Posted On November 2, 2021

An Exercise in Discover Whether an Active Directory Account Has RDP Access to Windows Bastion Hosts

kimconnect 0 comments
blog.KimConnect.com >> Codes , Windows >> An Exercise in Discover Whether an Active Directory Account Has RDP Access to Windows Bastion Hosts
November 2, 2021November 2, 2021 kimconnectkimconnect 0 Comments

Check Computers:

$computernames='RDPSERVER01','RDPSERVER02','RDPSERVER03'
invoke-command -computername $computernames {get-localgroupmember 'remote desktop users'}|select PSComputername,Name

# Sample output
PS C:\Windows\system32> invoke-command -computername @('RDPSERVER01','RDPSERVER02','RDPSERVER03') {get-localgroupmember 'remote desktop users'}|select PSComputername,Name

PSComputerName Name
-------------- ----
RDPSERVER01   KIMCONNECT\Domain Admins
RDPSERVER01   KIMCONNECT\Bastion RDP
RDPSERVER02   KIMCONNECT\Domain Admins
RDPSERVER02   KIMCONNECT\Bastion RDP
RDPSERVER03   KIMCONNECT\Domain Admins
RDPSERVER03   KIMCONNECT\Bastion RDP

Check User Account:

$username='kimconnect'
Get-ADUser $username -Properties *|select SamAccountName,Name,BadLogonCount,LastLogonDate,LockedOut,MemberOf,Modified,PasswordExpired,PasswordLastSet

# Sample output
PS C:\Windows\system32> Get-ADUser $username -Properties *|select SamAccountName,Name,BadLogonCount,LastLogonDate,LockedOut,MemberOf,Modified,PasswordExpired,PasswordLastSet

SamAccountName  : kimconnect
Name            : Kim Connect
BadLogonCount   : 2
LastLogonDate   : 10/13/2010 1:41:45 AM
LockedOut       : False
MemberOf        : {CN=Bastion RDP,DC=kimconnect,DC=com}
Modified        : 10/13/2010 1:41:53 AM
PasswordExpired : False
PasswordLastSet : 10/13/2010 1:41:45 AM
Categories:

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Post Image

Read More

PowerShell: Check RPC Reachability of Remote Computer

# This is an ancient script that would work with PowerShell versions 2 to 5,…
Post Image

Read More

Excel Visual Basic For Application (VBA): Determine IP List

Set objExcel = CreateObject("Excel.Application") objExcel.Visible = True intRow = 2 Set Fso = CreateObject("Scripting.FileSystemObject") Set…
Post Image

Read More

User Account Control

Via Domain Policy: Create new GPO >> Edit >> Computer Configuration >> Policies >> Windows…