PowerShell

Automating Terminal Services Property Updates with PowerShell

Stephane Thirion
· 2 min read
Automating Terminal Services Property Updates with PowerShell
Photo by Markus Spiske / Unsplash

Here a simple script that automates the process of updating Terminal Services properties for multiple user objects in Active Directory.

The primary objective of this script is to set values for two crucial Terminal Services properties: TerminalServicesProfilePath and TerminalServicesHomeDirectory for user object. These properties define the profile path and home directory for users connecting to a Windows Remote Desktop Services (RDS) environment.

  1. Setting Values: The script starts by defining two variables, $TShdValue and $TSppValue, which will hold the values to be assigned to the Terminal Services properties.
  2. Logging: It defines a log file path using the $LogFilePath variable and initiates a transcript using Start-Transcript. This is essential for capturing the script's output for later review or debugging.
  3. LDAP Search: The script specifies an LDAP filter, $ObjFilter, to search for user objects in Active Directory. It then creates a DirectorySearcher object to perform the search.
  4. Search and Update: Using the LDAP search results, the script loops through each user object, retrieves the user's distinguished name, and updates the TerminalServicesProfilePath and TerminalServicesHomeDirectory properties. These updates are done through the use of InvokeSet and setinfo() methods, ensuring that the Terminal Services properties are set correctly for each user.
# Set the values for TerminalServicesHomeDirectory and TerminalServicesProfilePath
$TShdValue = ""
$TSppValue = ""

# Define the path to the log file
$LogFilePath = "C:\PathToLogFile\resetRDStab.log"

# Start transcript to capture the script's output in a log file
Start-Transcript -Path $LogFilePath -Append

# Define the LDAP filter to search for user objects
$ObjFilter = "(&(objectCategory=person)(objectCategory=User))"

# Create a DirectorySearcher object
$objSearch = New-Object System.DirectoryServices.DirectorySearcher
$objSearch.PageSize = 15000
$objSearch.Filter = $ObjFilter
$objSearch.SearchRoot = "LDAP://OU=UsersWorldcom,DC=worldcom,DC=local"

# Perform the LDAP search
$AllObj = $objSearch.FindAll()

# Loop through the search results and update Terminal Services properties
foreach ($Obj in $AllObj) {
    $objItemS = $Obj.Properties
    $UserDN = $objItemS.distinguishedname
    $user = [ADSI]"LDAP://$UserDN"

    # Set TerminalServicesProfilePath and TerminalServicesHomeDirectory
    $user.psbase.InvokeSet("TerminalServicesProfilePath", $TSppValue)
    $user.psbase.InvokeSet("TerminalServicesHomeDirectory", $TShdValue)
    $user.setinfo()

    Write-Host "Updated Terminal Services properties for $UserDN"
}

# Stop the transcript and close the log file
Stop-Transcript

In this example; the values TShdValue and TSppValue are left blank because my goal was to clear out the existing values in user's account properties.

Related Articles

Docker Swarm on Ubuntu

Docker Swarm on Ubuntu

· 4 min read
Busy Light with ESP8266 mini D1 and Home Assistant

Busy Light with ESP8266 mini D1 and Home Assistant

· 3 min read
Citrix Adaptive Authentication (Netscaler) SAML Assertion verification failed

Citrix Adaptive Authentication (Netscaler) SAML Assertion verification failed

· 1 min read
Synchronizing Disabled User Accounts Between Active Directory Domains (forest) Using PowerShell

Synchronizing Disabled User Accounts Between Active Directory Domains (forest) Using PowerShell

· 3 min read
Automated Random User Creation Script for Active Directory

Automated Random User Creation Script for Active Directory

· 2 min read
Citrix's Struggles with Partners: How It Impacts Their Business

Citrix's Struggles with Partners: How It Impacts Their Business

· 2 min read