GET-IT: TEAMS DAY | 1-Day Free Virtual Conference all about Teams. Here on Petri.com - 8/12/20 GET-IT: TEAMS DAY - 8/12/20

Automatically create RDP file with password

Home Forums Virtualization Terminal Services Automatically create RDP file with password

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    JeremyW
    Member
    #133213

    Recently I had a need to distribute an RDP file to several users that, when they use it, would log them on without prompting for username and password. We all know that it is possible to save an RDP file with the password in it but the problem is when you move it between users or computers the password doesn’t work.

    Info on why can be found here http://www.remkoweijnen.nl/blog/2007/10/18/how-rdp-passwords-are-encrypted/

    The above link also provides code for converting a password string into the encrypted password. After a crash course in VB.NET I was able to write a utility that will hash a password properly for an RDP file.

    So with this utility I’m able to dynamically create an RDP file with the password in it and deploy the script to whoever needs it.

    Giving credit where it’s due. The VB.NET example from here was the base and with a few tweaks from the comments in the first link I was able to get a working utility.

    Usage for the utility:
    cryptRDP5.exe password[/CODE]

    Here’s an example batch [SIZE=”1″](I named it [B]LTD2.cmd[/B] but you can change that)[/SIZE] that I used as a logon script. (the password argument was passed by the GPO)
    [CODE]:: Usage:
    :: LTD2.cmd password
    ::
    :: Variables:
    :: “hashtool” – location of the hash tool
    :: “outputfile” – destination and name for the .rdp file
    :: “comp” – computer name (can be FQDN or NetBIOS)
    :: “domain” – name of authenticating domain
    :: (if stand-alone enter computer name)
    :: “usr” – Username

    @echo
    Off

    If “%1″==”” Goto EOF

    set pwd=%1
    Set hashtool=”%ProgramFiles%CryptRDPcryptRDP5.exe”
    set outputfile=”%userprofile%desktopcomputerA.rdp”
    set comp=ComputerA
    set domain=jeremyw
    set usr=imuser

    for /f “tokens=*” %%a in (‘%hashtool% %pwd%’) do set pwdhash=%%a

    :CreateRDP
    If EXIST %outputfile% del %outputfile%
    Echo screen mode id:i:2>> %outputfile%
    Echo desktopwidth:i:1024>> %outputfile%
    Echo desktopheight:i:768>> %outputfile%
    Echo session bpp:i:24>> %outputfile%
    Echo winposstr:s:0,1,32,68,800,572>> %outputfile%
    Echo full address:s:%comp%>> %outputfile%
    Echo compression:i:1>> %outputfile%
    Echo keyboardhook:i:2>> %outputfile%
    Echo audiomode:i:2>> %outputfile%
    Echo redirectdrives:i:0>> %outputfile%
    Echo redirectprinters:i:0>> %outputfile%
    Echo redirectcomports:i:0>> %outputfile%
    Echo redirectsmartcards:i:1>> %outputfile%
    Echo displayconnectionbar:i:1>> %outputfile%
    Echo autoreconnection enabled:i:1>> %outputfile%
    Echo authentication level:i:0>> %outputfile%
    Echo username:s:%usr%>> %outputfile%
    Echo domain:s:%domain%>> %outputfile%
    Echo alternate shell:s:>> %outputfile%
    Echo shell working directory:s:>> %outputfile%
    Echo password 51:b:%pwdhash%>> %outputfile%
    Echo disable wallpaper:i:1>> %outputfile%
    Echo disable full window drag:i:0>> %outputfile%
    Echo disable menu anims:i:0>> %outputfile%
    Echo disable themes:i:0>> %outputfile%
    Echo disable cursor setting:i:0>> %outputfile%
    Echo bitmapcachepersistenable:i:1>> %outputfile%

    :EOF[/CODE]

    Hope you find it useful!
    8)[CODE]cryptRDP5.exe password[/CODE]

    Here’s an example batch (I named it LTD2.cmd but you can change that) that I used as a logon script. (the password argument was passed by the GPO)
    :: Usage:
    :: LTD2.cmd password
    ::
    :: Variables:
    :: “hashtool” – location of the hash tool
    :: “outputfile” – destination and name for the .rdp file
    :: “comp” – computer name (can be FQDN or NetBIOS)
    :: “domain” – name of authenticating domain
    :: (if stand-alone enter computer name)
    :: “usr” – Username

    @echo
    Off

    If “%1″==”” Goto EOF

    set pwd=%1
    Set hashtool=”%ProgramFiles%CryptRDPcryptRDP5.exe”
    set outputfile=”%userprofile%desktopcomputerA.rdp”
    set comp=ComputerA
    set domain=jeremyw
    set usr=imuser

    for /f “tokens=*” %%a in (‘%hashtool% %pwd%’) do set pwdhash=%%a

    :CreateRDP
    If EXIST %outputfile% del %outputfile%
    Echo screen mode id:i:2>> %outputfile%
    Echo desktopwidth:i:1024>> %outputfile%
    Echo desktopheight:i:768>> %outputfile%
    Echo session bpp:i:24>> %outputfile%
    Echo winposstr:s:0,1,32,68,800,572>> %outputfile%
    Echo full address:s:%comp%>> %outputfile%
    Echo compression:i:1>> %outputfile%
    Echo keyboardhook:i:2>> %outputfile%
    Echo audiomode:i:2>> %outputfile%
    Echo redirectdrives:i:0>> %outputfile%
    Echo redirectprinters:i:0>> %outputfile%
    Echo redirectcomports:i:0>> %outputfile%
    Echo redirectsmartcards:i:1>> %outputfile%
    Echo displayconnectionbar:i:1>> %outputfile%
    Echo autoreconnection enabled:i:1>> %outputfile%
    Echo authentication level:i:0>> %outputfile%
    Echo username:s:%usr%>> %outputfile%
    Echo domain:s:%domain%>> %outputfile%
    Echo alternate shell:s:>> %outputfile%
    Echo shell working directory:s:>> %outputfile%
    Echo password 51:b:%pwdhash%>> %outputfile%
    Echo disable wallpaper:i:1>> %outputfile%
    Echo disable full window drag:i:0>> %outputfile%
    Echo disable menu anims:i:0>> %outputfile%
    Echo disable themes:i:0>> %outputfile%
    Echo disable cursor setting:i:0>> %outputfile%
    Echo bitmapcachepersistenable:i:1>> %outputfile%

    :EOF[/CODE]

    Hope you find it useful!
    8)[CODE]:: Usage:
    :: LTD2.cmd password
    ::
    :: Variables:
    :: “hashtool” – location of the hash tool
    :: “outputfile” – destination and name for the .rdp file
    :: “comp” – computer name (can be FQDN or NetBIOS)
    :: “domain” – name of authenticating domain
    :: (if stand-alone enter computer name)
    :: “usr” – Username

    @echo
    Off

    If “%1″==”” Goto EOF

    set pwd=%1
    Set hashtool=”%ProgramFiles%CryptRDPcryptRDP5.exe”
    set outputfile=”%userprofile%desktopcomputerA.rdp”
    set comp=ComputerA
    set domain=jeremyw
    set usr=imuser

    for /f “tokens=*” %%a in (‘%hashtool% %pwd%’) do set pwdhash=%%a

    :CreateRDP
    If EXIST %outputfile% del %outputfile%
    Echo screen mode id:i:2>> %outputfile%
    Echo desktopwidth:i:1024>> %outputfile%
    Echo desktopheight:i:768>> %outputfile%
    Echo session bpp:i:24>> %outputfile%
    Echo winposstr:s:0,1,32,68,800,572>> %outputfile%
    Echo full address:s:%comp%>> %outputfile%
    Echo compression:i:1>> %outputfile%
    Echo keyboardhook:i:2>> %outputfile%
    Echo audiomode:i:2>> %outputfile%
    Echo redirectdrives:i:0>> %outputfile%
    Echo redirectprinters:i:0>> %outputfile%
    Echo redirectcomports:i:0>> %outputfile%
    Echo redirectsmartcards:i:1>> %outputfile%
    Echo displayconnectionbar:i:1>> %outputfile%
    Echo autoreconnection enabled:i:1>> %outputfile%
    Echo authentication level:i:0>> %outputfile%
    Echo username:s:%usr%>> %outputfile%
    Echo domain:s:%domain%>> %outputfile%
    Echo alternate shell:s:>> %outputfile%
    Echo shell working directory:s:>> %outputfile%
    Echo password 51:b:%pwdhash%>> %outputfile%
    Echo disable wallpaper:i:1>> %outputfile%
    Echo disable full window drag:i:0>> %outputfile%
    Echo disable menu anims:i:0>> %outputfile%
    Echo disable themes:i:0>> %outputfile%
    Echo disable cursor setting:i:0>> %outputfile%
    Echo bitmapcachepersistenable:i:1>> %outputfile%

    :EOF[/CODE]

    Hope you find it useful!
    8)

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.