ืืื ืืขืจ ืึธืจืืึทื ืืืึทืฆืืข ืืื ืืื ืึทืจืืขื, ืืืืึทื ืึทืจืืขื ืืื ืคึผืจืึธืืืืืึทืืึทื ืืื ืคึผืจืื ืฆืืคึผ. ืืื ืืขืืืขื. ืืื ืืขืฆืืข ืืืึธื. ืืืฆื ืืืจ ืืึธืื ืฆื ืขืจืืืฉืึทื ืืื ืื ืกืืจืืืขื ื ืึท ืืืืืื ื. ืคึฟืื ืืขืฉืขืคื - ืึทืืึทืคึผืืื ื ืคึผืจืึทืกืขืกืึทื ืฆื ืึท ื ืืึทืข ืึทืจืืขื ืคึฟืึธืจืืึทื, ืคึฟืื ืืื ืื - PKI ืืื PIN ืงืึธืืื ืืื ืืึธืงืขื ืก, VPN, ืืืืืืื ืืึธืืื ื ืืื ืคืื ืืขืจ.
ืฆืืืืฉื ืื ืืขืจืข ืืืื, ืืื ืืื ืืขืืืขื ืืึทืฉืืขืืืงื ืึทืจืืืฃ ืจืืืึธืื ืืขืกืงืืึธืคึผ ืื ืคืจืึทืกืืจืึทืงืืฉืขืจ ืึทืงืึท ืืขืจืืื ืึทื ืืึทืืื ืื ืืก. ืืืจ ืืึธืื ืขืืืขืืข RDS ืืืคึผืืืืืึทื ืฅ ืืื ืคืึทืจืฉืืืขื ืข ืืึทืื ืกืขื ืืขืจืก. ืืืื ืขืจ ืคืื ืื ืืึธืืื ืืื ืืขืืืขื ืฆื ืืขืื ืงืึธืืขืืขืก ืคืื ืคึฟืึทืจืืื ืืขื ืข IT ืืืคึผืึทืจืืืึทื ืฅ ืฆื ืื ืืขืจืึทืงืืืืืื ืคืึทืจืืื ืื ืฆื ืืึทื ืืฆืขืจ ืกืขืฉืึทื ื. ืืื ืืืจ ืืืืกื, ืขืก ืืื ืึท ื ืึธืจืืึทื RDS Shadow ืืขืงืึทื ืืืึทื ืคึฟืึทืจ ืืขื, ืืื ืื ืืืืึทืกื ืืืขื ืฆื ืืขืืึทืืืื ืขืก ืืื ืฆื ืืขืื ืืืืข ืึทืืืื ืืกืืจืึทืืึธืจ ืจืขืื ืืืืฃ RDS ืกืขืจืืืขืจืก.
ืืื ืจืขืกืคึผืขืงื ืืื ืืืขืจื ืืืื ืืืจืื, ืึธืืขืจ ืืื ืืื ืืืืขืจ ืืฉืขืื ืข ืืืขื ืขืก ืงืืื ืฆื ืืืกืืืืื ืึทืืืื ืืกืืจืึทืืึธืจ ืจืขืื. ๐ ืคึฟืึทืจ ืื ืืืืก ืฉืืืืขื ืืื ืืืจ, ืืืืข ื ืึธืืคืึธืืื ืื ืฉื ืืึทืื.
ื ื, ืื ืึทืจืืขื ืืื ืงืืึธืจ, ืืืฆื ืืึธืื ืก ืืึทืงืืืขื ืึทืจืึธืคึผ ืฆื ืืขืฉืขืคื.
ืฉืจืื ืงืกื ืืืงืก
ืืึธืืืจ ืฉืึทืคึฟื ืึท ืืืืขืจืืืื ืืจืืคึผืข ืืื ืึทืงืืืื Directory RDP_Operators ืืื ืึทืจืืึทื ื ืขืืขื ืืื ืขืก ืื ืึทืงืึทืื ืฅ ืคืื ืืขื ืข ื ืืฆืขืจืก ืฆื ืืืขืืขื ืืืจ ืืืืื ืฆื ืืขืืึทืืืื ืจืขืื:
$Users = @(
"UserLogin1",
"UserLogin2",
"UserLogin3"
)
$Group = "RDP_Operators"
New-ADGroup -Name $Group -GroupCategory Security -GroupScope DomainLocal
Add-ADGroupMember -Identity $Group -Members $Users
ืืืื ืืืจ ืืึธืื ืงืืืคื ืึทื ืืืืืืขื, ืืืจ ืืึทืจืคึฟื ืฆื ืืืึทืจืื ืืื ืขืก ืืื ืจืขืคึผืืืงืืืืื ืฆื ืึทืืข ืคืขืื ืงืึทื ืืจืึธืืืขืจื ืืืืืขืจ ืืืจ ืืึทื ืืืืฃ ืฆื ืืขืจ ืืืืึทืืขืจ ืฉืจืื. ืืขื ืืืืฉืึทืืืึทืื ื ืขืื ื ืื ืืขืจ ืืื 15 ืืื ืื.
ืฉืจืื ืงืกื ืืืงืก
ืืึธืืืจ ืืขืื ืื ืืจืืคึผืข ืจืขืื ืฆื ืคืืจื ืืืึธืงืืึทื ืกืขืฉืึทื ื ืืืืฃ ืืขืืขืจ ืคืื ืื RDSH ืกืขืจืืืขืจืก:
ืฉืืขืื-RDSPermissions.ps1
$Group = "RDP_Operators"
$Servers = @(
"RDSHost01",
"RDSHost02",
"RDSHost03"
)
ForEach ($Server in $Servers) {
#ะะตะปะตะณะธััะตะผ ะฟัะฐะฒะพ ะฝะฐ ัะตะฝะตะฒัะต ัะตััะธะธ
$WMIHandles = Get-WmiObject `
-Class "Win32_TSPermissionsSetting" `
-Namespace "rootCIMV2terminalservices" `
-ComputerName $Server `
-Authentication PacketPrivacy `
-Impersonation Impersonate
ForEach($WMIHandle in $WMIHandles)
{
If ($WMIHandle.TerminalName -eq "RDP-Tcp")
{
$retVal = $WMIHandle.AddAccount($Group, 2)
$opstatus = "ััะฟะตัะฝะพ"
If ($retVal.ReturnValue -ne 0) {
$opstatus = "ะพัะธะฑะบะฐ"
}
Write-Host ("ะะตะปะตะณะธัะพะฒะฐะฝะธะต ะฟัะฐะฒ ะฝะฐ ัะตะฝะตะฒะพะต ะฟะพะดะบะปััะตะฝะธะต ะณััะฟะฟะต " +
$Group + " ะฝะฐ ัะตัะฒะตัะต " + $Server + ": " + $opstatus + "`r`n")
}
}
}
ืฉืจืื ืงืกื ืืืงืก
ืืืื ืื ืืจืืคึผืข ืฆื ืื ืืืืข ืืจืืคึผืข ืจืืืึธืื ืืขืกืงืืึธืคึผ ืืืืขืจื ืืืืฃ ืืขืืขืจ ืคืื ืื RDSH ืกืขืจืืืขืจืก. ืืืื ืืืื ืกืขืจืืืขืจืก ืืขื ืขื ืงืึทืืืืื ื ืืื ืกืขืกืืข ืืึทืืืื ืืขื, ืืืจ ืืึธื ืืึธืก ืืืืฃ ืื ืืึทืืืื ื ืืืจืื:
$Group = "RDP_Operators"
$CollectionName = "MyRDSCollection"
[String[]]$CurrentCollectionGroups = @(Get-RDSessionCollectionConfiguration -CollectionName $CollectionName -UserGroup).UserGroup
Set-RDSessionCollectionConfiguration -CollectionName $CollectionName -UserGroup ($CurrentCollectionGroups + $Group)
ืคึฟืึทืจ ืืืื ืกืขืจืืืขืจืก ืืืจ ื ืืฆื , ืืืืจืื ืคึฟืึทืจ ืขืก ืฆื ืืืื ืืขืืืขื ืื ืืืืฃ ืื ืกืขืจืืืขืจืก. ืืขื ืข ืืืืก ืืขื ืขื ืฆื ืคืืื ืฆื ืืืึทืจืื ืงืขื ืขื ืคืึทืจืืืืขืจื ืืขื ืคึผืจืึธืฆืขืก ืืื ืื ืืื ืึทืื ืืคึผืืคึผืืึทืืข, ืคึผืจืขืคืขืจืึทืืื .
ืฉืจืื ืงืกื ืืืงืก
ืืึธืืืจ ืฆืืืจืืืื ืื ืคืืืืขื ืืข ืคึผืก ืฉืจืืคื ืคึฟืึทืจ "ืืึทื ืึทืืืฉืขืจื":
RDSManagement.ps1
$Servers = @(
"RDSHost01",
"RDSHost02",
"RDSHost03"
)
function Invoke-RDPSessionLogoff {
Param(
[parameter(Mandatory=$True, Position=0)][String]$ComputerName,
[parameter(Mandatory=$true, Position=1)][String]$SessionID
)
$ErrorActionPreference = "Stop"
logoff $SessionID /server:$ComputerName /v 2>&1
}
function Invoke-RDPShadowSession {
Param(
[parameter(Mandatory=$True, Position=0)][String]$ComputerName,
[parameter(Mandatory=$true, Position=1)][String]$SessionID
)
$ErrorActionPreference = "Stop"
mstsc /shadow:$SessionID /v:$ComputerName /control 2>&1
}
Function Get-LoggedOnUser {
Param(
[parameter(Mandatory=$True, Position=0)][String]$ComputerName="localhost"
)
$ErrorActionPreference = "Stop"
Test-Connection $ComputerName -Count 1 | Out-Null
quser /server:$ComputerName 2>&1 | Select-Object -Skip 1 | ForEach-Object {
$CurrentLine = $_.Trim() -Replace "s+"," " -Split "s"
$HashProps = @{
UserName = $CurrentLine[0]
ComputerName = $ComputerName
}
If ($CurrentLine[2] -eq "Disc") {
$HashProps.SessionName = $null
$HashProps.Id = $CurrentLine[1]
$HashProps.State = $CurrentLine[2]
$HashProps.IdleTime = $CurrentLine[3]
$HashProps.LogonTime = $CurrentLine[4..6] -join " "
$HashProps.LogonTime = $CurrentLine[4..($CurrentLine.GetUpperBound(0))] -join " "
}
else {
$HashProps.SessionName = $CurrentLine[1]
$HashProps.Id = $CurrentLine[2]
$HashProps.State = $CurrentLine[3]
$HashProps.IdleTime = $CurrentLine[4]
$HashProps.LogonTime = $CurrentLine[5..($CurrentLine.GetUpperBound(0))] -join " "
}
New-Object -TypeName PSCustomObject -Property $HashProps |
Select-Object -Property UserName, ComputerName, SessionName, Id, State, IdleTime, LogonTime
}
}
$UserLogin = Read-Host -Prompt "ะะฒะตะดะธัะต ะปะพะณะธะฝ ะฟะพะปัะทะพะฒะฐัะตะปั"
Write-Host "ะะพะธัะบ RDP-ัะตััะธะน ะฟะพะปัะทะพะฒะฐัะตะปั ะฝะฐ ัะตัะฒะตัะฐั
..."
$SessionList = @()
ForEach ($Server in $Servers) {
$TargetSession = $null
Write-Host " ะะฟัะพั ัะตัะฒะตัะฐ $Server"
Try {
$TargetSession = Get-LoggedOnUser -ComputerName $Server | Where-Object {$_.UserName -eq $UserLogin}
}
Catch {
Write-Host "ะัะธะฑะบะฐ: " $Error[0].Exception.Message -ForegroundColor Red
Continue
}
If ($TargetSession) {
Write-Host " ะะฐะนะดะตะฝะฐ ัะตััะธั ั ID $($TargetSession.ID) ะฝะฐ ัะตัะฒะตัะต $Server" -ForegroundColor Yellow
Write-Host " ะงัะพ ะฑัะดะตะผ ะดะตะปะฐัั?"
Write-Host " 1 - ะฟะพะดะบะปััะธัััั ะบ ัะตััะธะธ"
Write-Host " 2 - ะทะฐะฒะตััะธัั ัะตััะธั"
Write-Host " 0 - ะฝะธัะตะณะพ"
$Action = Read-Host -Prompt "ะะฒะตะดะธัะต ะดะตะนััะฒะธะต"
If ($Action -eq "1") {
Invoke-RDPShadowSession -ComputerName $Server -SessionID $TargetSession.ID
}
ElseIf ($Action -eq "2") {
Invoke-RDPSessionLogoff -ComputerName $Server -SessionID $TargetSession.ID
}
Break
}
Else {
Write-Host " ัะตััะธะน ะฝะต ะฝะฐะนะดะตะฝะพ"
}
}
ืฆื ืืึทืื ืื PS ืฉืจืืคื ืืึทืงืืืขื ืฆื ืืืืคื, ืืืจ ืืึทืื ืึท ืฉืึธื ืคึฟืึทืจ ืขืก ืืื ืื ืคืึธืจืขื ืคืื ืึท ืงืื ืืขืงืข ืืื ืื ืืขืืืข ื ืึธืืขื ืืื ืื PS ืฉืจืืคื:
RDSManagement.cmd
@ECHO OFF
powershell -NoLogo -ExecutionPolicy Bypass -File "%~d0%~p0%~n0.ps1" %*
ืืืจ ืฉืืขืื ืืืืืข ืืขืงืขืก ืืื ืึท ืืขืงืข ืืืึธืก ืืืขื ืืืื ืฆืืืจืืืืขื ืคึฟืึทืจ "ืืึทื ืึทืืืฉืขืจื" ืืื ืืขืื ืืื ืฆื ืฉืืึทืขื-ืืึธืืื. ืืืฆื, ืืืจื ืืืืคื ืื cmd ืืขืงืข, ืืื ืงืขื ืขื ืคืึทืจืืื ืื ืฆื ืื ืกืขืฉืึทื ื ืคืื ืื ืืขืจืข ืืืืขืจื ืืื RDS Shadow ืืึธืืข ืืื ืฆืืืื ืืขื ืืื ืฆื ืงืืึธืฅ ืืืืก (ืืึธืก ืงืขื ืืืื ื ืืฆืืง ืืืขื ืืขืจ ืืึทื ืืฆืขืจ ืงืขื ืขื ื ืืฉื ืื ืืืคึผืขื ืืึทื ืืื ืคืึทืจืขื ืืืงื ืึท "ืืึทื ืืืื ื" ืกืขืกืืข).
ืขืก ืงืืงื ืขืคึผืขืก ืืื ืืึธืก:
ืคืืจ ืื "ืื ืื"
ืคึฟืึทืจ ืื ืืึทื ืืฆืขืจ
ืขืืืขืืข ืืขืฆื ืืึทืืขืจืงืื ืืขื
ื ืืึทื ืก 1. ืืืื ืืขืจ ืืึทื ืืฆืขืจ ืกืขืกืืข ืฆื ืืืึธืก ืืืจ ืืขื ืขื ืืจืืื ื ืฆื ืืึทืงืืืขื ืงืึธื ืืจืึธื ืืื ืืึธื ืืฉื ืืืืืขืจ ืื Set-RDSPermissions.ps1 ืฉืจืืคื ืืื ืขืงืกืึทืงืืืืึทื ืืืืฃ ืื ืกืขืจืืืขืจ, ืืขืจ "ืคืึทืจืืืึทืืืขืจ" ืืืขื ืืึทืงืืืขื ืึท ืึทืงืกืขืก ืืขืืช. ืื ืืืืืื ื ืืึธ ืืื ืงืืึธืจ ืืื ืืขืจ ืืึธื: ืืืึทืจืื ืืื ืืขืจ ืืขืจืืื ืืึทื ืืฆืขืจ ืืึธืืก ืืื.
ื ืืึทื ืก 2. ื ืึธื ืขืืืขืืข ืืขื ืคืื ืืจืืขืื ืืื RDP Shadow, ืืืจ ืืืืขืจืงื ืึท ืืฉืืงืึทืืืข ืืฉืืง ืึธืืขืจ ืฉืืจืื: ื ืึธื ืืขื ืกืืฃ ืคืื ืื ืฉืึธืื ืกืขืกืืข, ืื ืฉืคึผืจืึทื ืืึทืจ ืืื ืื ืืึทืฅ ืคืึทืจืฉืืืื ืื ืคึฟืึทืจ ืืขืจ ืืึทื ืืฆืขืจ ืืืึธืก ืืื ืงืึธื ื ืขืงืืขื ืฆื, ืืื ืฆื ืืึทืงืืืขื ืขืก ืฆืืจืืง, ืืขืจ ืืึทื ืืฆืขืจ ืืึทืจืฃ ืฆื ืจืข -ืฆืืืื ืืจืืื. ืืื ืขืก ืืืจื ืก ืืืืก, ืืืจ ืืขื ืขื ื ืืฉื ืึทืืืื: , , .
ืึทื ืก ืึทืืข. ืืื ืืืื ืืฉื ืืืจ ืืื ืืืื ืกืขืจืืืขืจืก ืืื ืืขืืื ื. ืืื ืฉืืขื ืืืง, ืืื ืงืืง ืคืึธืจืืืก ืฆื ืืืื ืืึทืืขืจืงืื ืืขื ืืื ืื ืืึทืืขืจืงืื ืืขื ืืื ืืขืื ืืืจ ืฆื ื ืขืืขื ืื ืงืืจืฅ ืืืขืจืืืืง ืืื ืื.
ืงืืืืื
ืืืืื ืจืขืืืกืืจืืจื ื ืืฆืขืจืก ืงืขื ืขื ืึธื ืืืื ื ืขืืขื ืืื ืื ืืืขืจืืืืง. ืืืืข.
ืืืึธืก ืืึธื ืืืจ ื ืืฆื?
-
ืงืกื ืืืงืก%AMMYY Admin5
-
ืงืกื ืืืงืก%AnyDesk11
-
ืงืกื ืืืงืก%DameWare6
-
ืงืกื ืืืงืก%Radmin15
-
ืงืกื ืืืงืก%RDS Shadow9
-
ืงืกื ืืืงืก%ืฉื ืขื ืึทืกืืกื / Windows ืจืืืึธืื ืึทืกืืกืืึทื ืก 1
-
ืงืกื ืืืงืก%TeamViewer24
-
ืงืกื ืืืงืก%VNC20
-
ืงืกื ืืืงืก%ืื ืืขืจืข 20
-
ืงืกื ืืืงืก%LiteManager2
62 ืืื ืืฆืขืจ ืืืื ืืขืฉืืืื. 22 ืืื ืืฆืขืจ ืืืื ืืื ืืคืืขืืืืื.
ืืงืืจ: www.habr.com