Skip to content

Instantly share code, notes, and snippets.

Created November 4, 2017 22:26
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 7 You must be signed in to fork a gist
  • Save keithga/8ff1cfaf35010cf19caaec7ec5f9932f to your computer and use it in GitHub Desktop.
Save keithga/8ff1cfaf35010cf19caaec7ec5f9932f to your computer and use it in GitHub Desktop.
Remote Desktop Generator for Azure
Auto Generate a RDG file for Azure.
Will create a Microsoft Remote Desktop Connection Manager *.RDG file
from the Virtual Machines within your Azure Tenant.
Location of the target *.RDG file.
The default is "My Azure Machines.rdg" placed on the desktop
Will create the RDG file *even* if the file already exists (force it).
.PARAMETER Credential
An array of [PSCredential] objects to be placed in the RDG file.
Credentials for logging into Azure
C:\PS> .\RDGGen.ps1
Generate the RDG file with no built in credentials.
C:\PS> $cred = Get-Credential
C:\PS> .\RDGGen.ps1 -Credential $Cred
Generate an RDG file with credentials from the prompt.
Please be aware that although credentials are stored within the *.RDG file
"encrypted", any program running within the user's context can extract the
password as plain text. YMMV.
Copyright Keith Garner, All rights reserved.
Apache License
[pscredential[]] $Credential,
[string] $path = ([Environment]::GetFolderPath("Desktop") + "\My Azure Machines.rdg" ),
[switch] $force,
[pscredential] $AzureCred
#region Support Routines
function Get-CredentialBlob {
param( [pscredential[]] $Credential )
process {
foreach ( $cred in $Credential ) {
$PasswordBytes = [System.Text.Encoding]::Unicode.GetBytes($cred.GetNetworkCredential().password)
$SecurePassword = [Security.Cryptography.ProtectedData]::Protect($PasswordBytes, $null, [Security.Cryptography.DataProtectionScope]::LocalMachine)
$Base64Password = [System.Convert]::ToBase64String($SecurePassword)
<credentialsProfile inherit="None">
<profileName scope="Local">$($cred.UserName)</profileName>
function Get-MyAzureServices {
param ( $Services )
foreach ( $Service in $Services ) {
foreach ( $VM in Get-AzureVM -ServiceName $service.label ) {
$Port = $VM | Get-AzureEndpoint | ? Name -eq RemoteDesktop | % Port
# Connect to Azure and get the server list..
Import-module azure -Force -ErrorAction SilentlyContinue
$Services = get-azureservice -ErrorAction SilentlyContinue
if ( -not $Services ) {
if ( $AzureCred ) {
Add-AzureAccount -Credential $AzureCred
else {
$Services = get-azureservice -ErrorAction SilentlyContinue
<?xml version="1.0" encoding="utf-8"?>
<RDCMan programVersion="2.7" schemaVersion="3">
$( get-CredentialBlob $Credential )
if ( $Credential ) {
<logonCredentials inherit="None">
<profileName scope="File">$($Credential | Select-object -first 1 | % UserName )</profileName>
<remoteDesktop inherit="None">
$( Get-MyAzureServices $Services )
<connected />
<favorites />
<recentlyUsed />
"@ | out-file -filepath $path -Encoding utf8 -force:$Force
if ( test-path $path ) {
& 'C:\Program Files (x86)\Microsoft\Remote Desktop Connection Manager\RDCMan.exe' $path
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment