With the MS12-020 RDP explit that was just announced, I wanted to be able to determine which of our servers have Network Level Authentication enabled for Remote Desktop, which will help reduce the risk until they are patched. I created a Configuration Item to determine if NLA is enabled based on the UserAuthentication value being set to “1” in the following registry key: HKLMSystemCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp. After reviewing some comlpiance reports, I noticed some servers were showing up as not compliant even though a GPO was in place to enable NLA for them. Of course, I overlooked the fact that if you enable NLA using Group Policy, the UserAuthentication value is located in HKLMSoftwarePoliciesMicrosoftWindows NTTerminal Services.

I have only used the DCM feature of SCCM once before, so I was not very familiar with it. I attempted to find a way to create a second Configuration Item for the second registry location, and create a baseline that reports compliance if one or the other items are validated. It appears this is not possible.

1. Aug 11, 2018 If you have been working with SCCM deployments long enough, eventually you may encounter a need to display a window during running Task Sequence. It may be just a simple message box advising user to save all their data, up to more complex solutions with multiple options for the users.
2. Use Configuration Manager remote connection profiles to allow your users to remotely connect to work computers. These profiles let you deploy Remote Desktop Connection settings to users in your hierarchy. Users can access any of their primary work computers through Remote Desktop over a VPN connection.
3. PENDING Unable to install SCCM push client in windows. NEW 'not enough storage is available to complete this operation' Windows Server 2012 R2 RDP.

From the SCCM Console, right-click on the device and choose client settings — Resultant Client Settings From the resultant client settings, remote tools, remote control is enabled with permitted viewers who can use the remote tools feature. Both the above checklist are.

So – in order to get accurate compliance information (whether a server has NLA enabled manually or through Group Policy) I wrote a script to check both registry locations and report as compliant if NLA is enabled in either location.

————
REM This script will detect if Network Level Authentication is enabled either manually or by GPO
REM This script will return “Compliant” if NLA is enabledstrComputer = “.”

Sccm Rdp User

Const HKLM = &H80000002

Paranormal activity 5 full movie free.
Const PathManual = “SystemCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp”
Const PathGPO = “SoftwarePoliciesMicrosoftWindows NTTerminal Services”
Const valueName = “UserAuthentication”

Set REG=GetObject(“winmgmts:{impersonationLevel=impersonate}!” & strComputer & “rootdefault:StdRegProv”)
REG.GetDWORDValue HKLM,PathManual,valueName,manualNLA
REG.GetDWORDValue HKLM,PathGPO,valueName,GPONLA

IF manualNLA = 1 THEN
wscript.echo “Compliant”
ELSEIF GPONLA = 1 THEN
wscript.echo “Compliant”
ELSE
wscript.echo “NOTCompliant”
END IF

————-

This is how the Configuration Item is configured:

On the Settings tab select New – Script.

Sccm Rdp Jobs

• On the General tab provide a Name, specify VBScript as the Script language, and enter the following script:
  
• On the Validation tab set the Data Type to String, and create a new validation entry by clicking the New button.
  The Validation Operator should be set to Equals, and the Value should be set to Compliant (because the script returns either “Compliant” or “NOTCompliant”)
  

Sccm Rdp Login

Add this Configuration Item to a Baseline and assign it to a Collection.