I roto i te whakahaere e mahi ana ahau, ka aukati te mahi mamao i runga i te kaupapa. Ko. Tae noa ki tera wiki. Inaianei me tere te whakatinana i tetahi otinga. Mai i te pakihi - te urutau i nga tikanga ki te whakatakotoranga mahi hou, mai i a matou - PKI me nga waehere PIN me nga tohu, VPN, te takiuru taipitopito me te maha atu.
I roto i etahi atu mea, kei te whakatu ahau i te Hanganga Papamahi Mamao aka Ratonga Terminal. He maha a matou tukunga RDS ki nga pokapu raraunga rereke. Ko tetahi o nga whaainga kia taea e nga hoa mahi mai i nga tari IT e pa ana ki te hono atu ki nga huihuinga kaiwhakamahi. Kei te mohio koe, he tikanga paerewa RDS Shadow mo tenei, a ko te huarahi ngawari ki te tuku ko te tuku mana kaiwhakahaere rohe ki runga i nga tūmau RDS.
Ka whakaute, ka whakanuia e au aku hoa mahi, engari he tino apo ahau ina tae mai ki te tuku mana whakahaere. 🙂 Mo te hunga e whakaae ana ki ahau, me whai i te tapahi.
Ana, kua marama te mahi, inaianei ka heke ki te pakihi.
te taahi 1
Me hanga he roopu haumaru ki Active Directory RDP_Kaiwhakahaere me te whakauru ki roto i nga kaute o aua kaiwhakamahi e hiahia ana matou ki te tuku mana:
$Users = @(
"UserLogin1",
"UserLogin2",
"UserLogin3"
)
$Group = "RDP_Operators"
New-ADGroup -Name $Group -GroupCategory Security -GroupScope DomainLocal
Add-ADGroupMember -Identity $Group -Members $Users
Mena he maha nga pae AD koe, me tatari koe kia tukuna ano ki nga kaiwhakahaere rohe katoa i mua i te neke ki te taahiraa e whai ake nei. Ko te tikanga kia kaua e neke ake i te 15 meneti.
te taahi 2
Me tuku motika ki te roopu ki te whakahaere i nga waahi kapeka ki ia o nga tūmau RDSH:
Tautuhi-RDSPermissions.ps1
$Group = "RDP_Operators"
$Servers = @(
"RDSHost01",
"RDSHost02",
"RDSHost03"
)
ForEach ($Server in $Servers) {
#Делегируем право на теневые сессии
$WMIHandles = Get-WmiObject `
-Class "Win32_TSPermissionsSetting" `
-Namespace "rootCIMV2terminalservices" `
-ComputerName $Server `
-Authentication PacketPrivacy `
-Impersonation Impersonate
ForEach($WMIHandle in $WMIHandles)
{
If ($WMIHandle.TerminalName -eq "RDP-Tcp")
{
$retVal = $WMIHandle.AddAccount($Group, 2)
$opstatus = "успешно"
If ($retVal.ReturnValue -ne 0) {
$opstatus = "ошибка"
}
Write-Host ("Делегирование прав на теневое подключение группе " +
$Group + " на сервере " + $Server + ": " + $opstatus + "`r`n")
}
}
}
te taahi 3
Tāpirihia te roopu ki te roopu rohe Kaiwhakamahi Papamahi Mamao i ia o nga tūmau RDSH. Mēnā ka whakakotahihia ō tūmau ki ngā kohinga wātū, ka mahia e mātou i te taumata kohinga:
$Group = "RDP_Operators"
$CollectionName = "MyRDSCollection"
[String[]]$CurrentCollectionGroups = @(Get-RDSessionCollectionConfiguration -CollectionName $CollectionName -UserGroup).UserGroup
Set-RDSessionCollectionConfiguration -CollectionName $CollectionName -UserGroup ($CurrentCollectionGroups + $Group)
Mo nga kaitoro kotahi ka whakamahia e matou , e tatari ana kia tukuna ki runga i nga kaimau. Ko te hunga e mangere ana ki te tatari ka taea te tere ake i te mahi ma te whakamahi i te gpupdate tawhito pai, he pai ake .
te taahi 4
Me whakarite te tuhinga PS e whai ake nei mo "kaiwhakahaere":
RDSManagement.ps1
$Servers = @(
"RDSHost01",
"RDSHost02",
"RDSHost03"
)
function Invoke-RDPSessionLogoff {
Param(
[parameter(Mandatory=$True, Position=0)][String]$ComputerName,
[parameter(Mandatory=$true, Position=1)][String]$SessionID
)
$ErrorActionPreference = "Stop"
logoff $SessionID /server:$ComputerName /v 2>&1
}
function Invoke-RDPShadowSession {
Param(
[parameter(Mandatory=$True, Position=0)][String]$ComputerName,
[parameter(Mandatory=$true, Position=1)][String]$SessionID
)
$ErrorActionPreference = "Stop"
mstsc /shadow:$SessionID /v:$ComputerName /control 2>&1
}
Function Get-LoggedOnUser {
Param(
[parameter(Mandatory=$True, Position=0)][String]$ComputerName="localhost"
)
$ErrorActionPreference = "Stop"
Test-Connection $ComputerName -Count 1 | Out-Null
quser /server:$ComputerName 2>&1 | Select-Object -Skip 1 | ForEach-Object {
$CurrentLine = $_.Trim() -Replace "s+"," " -Split "s"
$HashProps = @{
UserName = $CurrentLine[0]
ComputerName = $ComputerName
}
If ($CurrentLine[2] -eq "Disc") {
$HashProps.SessionName = $null
$HashProps.Id = $CurrentLine[1]
$HashProps.State = $CurrentLine[2]
$HashProps.IdleTime = $CurrentLine[3]
$HashProps.LogonTime = $CurrentLine[4..6] -join " "
$HashProps.LogonTime = $CurrentLine[4..($CurrentLine.GetUpperBound(0))] -join " "
}
else {
$HashProps.SessionName = $CurrentLine[1]
$HashProps.Id = $CurrentLine[2]
$HashProps.State = $CurrentLine[3]
$HashProps.IdleTime = $CurrentLine[4]
$HashProps.LogonTime = $CurrentLine[5..($CurrentLine.GetUpperBound(0))] -join " "
}
New-Object -TypeName PSCustomObject -Property $HashProps |
Select-Object -Property UserName, ComputerName, SessionName, Id, State, IdleTime, LogonTime
}
}
$UserLogin = Read-Host -Prompt "Введите логин пользователя"
Write-Host "Поиск RDP-сессий пользователя на серверах..."
$SessionList = @()
ForEach ($Server in $Servers) {
$TargetSession = $null
Write-Host " Опрос сервера $Server"
Try {
$TargetSession = Get-LoggedOnUser -ComputerName $Server | Where-Object {$_.UserName -eq $UserLogin}
}
Catch {
Write-Host "Ошибка: " $Error[0].Exception.Message -ForegroundColor Red
Continue
}
If ($TargetSession) {
Write-Host " Найдена сессия с ID $($TargetSession.ID) на сервере $Server" -ForegroundColor Yellow
Write-Host " Что будем делать?"
Write-Host " 1 - подключиться к сессии"
Write-Host " 2 - завершить сессию"
Write-Host " 0 - ничего"
$Action = Read-Host -Prompt "Введите действие"
If ($Action -eq "1") {
Invoke-RDPShadowSession -ComputerName $Server -SessionID $TargetSession.ID
}
ElseIf ($Action -eq "2") {
Invoke-RDPSessionLogoff -ComputerName $Server -SessionID $TargetSession.ID
}
Break
}
Else {
Write-Host " сессий не найдено"
}
}
Kia pai ai te whakahaere o te tuhinga PS, ka hangaia e matou he anga mo te ahua o te konae cmd me te ingoa rite ki te tuhinga PS:
RDSManagement.cmd
@ECHO OFF
powershell -NoLogo -ExecutionPolicy Bypass -File "%~d0%~p0%~n0.ps1" %*
Ka tukuna e matou nga konae e rua ki roto i te kōpaki ka taea e nga "kaiwhakahaere" ka tono kia takiuru ano. Na, ma te whakahaere i te konae cmd, ka taea e ratou te hono atu ki nga huihuinga o etahi atu kaiwhakamahi i roto i te aratau RDS Shadow me te akiaki i a raatau kia puta ki waho (ka whai hua tenei mena kaore e taea e te kaiwhakamahi te whakamutu takitahi i te waahi "iri").
He penei te ahua:
Mo te "kaiwhakahaere"
Mo te kaiwhakamahi
He korero whakamutunga
Te ahua 1. Mena i whakarewahia te waahi kaiwhakamahi e ngana ana matou ki te whai mana i mua i te whakahaerenga o te tuhinga Set-RDSPermissions.ps1 ki runga i te tūmau, katahi ka whiwhi te "kaiwhakahaere" i te hapa uru. Ka kitea te otinga i konei: tatari kia uru mai te kaiwhakamahi whakahaere.
Te ahua 2. Whai muri i nga ra maha o te mahi tahi me te RDP Shadow, i kite matou i tetahi pepeke, ahuatanga pai ranei: i muri i te mutunga o te waahi whakamarumaru, ka ngaro te pae reo i roto i te paepae mo te kaiwhakamahi e hono ana, a ki te whakahoki mai, me whakahoki ano te kaiwhakamahi. -takiuru. Ko te ahua, ehara i te mea ko tatou anake: , , .
Heoi ano. Kei te pirangi ahau kia ora koe me o kaimau. Ka rite ki nga wa katoa, ka tumanako ahau ki o korero i roto i nga korero ka tono koe ki te tango i te rangahau poto i raro nei.
Rauemi
Ko nga kaiwhakamahi kua rehita anake ka uru ki te rangahau. tēnā.
He aha taau e whakamahi ana?
8,1 orauAMMYY Kaiwhakahaere5
17,7 orauAnyDesk11
9,7 orauDameWare6
24,2 orauRadmin15
14,5 orauRDS Kōruru9
1,6 orauĀwhina Tere / Windows Āwhina Mamao1
38,7 orauTeamViewer24
32,3 orauVNC20
32,3 orauatu20
3,2 orauKaiwhakahaere Lite2
62 nga kaiwhakamahi i pooti. 22 nga kaiwhakamahi i aukati.
Source: will.com
