Set-WmiInstance -Path $path -argument the certificate must be in the 'Personal' Certificate Store for the Computer account. Or if PowerShell is your thing, you can use this instead: $path = (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'")._path Now that you have the thumbprint value, here's a one-liner you can use to set the value using wmic: wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="THUMBPRINT" It should look something like this: 1ea1fd5b25b8c327be2c4e4852263efdb4d16af4. This is the value you need to set in WMI.You'll also want to watch out for and remove a non-ascii character that sometimes gets copied just before the first character in the string. Remove all the spaces from the string.Scroll down to the Thumbprint field and copy the space delimited hex string into something like Notepad.Open the properties dialog for your certificate and select the Details tab.Swmi -path $tsgs._path -argument order to get the thumbprint value ![]() You will get a popup to confirm that you want to enable Remote desktop. Click the slider button to enable remote desktop. ![]() Under related settings click on Remote desktop. $thumb = (gci -path cert:/LocalMachine/My | select -first 1).Thumbprint Enable Remote Desktop Right click the start menu and select system. Prerequisites There are only two necessary steps before we embark on installing RDS. In this article, we dive into how to install these services in a domain environment that requires two servers. # grab the thumbprint of the first SSL cert in the computer store Installing Remote Desktop Services (RDS) on Windows Server 2019 appears to take many steps, but in reality is quite easy. $tsgs = gwmi -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'" I've left my original answer intact below this for reference. ![]() If your system has multiple certs, you should add a -Filter option to the gci command to make sure you reference the correct cert. UPDATE: Here's a generalized Powershell solution that grabs and sets the thumbprint of the first SSL cert in the computer's personal store. The configured certificate for a given connection is referenced by the Thumbprint value of that certificate on a property called SSLCertificateSHA1Hash. If you want to use the Remote Desktop feature without opening the Windows Settings panel, then you can enable Remote Desktop using Command Prompt or Windows PowerShell. It turns out that much of the configuration data for RDSH is stored in the Win32_TSGeneralSetting class in WMI in the root\cimv2\TerminalServices namespace.
0 Comments
Leave a Reply. |