-
Notifications
You must be signed in to change notification settings - Fork 147
/
rdp_status.ps1
56 lines (54 loc) · 2.73 KB
/
rdp_status.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
$RDPTCPpath = 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\Winstations\RDP-Tcp'
$RDPServerPath = 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server'
$items= @(
@{
description="Verify that the Ethernet adapter is active, expect [Enabled]:";
cmd="netsh interface show interface"
},
@{
description="Verify that DHCP is enabled and IP configuration is correct, expect [DHCP Enabled: Yes]:";
cmd="netsh interface ipv4 show addresses"
},
@{
description="Check the Remote Desktop Service status, expect [Running]:";
cmd="(Get-Service -Name TermService).Status"
},
@{
description="Verify that Remote Desktop Session Host is enabled for multi-user connection, expect [installed]:";
cmd="(Get-WindowsFeature -Name RDS-RD-Server).InstallState"
},
@{
description="Check that Remote Connections are enabled, expect [fDenyTSConnections: 0]:";
cmd="Write-Host $RDPServerPath'\fDenyTSConnections: '(Get-ItemProperty -Path '$RDPServerPath' -Name fDenyTSConnections -ErrorAction SilentlyContinue).fDenyTSConnections"
},
@{
description="Ensure that the Windows firewall has Remote Desktop Connections enabled, expect [Enabled:Yes]:";
cmd="netsh advfirewall firewall show rule name='Remote Desktop - User Mode (TCP-In)'"
},
@{
description="Check what port number is configured for RDP connections, expect [default: 3389]:";
cmd="Write-Host $RDPTCPpath'\PortNumber: '(Get-ItemProperty -Path '$RDPTCPpath' -Name PortNumber -ErrorAction SilentlyContinue).PortNumber"
},
@{
description="Ensure that connected user account has permissions for remote connections, expect [target local/domain username in resulting list]:";
cmd="net localgroup 'Remote Desktop Users'"
},
@{
description="Verify that MTU size is no greater than 1460, expect [MTU <= 1460, Interface:Ethernet]:";
cmd="netsh interface ipv4 show subinterfaces"
},
@{
description="Verify that client-server seecurity negotiation is set to default value, expect [SecurityLayer REG_DWORD 0x0, 0x1, 0x2] depending on Security Layer configuration:";
cmd="reg query 'HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' /v SecurityLayer"
},
@{
description="Verify that Network-level UserAuthentication is set to default value, expect [UserAuthentication REG_DWORD 0x0 or 0x1]:";
cmd="reg query 'HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' /v UserAuthentication"
}
)
Write-Host "If you see any unexpected values, please go to troubleshooting guide:`nhttps://cloud.google.com/compute/docs/troubleshooting/troubleshooting-rdp`n"
foreach($item in $items){
Write-Host $item["description"]
Invoke-Expression $item["cmd"]
Write-Host
}