionConfiguration -CollectionName $CollectionName -UserGroup ($CurrentCollectionGroups + $Group)
ืขืืืจ ืฉืจืชืื ืืืืืื ืื ื ืืฉืชืืฉืื
ืฉืื 4
ืืืื ื ืืื ืืช ืืชืกืจืื ืืื ื-PS ืขืืืจ "ืื ืืืื":
RDSManagement.ps1
$Servers = @(
"RDSHost01",
"RDSHost02",
"RDSHost03"
)
function Invoke-RDPSessionLogoff {
Param(
[parameter(Mandatory=$True, Position=0)][String]$ComputerName,
[parameter(Mandatory=$true, Position=1)][String]$SessionID
)
$ErrorActionPreference = "Stop"
logoff $SessionID /server:$ComputerName /v 2>&1
}
function Invoke-RDPShadowSession {
Param(
[parameter(Mandatory=$True, Position=0)][String]$ComputerName,
[parameter(Mandatory=$true, Position=1)][String]$SessionID
)
$ErrorActionPreference = "Stop"
mstsc /shadow:$SessionID /v:$ComputerName /control 2>&1
}
Function Get-LoggedOnUser {
Param(
[parameter(Mandatory=$True, Position=0)][String]$ComputerName="localhost"
)
$ErrorActionPreference = "Stop"
Test-Connection $ComputerName -Count 1 | Out-Null
quser /server:$ComputerName 2>&1 | Select-Object -Skip 1 | ForEach-Object {
$CurrentLine = $_.Trim() -Replace "s+"," " -Split "s"
$HashProps = @{
UserName = $CurrentLine[0]
ComputerName = $ComputerName
}
If ($CurrentLine[2] -eq "Disc") {
$HashProps.SessionName = $null
$HashProps.Id = $CurrentLine[1]
$HashProps.State = $CurrentLine[2]
$HashProps.IdleTime = $CurrentLine[3]
$HashProps.LogonTime = $CurrentLine[4..6] -join " "
$HashProps.LogonTime = $CurrentLine[4..($CurrentLine.GetUpperBound(0))] -join " "
}
else {
$HashProps.SessionName = $CurrentLine[1]
$HashProps.Id = $CurrentLine[2]
$HashProps.State = $CurrentLine[3]
$HashProps.IdleTime = $CurrentLine[4]
$HashProps.LogonTime = $CurrentLine[5..($CurrentLine.GetUpperBound(0))] -join " "
}
New-Object -TypeName PSCustomObject -Property $HashProps |
Select-Object -Property UserName, ComputerName, SessionName, Id, State, IdleTime, LogonTime
}
}
$UserLogin = Read-Host -Prompt "ะะฒะตะดะธัะต ะปะพะณะธะฝ ะฟะพะปัะทะพะฒะฐัะตะปั"
Write-Host "ะะพะธัะบ RDP-ัะตััะธะน ะฟะพะปัะทะพะฒะฐัะตะปั ะฝะฐ ัะตัะฒะตัะฐั
..."
$SessionList = @()
ForEach ($Server in $Servers) {
$TargetSession = $null
Write-Host " ะะฟัะพั ัะตัะฒะตัะฐ $Server"
Try {
$TargetSession = Get-LoggedOnUser -ComputerName $Server | Where-Object {$_.UserName -eq $UserLogin}
}
Catch {
Write-Host "ะัะธะฑะบะฐ: " $Error[0].Exception.Message -ForegroundColor Red
Continue
}
If ($TargetSession) {
Write-Host " ะะฐะนะดะตะฝะฐ ัะตััะธั ั ID $($TargetSession.ID) ะฝะฐ ัะตัะฒะตัะต $Server" -ForegroundColor Yellow
Write-Host " ะงัะพ ะฑัะดะตะผ ะดะตะปะฐัั?"
Write-Host " 1 - ะฟะพะดะบะปััะธัััั ะบ ัะตััะธะธ"
Write-Host " 2 - ะทะฐะฒะตััะธัั ัะตััะธั"
Write-Host " 0 - ะฝะธัะตะณะพ"
$Action = Read-Host -Prompt "ะะฒะตะดะธัะต ะดะตะนััะฒะธะต"
If ($Action -eq "1") {
Invoke-RDPShadowSession -ComputerName $Server -SessionID $TargetSession.ID
}
ElseIf ($Action -eq "2") {
Invoke-RDPSessionLogoff -ComputerName $Server -SessionID $TargetSession.ID
}
Break
}
Else {
Write-Host " ัะตััะธะน ะฝะต ะฝะฐะนะดะตะฝะพ"
}
}
ืืื ืืืคืื ืืช ืกืงืจืืคื ื-PS ื ืื ืืืคืขืื, ื ืืฆืืจ ืขืืืจื ืืขืืคืช ืืฆืืจืช ืงืืืฅ cmd ืขื ืฉื ืืื ืืื ืฉื ืืกืงืจืืคื ืฉื PS:
RDSManagement.cmd
@ECHO OFF
powershell -NoLogo -ExecutionPolicy Bypass -File "%~d0%~p0%~n0.ps1" %*
ืื ืื ื ืฉืืื ืืช ืฉื ื ืืงืืฆืื ืืชืืงืืื ืฉืชืืื ื ืืืฉื ื"ืื ืืืื" ืืืืงืฉืื ืืื ืืืชืืืจ ืืืืฉ. ืืขืช, ืขื ืืื ืืคืขืืช ืงืืืฅ ื-cmd, ืื ืืืืื ืืืชืืืจ ืืืคืขืืืช ืฉื ืืฉืชืืฉืื ืืืจืื ืืืฆื RDS Shadow ืืืืืฅ ืืืชื ืืืชื ืชืง (ืื ืืืื ืืืืืช ืฉืืืืฉื ืืืฉืจ ืืืฉืชืืฉ ืืื ื ืืืื ืืกืืื ืืืืคื ืขืฆืืื ืกืฉื "ืชืืื").
ืื ื ืจืื ืืขืจื ืื:
ืขืืืจ "ืืื ืื"
ืขืืืจ ืืืฉืชืืฉ
ืืื ืืขืจืืช ืืืจืื ืืช
ื ืืืื ืก 1. ืื ืืคืขืืช ืืืฉืชืืฉ ืฉืืืื ืื ื ืื ืกืื ืืืฉืื ืฉืืืื ืืืฉืงื ืืคื ื ืฉืืกืงืจืืคื Set-RDSPermissions.ps1 ืืืคืขื ืืฉืจืช, ืื ื"ืื ืื" ืืงืื ืฉืืืืช ืืืฉื. ืืคืชืจืื ืืื ืืจืืจ: ืืืชื ืขื ืฉืืืฉืชืืฉ ืืื ืืื ืืืื ืก.
ื ืืืื ืก 2. ืืืืจ ืืกืคืจ ืืืื ืฉื ืขืืืื ืขื RDP Shadow, ืฉืื ื ืื ืืืื ืื ืชืืื ื ืืขื ืืื ืช: ืืืืจ ืกืืื ืกืฉื ืืฆื, ืกืจืื ืืฉืคื ืืืืฉ ื ืขืื ืขืืืจ ืืืฉืชืืฉ ืฉืืืื ืืืืืจ, ืืืื ืืืืืืจ ืืืชื, ืืืฉืชืืฉ ืฆืจืื ืืืืืจ -ืืชืืืจืืช. ืืคื ืฉืืชืืจืจ, ืื ืื ื ืื ืืื:
ืื ืืื. ืื ื ืืืื ืื ืืืฉืจืชืื ืฉืื ืืจืืืืช ืืืื. ืืื ืชืืื, ืื ื ืืฆืคื ืืืฉืื ืฉืื ืืชืืืืืช ืืืืงืฉ ืืื ืืงืืช ืืช ืืกืงืจ ืืงืฆืจ ืืืื.
ืืงืืจืืช
RDS Shadow - ืืืืืจ ืฆื ืืืคืขืืืช ืืฉืชืืฉ RDP ื-Windows Server 2016 / 2012 R2 ืืฆืืื ืฉื Windows Server 2012 - ืืืฆืืช ืืืืืืช ืืื ืฉืืื ื ืื ืืื ืืขืจืืช Get-LoggedOnUser ืืืกืฃ ืืืืข ืฉื ืืฉืชืืฉืื ืืืืืจืื ืืืขืจืืืช ืืจืืืงืืช ืืืจื ืืืืื ืืืืชืจ ืืืฆื ืืืคืขืื ืกืงืจืืคืืื ืฉื PowerShell PS1 ืืืกืคืช ืืฉืชืืฉื ืืืืืื ืืงืืืฆืช ืืืืืื ืืืงืืืืช GPMC - ืืคื gpupdate ืขื ืื ืืืืฉืืื ื-OU
ืจืง ืืฉืชืืฉืื ืจืฉืืืื ืืืืืื ืืืฉืชืชืฃ ืืกืงืจ.
ืืื ืืชื ืืฉืชืืฉ?
-
8,1%AMMYY Admin5
-
17,7%AnyDesk11
-
9,7%DameWare6
-
24,2%Radmin15
-
14,5%RDS Shadow9
-
1,6%ืกืืืข ืืืืจ / ืกืืืข ืืจืืืง ืฉื Windows1
-
38,7%TeamViewer24
-
32,3%VNC20
-
32,3%ืืืจ20
-
3,2%LiteManager2
62 ืืฉืชืืฉืื ืืฆืืืขื. 22 ืืฉืชืืฉืื ื ืื ืขื.
ืืงืืจ: www.habr.com