Allow or deny remote desktop connections on remote computer

PowerShell

Sometimes I need to enable Remote Desktop Connections temporarily on the remote commputer and disable it after work.
For this task I have got short PowerShell script. It is simple solution for quick work.
It works when remote PC is available for remote control by WMI (opened ports, enable WMI) You need administrator priveleges.
The Script has 2 parameters. First parameter (-ComputerName) is mandatory, it’s a remote computer name.
Second parameter (-AllowRDC) is optional and boolean. It has 2 options: $true and $false, $true by default.

Examples

.\AllowRDC.ps1 -ComputerName “comp01.contoso.com” -AllowRDC $true
Remote desktop connections are ALLOWED on ‘comp01.contoso.com’.

.\AllowRDC.ps1 -ComputerName “comp01.contoso.com”
Remote desktop connections are ALLOWED on ‘comp01.contoso.com’.

.\AllowRDC.ps1 -ComputerName “comp01.contoso.com” -AllowRDC $false
Remote desktop connections are DENIED on ‘comp01.contoso.com’.

<#
.SYNOPSIS
    Remote desktop connection allow/deny (only chekbox)
.DESCRIPTION
    This script allow/deny remote desktop connections on remote computer
    You must have administrator privelegies on remote computer and allow firewall rules
.PARAMETER ComputerName
    Remote computer NetBIOS name or FQDN
.PARAMETER AllowRDC
    Allow Remote Desktop Connections $true for enable, $false for disable, $true by default
.EXAMPLE
    .\AllowRDC.ps1 -ComputerName “comp01.contoso.com” -AllowRDC $true
      .\AllowRDC.ps1 -ComputerName “comp01.contoso.com”
#>

Param (
[PARAMETER (Mandatory=$true)] [string]$ComputerName,
[PARAMETER (Mandatory=$false)] [bool]$AllowRDC = $true
)

If ($RDCService = ($null = Get-WmiObject -Namespace “root\cimv2\TerminalServices” -Class Win32_TerminalServiceSetting -ComputerName $ComputerName -ErrorAction SilentlyContinue -WarningAction SilentlyContinue))
{
     $null = $RDCService.SetAllowTSConnections($AllowRDC)
     $null = $RDCService = Get-WmiObject -Namespace “root\cimv2\TerminalServices” -Class Win32_TerminalServiceSetting -ComputerName $ComputerName -ErrorAction SilentlyContinue -WarningAction SilentlyContinue
     If ($RDCService.AllowTSConnections -eq $true)
     {
          Write-Host -ForegroundColor Green “Remote desktop connections are ALLOWED on ‘$ComputerName’.”
     }
    Else
    {
         Write-Host -ForegroundColor Yellow “Remote desktop connections are DENIED on ‘$ComputerName’.”
    }
}
Else
{
     Write-Host -ForegroundColor Red -BackgroundColor Black “Can’t connect to ‘$ComputerName’. Check computer name, user rigts and firewall rules!”
}
Exit

Leave a Reply