Created
March 24, 2012 11:19
-
-
Save pavank/2181246 to your computer and use it in GitHub Desktop.
Open Locked out RDP Firewall Rule
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# Take General Parameters from User #> | |
| param([string] $ServerName=(Read-Host -prompt "Please Enter Server Name"),[string] $UserName=(Read-Host -prompt "Please Enter Your User Name"),[string] $Password=(Read-Host -prompt "Please Enter Your Password")) | |
| function Job(){ | |
| cls | |
| #Local Firewall | |
| $fw = New-Object -ComObject hnetcfg.fwpolicy2 | |
| #Delete Existing Rules | |
| $fw.rules.Remove("Remote Desktop (TCP-In)") | |
| $fw.rules.Remove("Remote Desktop - RemoteFX (TCP-In)") | |
| #Add new rules | |
| reg add "hklm\system\currentcontrolset\control\terminal server" /f /v fDenyTSConnections /t REG_DWORD /d 0 | |
| $newrule = New-Object -com HNetCfg.FWRule | |
| $newrule.Name = "Remote Desktop (TCP-In)" | |
| $newrule.Description = "Inbound rule for the Remote Desktop service to allow RDP traffic. [TCP 3389]" | |
| $newrule.Grouping="Remote Desktop" | |
| $newrule.Protocol = 6 | |
| $newrule.LocalPorts=3389 | |
| $newrule.Enabled = 1 | |
| $newrule.Action=1 | |
| $fw.Rules.Add($newrule) | |
| $newrule = New-Object -com HNetCfg.FWRule | |
| $newrule.Name = "Remote Desktop - RemoteFX (TCP-In)" | |
| $newrule.Description = "Inbound rule for the Remote Desktop service to allow RDP traffic. [TCP 3389]" | |
| $newrule.Grouping = "Remote Desktop - RemoteFX" | |
| $newrule.ApplicationName = "%SystemRoot%\system32\svchost.exe" | |
| $newrule.Protocol = 6 | |
| $newrule.LocalPorts=3389 | |
| $newrule.Enabled = 1 | |
| $newrule.Action=1 | |
| $fw.Rules.Add($newrule) | |
| $fw.rules | Where-Object { $_.enabled } | Where-Object {$_.direction -eq "1"} | Where-Object {$_.Name -match "Remote Desktop"} | |
| } | |
| <# Build Credential Object #> | |
| $SecurePassword=ConvertTo-SecureString -AsPlainText -Force -String $Password | |
| $Credential=New-Object System.Management.Automation.PSCredential $UserName,$SecurePassword | |
| $Session=Get-PSSession -ComputerName $ServerName -ErrorAction SilentlyContinue | |
| If($Session.Name -eq $null) | |
| { | |
| $Session = New-PSSession -ComputerName $ServerName -Authentication "Negotiate" -Credential $Credential | |
| } | |
| cls | |
| Invoke-Command -Session $Session -ScriptBlock ${function:Job} | |
| Remove-PSSession -ComputerName $ServerName |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment