-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathAdd-RdpPermission.ps1
65 lines (49 loc) · 2.26 KB
/
Add-RdpPermission.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
<#
.SYNOPSIS
Add-RdpPermission is a cmdlet that is used for adding RDP permissions onto a remote computer for a Domain user.
.DESCRIPTION
Adds RDP access on a computer for a defined Domain user.
.NOTES
Author: Robert H. Osborne
Alias: tobor
Contact: [email protected]
.LINK
https://osbornepro.com
https://writeups.osbornepro.com
https://btpssecpack.osbornepro.com
https://github.com/tobor88
https://gitlab.com/tobor88
https://www.powershellgallery.com/profiles/tobor
https://www.linkedin.com/in/roberthosborne/
https://www.credly.com/users/roberthosborne/badges
https://www.hackthebox.eu/profile/52286
.EXAMPLE
Add-RdpPermission -ComputerName $ComputerName -AdUser $SamAccountUserName
.EXAMPLE
Add-RdpPermission -ComputerName $ComputerName -AdUser $SamAccountUserName -Verbose
#>
Function Add-RdpPermission {
[CmdletBinding()]
param(
[Parameter(Mandatory=$True,
Position=0,
ValueFromPipeline=$True,
ValueFromPipelineByPropertyName=$True,
HelpMessage="The Remote Computer's Hostname. `n Example: Desktop01 `n`n If you see this message, you will need to enter the remote computers name you want to add RDP permissions too.")] # End Parameter
[ValidateNotNullorEmpty()]
[String[]]$ComputerName, # End Paramater
[Parameter(Mandatory=$True,
Position=1,
ValueFromPipeline=$True,
ValueFromPipelineByPropertyName=$True,
HelpMessage="The Active Directory User's SamAccountName. `n Example: firstname.lastname `n`n If you see this message, you will need to enter the domain users SamAccountName you want to add RDP permissions too.")] # End Parameter
[ValidateNotNullorEmpty()]
[String[]]$AdUser # End Parameter
) # End param
Invoke-Command -ComputerName $ComputerName -ScriptBlock {
net LOCALGROUP "Remote Desktop Users" /ADD "$AdUser"
net LOCALGROUP "Remote Desktop Users"
Write-Host "If you have received an error message you either will need to run the command as an adminstrator or the user is already a member of allowed RDP users."
Read-Host "Press Enter to Exit"
} # End Invoke-Command
} # End Function