Powershell: how to add RDP thumbprint of remote computers? (workgroup network)

Lotfi BOUCHERIT 91 Reputation points
2021-02-16T15:05:43.33+00:00

Hello,
This is more about powershell scripting.
In a workgroup network, i want to remove the RDP connection warning by adding (by script) the Terminal Server thumbprint of computers in network to each computer concerned by RDP connections.
I tried to retrieve the Thumbprint of the computer, successfully, but inserting into other computers is always refused. 

$cert = Get-ChildItem -Path 'Cert:\LocalMachine\Remote Desktop'  
$hostname = hostname  
$thumbprint = $cert.Thumbprint  
  
$bytes = for($i = 0; $i -lt $cert.Thumbprint.Length; $i += 2) {  
 [convert]::ToByte($cert.Thumbprint.SubString($i, 2), 16)  
}  
  
  
$RegPath   = 'Cert:\CurrentUser' ### i don't find what to put here exactly to insert the thumbprint to HKCU\Software\Microsoft\Terminal Server CLient\Servers\ServerName\  
$AttrName  = "CertHash"

command not working68668-thumbprint.png

New-ItemProperty -Path $RegPath -Name $AttrName -PropertyType Binary -Value ([byte[]]$bytes)

I don't know, if anyone can help me write a working script??

Just for information, the above script, contains both parts, reading the thumbprint, and writing thumbprint. it should be in different scripts later, once working
Thank you

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,265 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
5,390 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,691 Reputation points Microsoft Vendor
    2021-02-17T05:10:24.523+00:00

    Hi,

    I am not a powershell specialist, with limited knowledge for powershell script.

    But from you description, I think what you need is to configure Remote Desktop listener certificate so that you can remove the RDP connection warning.

    If so, there are another two ways to achieve that. One is to use Windows Management Instrumentation (WMI) script and the other is to use registry editor.

    Please follow the detailed steps in below article:
    Remote Desktop listener certificate configurations
    https://learn.microsoft.com/en-us/troubleshoot/windows-server/remote/remote-desktop-listener-certificate-configurations

    Thanks,
    Eleven

    ----------

    If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.

    0 comments
  2. Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,691 Reputation points Microsoft Vendor
    2021-02-19T08:53:19.287+00:00

    Hi,

    If you would like to remove the RDP connection warning, you only need to configure Remote Desktop listener certificate on the Terminal servers, whether it is domain-joined environment or workgroup environment. There is no need to add the thumbprint to all the client computers.

    Thanks,

    Eleven

    If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.

    0 comments