Monitoring with PowerShell Chapter 2: Monitor RDS Security and Licensing status

Kelvin Tegelaar | 27 Jan, 2018 | 1 Mins Read

Hi All,

Today we will be focusing on monitoring the RDS Security layer and licensing status, we often have RDS deployments in which a small oversight happens or the RD-Licensing information is lost. We’ll run a PowerShell script to check if the licensing is set-up correctly, and in what license mode we are running, it will also give us feedback if SSL and NLA are not enabled.

First we’ll start by getting the Security Status:


$RDCollectionName = (Get-RDSessionCollection).CollectionName
$RDSec = Get-RDSessionCollectionConfiguration -CollectionName $RDCollectionName -Security

$NLAEnabled = $RDsec.AuthenticateUsingNLA
$EncryptionLevel = $RDsec.EncryptionLevel
$SecurityLayer = $RDsec.SecurityLayer

Now we can alert on the variables returned to us with the following thresholds:

$NLAEnabled should be True
$EncryptionLevel should be High
$SecurityLayer should be Negotiate or SSL Next up is the licensing status which is simpler as on any RDS enabled host you can run the Get-RDLicenseConfiguration cmdlet, this give us all the information we want:


$LicenseMode = (Get-RDLicenseConfiguration).Mode
$LicenseServer = (Get-RDLicenseConfiguration).LicenseServer

This will return the License mode which you can alert on – We always expect the license mode to be “Per-User” but sometimes this is not set, or set to “Per-Device”.

Enjoy!

CyberDrain CTF returns! (and so do I!)

It’s been since september that I actually picked up a digital pen equivalent and wrote anything down. This was due to me being busy with life but also my side projects like CIPP. I’m trying to get back into the game of scripting and blogging about these scripts. There’s still so much to automate and so little time, right? ;)

Intro

This is a monitoring script requested via Reddit, One of the reddit r/msp users wondered how they can monitor Acronis a little bit easier. I jumped on this because it happened pretty much at the same time that I was asked to speak at the Acronis CyberSummit so it kinda made sense to script this so I have something to demonstrate at my session there.

Intro

Wow! It’s been a while since I’ve blogged. I’ve just been so swamped with CIPP that I’ve just let the blogging go entirely. It’s a shame because I think out of all my hobbies it’s one I enjoy the most. It’s always nice helping others achieve their scripting target. I even got a couple of LinkedIn questions asking if I was done with blogging but I’m not. Writing always gives me some more piece of mind so I’ll try to catch up again. I know I’ve said that before but this time I’ll follow through. I’m sitting down right now and scheduling the release of 5 blogs in one go. No more whining and no more waiting.