Programmatically Determining Terminal Server Mode on Windows Server 2008

最新推荐文章于 2020-08-14 12:50:23 发布
原创 最新推荐文章于 2020-08-14 12:50:23 发布 · 322 阅读 · 0 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。

本文介绍如何通过编程方式查询 Windows Server 2008 的终端服务配置状态,包括是否安装了终端服务器角色及其运行模式,并提供了查询远程桌面设置的方法。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

A question on the terminal services newsgroup brought this topic to my attention: how can be determined programmatically if a Windows Server 2008 system is a terminal server and whether it runs in application server or remote administration mode? With Windows Server 2008 "terminal server" is a role that can be installed with the GUI tool Server Manager. If the role "terminal server" is installed then the system runs in application server mode. If not, it runs in remote administration mode. It is as simple as that. RDP connections can, however, be disallowed or limited to clients with Network Level Authentication (NLA). This is configured in the system's properties, accessible via:


SystemPropertiesAdvanced.exe -> Remote -> Remote Desktop


Now, how can these settings be queried programmatically?


Roles and features can be managed with the command line tool ServerManagerCmd.exe. Use the switch -query to get a listing of all roles and features and their current status (installed or not). Finding out how to query the Remote Desktop settings was a little harder. I used Process Monitor to spy on the registry activity ofSystemPropertiesAdvanced.exe when settings were applied and found the location where the relevant settings are stored. Here is a list of the three modes that can be set in the GUI and their corresponding registry values:


Don't allow connections to this computer


HKLM\System\CurrentControlSet\Control\Terminal Server\fDenyTSConnections = 1 HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\UserAuthentication = 0 HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\SecurityLayer = 1


Allow connections from computers running any version of Remote Desktop (less secure)


HKLM\System\CurrentControlSet\Control\Terminal Server\fDenyTSConnections = 0 HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\UserAuthentication = 0 HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\SecurityLayer = 1


Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)


HKLM\System\CurrentControlSet\Control\Terminal Server\fDenyTSConnections = 0 HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\UserAuthentication = 1 HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\SecurityLayer = 1


Wrapping it all up


I wrote a batch script that uses the techniques I described above and outputs the mode the terminal services on the local machine run in. The script was developed and tested on the June CTP release of Windows Server 2008. Feel free to use it in your own environment.


@echo off

::
:: QueryTSMode.cmd
::
:: Author: Helge Klein
::
:: Version: 1.0
::
:: Date: 2007-09-08
::
:: Description:
::
:: Query whether terminal services are installed and in which mode they operate.
::


setlocal


::
:: Determine whether the role “terminal server” is installed
::
echo.
servermanagercmd -query | find /i “[X] Terminal Server [TS-Terminal-Server]” 1>nul
if %ERRORLEVEL%==0 (
echo The role “Terminal Server” is installed. The system operates in application server mode
) else (
echo The role “Terminal Server” is not installed. The system operates in remote administration mode
)
echo.


::
:: Determine terminal server connection configuration
::
call :RegReadValue HKLM “System\CurrentControlSet\Control\Terminal Server” FDENYTSCONNECTIONS fDenyTSConnections
call :RegReadValue HKLM “System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” USERAUTHENTICATION UserAuthentication
call :RegReadValue HKLM “System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” SECURITYLAYER SecurityLayer


if %FDENYTSCONNECTIONS%==1 (
echo Connections to this computer are not allowed
exit /b
)


if %USERAUTHENTICATION%==0×0 (
echo Connections are allowed from computers running any version of Remote Desktop
) else (
echo Connections are allowed only from computers running Remote Desktop with Network Level Authentication
)


goto :eof


::
:: Subroutines
::


:RegReadValue


set RegReadValueName=%~4
if defined RegReadValueName (
:: Read a named value
set RegReadValueCmd=/v “%RegReadValueName%”
) else (
:: Read the default value
set RegReadValueCmd=/ve
)


for /f “usebackq tokens=*” %%i in (`reg query “%~1\%~2″ %RegReadValueCmd% ^| find /i /v “%~1\%~2″ ^| find /i “%RegReadValueName%”`) do @set RegReadValueTemp=%%i
for /f “tokens=1,*” %%i in (”%RegReadValueTemp:*REG_=%”) do @set %3=%%j


set RegReadValueName=
set RegReadValueCmd=
set RegReadValueTemp=


goto :eof

翻译《The Old New Thing》 - How to detect programmatically whether you are running on 64-bit Windows
0x0007 的博客
05-02 333
p=36553Raymond Chen 2005年2月1日。
\t\tRDP协议简介与通讯数据加密等级及设置说明
08-28 6308
RDP协议简介 RDP是一个多层多虚通道通讯协议,它在一个TCP连接中虚拟出若干个通道,分别进行各种信息的传输。 各个层次数据包说明: RDP层:RDP客户端任何的用户操作,都将形成RDP数据包,并以数据包类型形成RDP包头,然后将数据包传给Secure Connection层,由Secure Connection负责将数据往下传递。 Secure Connection层:该层再收到RDP层数据包
Group Policy Infrastructure
fatboyslim的专栏
07-06 8646
  Introduction Intended for system administrators, architects, and others who need to create and manage Group Policy settings, this paper explains Group Policy infrastructure and shows how the new Gr
expect man page
Legend(谭海燕)的专栏
02-20 2507
expect - programmed dialogue with interactive programs, Version 5Synopsisexpect [ -dDinN ] [ -c cmds ] [ [ -[f|b] ]cmdfile ] [ args ]Introduction<!--google_ad_cli
网页编程相关工具 压力测试等
10-08 6369
原地址:http://www.softwareqatest.com/qatweb1.htmlWeb Site Test Tools and Site Management Tools <br />More than 480 tools listed in 13 categories <br />Organization of Web Test Tools Listing - this tools listing has been loosely organized into the following ca
Praise for OpenGL ® ES ™ 3.0 Programming Guide
yangjia_cheng的博客
03-27 4580
www.it-ebooks.infoPraise for OpenGL ® ES ™ 3.0 Programming Guide,Second Edition“As a graphics technologist and intense OpenGL ES developer, Ican honestly say that if you buy only one book on OpenGL ES...
Web测试工具和管理工具 集合
热门推荐
释然乌托邦的专栏
05-10 2万+
Web Site Test Tools and Site Management Tools <br /> More than 500 tools listed in 13 categories <br />Organization of Web Test Tools Listing - this tools listing has been loosely organized into the following categories : Load and Performance Test T
45 Day Series: CodeProject VC++ Forum Q&A - I
goingup的专栏
09-18 1万+
IntroductionNothing unusual... this article is a compilation of questions and answers which were asked between 10 December 2004 and 23 Jan 2005 (45 days) on the Code Project Visual C++ forum. Also, th
NHibernate - Relational Persistence for Idiomatic .NET
孤独剑的专栏
12-10 7267
Preface Working with object-oriented software and a relational database can be cumbersome and time consuming in today's enterprise environments. NHibernate is an object/relational mapping too
next.js_Next.js手册
08-14 872
next.jsI wrote this tutorial to help you quickly learn Next.js and get familiar with how it works. 我编写本教程是为了帮助您快速学习Next.js并熟悉其工作方式。 It's ideal for you if you have zero to little knowledge of Next.js,...
JavaTM Secure Socket Extension (JSSE) Reference Guide
chaosllgao的专栏
09-28 3678
From: http://docs.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html Oracle Technology Network Software Downloads Documentation Search
idea license server address激活
03-08
### Intellij IDEA License Server Address Activation Instructions For activating IntelliJ IDEA using a license server, the process involves configuring the IDE to connect with this specific server. ...
kepserver- ucon
02-19
### KepServer UCon Configuration and Usage In the context of configuring and using UCon with KepServer, it is important to understand that UCon (Universal Connectivity) allows users to connect ...
OPC UA server
01-16
Establish connections between the OPC UA server and underlying data sources where actual values reside whether they come directly from physical devices connected via fieldbus technologies or simulated...
sql server 的图形界面
最新发布
04-02
### 推荐的 SQL Server 图形界面工具 对于 SQL Server 用户来说,选择合适的图形界面工具可以显著提升工作效率。以下是几款常用的 SQL Server GUI 工具及其特点: #### 1. **SQL Server Management Studio (SSMS)*...
How rdp passwords are encrypted
08-28 3111
About Terminal Server, Citrix, Delphi and other stuff How rdp passwords are encrypted  Ever wondered how mstsc saves passwords? If you open an RDP file with a text editor like Notepad you
RDP协议简介与通讯数据加密等级及设置说明
08-28 912
RDP协议简介 RDP是一个多层多虚通道通讯协议,它在一个TCP连接中虚拟出若干个通道,分别进行各种信息的传输。 各个层次数据包说明: RDP层:RDP客户端任何的用户操作,都将形成RDP数据包,并以数据包类型形成RDP包头,然后将数据包传给Secure Connection层,由Secure Connection负责将数据往下传递。 Secure Connection层:该层再收到RDP层数据包
windows通过Xrdp软件远程桌面连接
08-28 438
windows通过Xrdp软件远程桌面连接Fedora 从Windows机器远程桌面连接Fedora系统可以通过Xrdp软件来实现。这篇文章讲述了如何安装Xrdp和使用xrdp。从Windows中通过RDP协议远程桌面连接到linux系统是一件很困难的事情,但是如果使用了Xrdp软件,那么就会变得很轻松了。Xrdp提供了全部的linux终端功能,它会接受通过RDP协议连
\t\trdesktop架构解析(RDP协议分析)
08-28 398
本文立足于rdesktop的架构层次进行解析,算是抛砖引玉,国内对RDP协议深入解析的资料到本文发布时为空白!调用层次: rdp_--->sec_--->mcs_--->iso_--->tcp_协议包编解码层次: rdp_hdr->sec_hdr->mcs_hdr->iso_hdr->data,所有这些指针组成一个STREAM.view plaincopy to clipboardprint?01
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值