Powershell commands to check Active Directory attributes named: “Remote Desktop Services Profile”

To retrieve Remote Desktop settings,“Get-ADUser -Identity sgupta -Properties *” won’t help us find properties with all info, because Get-ADUser can’t get them all.

I have to use a Distinguished Name (DN) in order to get the user object:

PS c:> Import-Module ActiveDirectory
PS C:> $ADUser = [ADSI]“LDAP://CN=sgupta,OU=Users,DC=sysghost,DC=com”

But I got many OU’s…..

PS C:> $ADUser = Get-ADUser UserName | select -ExpandProperty disting*
PS C:> $ADUser = [ADSI]“LDAP://$ADUser”

Next, I query the object received with its InvokeGet() method.
First, I see if the Profile Path attribute is populated:

PS C:> $ADUser.psbase.InvokeGet(“terminalservicesprofilepath”)
\SR-FILE01ProfilesUserName

for checking RDS Home directory:

PS C:> $ADUser.psbase.InvokeGet(“terminalserviceshomedirectory”)
\SR-FILE01UserName$

 

So I can also check bulks of users:

PS C:> Get-ADGroupMember “Domain users” | ForEach-Object {
Write-Host $_.samaccountname + ” RDP Configuration:”
$x = [ADSI]“LDAP://$($_.DistinguishedName)”
$x.psbase.invokeget(“terminalservicesprofilepath”)
$x.psbase.invokeget(“allowLogon”)
}

Thats all. You can save it as script.ps1 and then run it for saving output in text file as:

PS C:>.script.ps1 >c:script.txt

Enjoy!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s