Automating RDP connection using powershell script failed to bypass Legal Notice

$server = “ServerName”
$Cred1 = New-Object -TypeName pscredential -ArgumentList “UserName”,(ConvertTo-SecureString -String ‘password’ -AsPlainText -Force);

Function Connect-Mstsc {

[cmdletbinding(SupportsShouldProcess,DefaultParametersetName=‘UserPassword’)]
param (
[Parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0)]
[Alias(‘CN’)]
[string[]] $ComputerName,
[Parameter(ParameterSetName=‘UserPassword’,Mandatory=$true,Position=1)]
[Alias(‘U’)]
[string] $User,
[Parameter(ParameterSetName=‘UserPassword’,Mandatory=$true,Position=2)]
[Alias(‘P’)]
[string] $Password,
[Parameter(ParameterSetName=‘Credential’,Mandatory=$true,Position=1)]
[Alias(‘C’)]
[PSCredential] $Credential,
[Alias(‘A’)]
[switch] $Admin,
[Alias(‘MM’)]
[switch] $MultiMon,
[Alias(‘F’)]
[switch] $FullScreen,
[Alias(‘Pu’)]
[switch] $Public,
[Alias(‘W’)]
[int] $Width,
[Alias(‘H’)]
[int] $Height,
[Alias(‘WT’)]
[switch] $Wait
)

begin {
[string]$MstscArguments = ‘’
switch ($true) {
{$Admin} {$MstscArguments += '/admin '}
{$MultiMon} {$MstscArguments += '/multimon '}
{$FullScreen} {$MstscArguments += '/f '}
{$Public} {$MstscArguments += '/public '}
{$Width} {$MstscArguments += "/w:$Width "}
{$Height} {$MstscArguments += "/h:$Height "}
}

if ($Credential) {
$User = $Credential.UserName
$Password = $Credential.GetNetworkCredential().Password
}
}
process {
foreach ($Computer in $ComputerName) {
$ProcessInfo = New-Object System.Diagnostics.ProcessStartInfo
$Process = New-Object System.Diagnostics.Process

Remove the port number for CmdKey otherwise credentials are not entered correctly

if ($Computer.Contains(’:’)) {
$ComputerCmdkey = ($Computer -split ‘:’)[0]
} else {
$ComputerCmdkey = $Computer
}

$ProcessInfo.FileName = “$($env:SystemRoot)\system32\cmdkey.exe”
$ProcessInfo.Arguments = “/generic:TERMSRV/$ComputerCmdkey /user:$User /pass:$($Password)”
$ProcessInfo.WindowStyle = [System.Diagnostics.ProcessWindowStyle]::Hidden
$Process.StartInfo = $ProcessInfo
if ($PSCmdlet.ShouldProcess($ComputerCmdkey,‘Adding credentials to store’)) {
[void]$Process.Start()
}

$ProcessInfo.FileName = “$($env:SystemRoot)\system32\mstsc.exe”
$ProcessInfo.Arguments = “$MstscArguments /v $Computer”
$ProcessInfo.WindowStyle = [System.Diagnostics.ProcessWindowStyle]::Normal
$Process.StartInfo = $ProcessInfo
if ($PSCmdlet.ShouldProcess($Computer,‘Connecting mstsc’)) {
[void]$Process.Start()
if ($Wait) {
$null = $Process.WaitForExit()
}
}
}
}
}

connect-mstsc -ComputerName $server -Credential $Cred1 -ErrorAction stop

##below code is used to skip certificate warning###

[void][System.Reflection.Assembly]::LoadWithPartialName(‘System.Windows.Forms’)

Get the ID of the process

$WindowsHandle = Get-Process | Where-Object { $_.ProcessName -match ‘mstsc’ } | Select-Object -ExpandProperty Id

Activate the window

$wshell = New-Object -ComObject wscript.shell;
$wshell.AppActivate($WindowsHandle) | Out-Null

##Below code needs to modified to click ok button legal notice banner

function Click-MouseButton
{
$signature=@’
[DllImport(“user32.dll”,CharSet=CharSet.Auto, CallingConvention=CallingConvention.StdCall)]
public static extern void mouse_event(long dwFlags, long dx, long dy, long cButtons, long dwExtraInfo);
'@

$SendMouseClick = Add-Type -memberDefinition $signature -name “Win32MouseEventNew” -namespace Win32Functions -passThru

$SendMouseClick::mouse_event(0x00000002, 0, 0, 0, 0);
$SendMouseClick::mouse_event(0x00000004, 0, 0, 0, 0);
}

[system.Reflection.Assembly]::LoadWithPartialName("") | out-null

Set the exactly position of cursor in some iexplore hyperlink between the (open parenthesis) below:

[System.Windows.Forms.Cursor]::Position = New-Object System.Drawing.Point(790,675)
Click-MouseButton

 

Experts someone help me to modify script as the above script bypass legal notice screen during RDP connection but fails to click OK button,Any help much appreciated

 

 

 

Vignesh, welcome to Powershell.org. Please take a moment and read the very first post on top of the list of this forum: Read Me Before Posting! You’ll be Glad You Did!.

Next you should do is go back and fix your post by formatting your code as code using the code tags “PRE”. You should fomrat error messages or sample data or console output as code as well, please. Thanks in advance.

You should ask a clear question and explain what is not working for you.

I played with it for a while. Doing it from powershell is limiting your options. I tried it in C# but it seems the prompt for the banner makes the process think it failed to launch? Not sure but it seems flaky. If you are automating the dismissal of this, why not just remove the banner from the particular users/computers? You can selectively pick which machines get the banner. I’d imagine you could get the same thing for users with loopback processing.

$server = “ServerName”
$Cred1 = New-Object -TypeName pscredential -ArgumentList “UserName”,(ConvertTo-SecureString -String ‘password’ -AsPlainText -Force);


Function Connect-Mstsc {


[cmdletbinding(SupportsShouldProcess,DefaultParametersetName=’UserPassword’)]
param (
[Parameter(Mandatory=$true,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true,
Position=0)]
[Alias(‘CN’)]
[string[]] $ComputerName,
[Parameter(ParameterSetName=’UserPassword’,Mandatory=$true,Position=1)]
[Alias(‘U’)]
[string] $User,
[Parameter(ParameterSetName=’UserPassword’,Mandatory=$true,Position=2)]
[Alias(‘P’)]
[string] $Password,
[Parameter(ParameterSetName=’Credential’,Mandatory=$true,Position=1)]
[Alias(‘C’)]
[PSCredential] $Credential,
[Alias(‘A’)]
[switch] $Admin,
[Alias(‘MM’)]
[switch] $MultiMon,
[Alias(‘F’)]
[switch] $FullScreen,
[Alias(‘Pu’)]
[switch] $Public,
[Alias(‘W’)]
[int] $Width,
[Alias(‘H’)]
[int] $Height,
[Alias(‘WT’)]
[switch] $Wait
)


begin {
[string]$MstscArguments = ”
switch ($true) {
{$Admin} {$MstscArguments += ‘/admin ‘}
{$MultiMon} {$MstscArguments += ‘/multimon ‘}
{$FullScreen} {$MstscArguments += ‘/f ‘}
{$Public} {$MstscArguments += ‘/public ‘}
{$Width} {$MstscArguments += “/w:$Width “}
{$Height} {$MstscArguments += “/h:$Height “}
}


if ($Credential) {
$User = $Credential.UserName
$Password = $Credential.GetNetworkCredential().Password
}
}
process {
foreach ($Computer in $ComputerName) {
$ProcessInfo = New-Object System.Diagnostics.ProcessStartInfo
$Process = New-Object System.Diagnostics.Process

# Remove the port number for CmdKey otherwise credentials are not entered correctly
if ($Computer.Contains(‘:’)) {
$ComputerCmdkey = ($Computer -split ‘:’)[0]
} else {
$ComputerCmdkey = $Computer
}


$ProcessInfo.FileName = “$($env:SystemRoot)\system32\cmdkey.exe”
$ProcessInfo.Arguments = “/generic:TERMSRV/$ComputerCmdkey /user:$User /pass:$($Password)”
$ProcessInfo.WindowStyle = [System.Diagnostics.ProcessWindowStyle]::Hidden
$Process.StartInfo = $ProcessInfo
if ($PSCmdlet.ShouldProcess($ComputerCmdkey,’Adding credentials to store’)) {
[void]$Process.Start()
}


$ProcessInfo.FileName = “$($env:SystemRoot)\system32\mstsc.exe”
$ProcessInfo.Arguments = “$MstscArguments /v $Computer”
$ProcessInfo.WindowStyle = [System.Diagnostics.ProcessWindowStyle]::Normal
$Process.StartInfo = $ProcessInfo
if ($PSCmdlet.ShouldProcess($Computer,’Connecting mstsc’)) {
[void]$Process.Start()
if ($Wait) {
$null = $Process.WaitForExit()
}
}
}
}
}


connect-mstsc -ComputerName $server -Credential $Cred1 -ErrorAction stop


##below code is used to skip certificate warning###


[void][System.Reflection.Assembly]::LoadWithPartialName(‘System.Windows.Forms’)
# Get the ID of the process
$WindowsHandle = Get-Process | Where-Object { $_.ProcessName -match ‘mstsc’ } | Select-Object -ExpandProperty Id
# Activate the window
$wshell = New-Object -ComObject wscript.shell;
$wshell.AppActivate($WindowsHandle) | Out-Null


[System.Windows.Forms.SendKeys]::SendWait(“{TAB}”)
[System.Windows.Forms.SendKeys]::SendWait(“{TAB}”)
[System.Windows.Forms.SendKeys]::SendWait(“{TAB}”)
[System.Windows.Forms.SendKeys]::SendWait(“{ENTER}”)


##Below code needs to modified to click ok button legal notice banner


function Click-MouseButton
{
$signature=@’
[DllImport(“user32.dll”,CharSet=CharSet.Auto, CallingConvention=CallingConvention.StdCall)]
public static extern void mouse_event(long dwFlags, long dx, long dy, long cButtons, long dwExtraInfo);
‘@


$SendMouseClick = Add-Type -memberDefinition $signature -name “Win32MouseEventNew” -namespace Win32Functions -passThru


$SendMouseClick::mouse_event(0x00000002, 0, 0, 0, 0);
$SendMouseClick::mouse_event(0x00000004, 0, 0, 0, 0);
}


[system.Reflection.Assembly]::LoadWithPartialName("Remote Desktop Connection") | out-null


# Set the exactly position of cursor in some iexplore hyperlink between the (open parenthesis) below:
[System.Windows.Forms.Cursor]::Position
 = New-Object System.Drawing.Point(790,675)
Click-MouseButton

@Olaf thanks… i have formatted my code now as said and sample output is actually am not getting any errors or screens the script works fine but failed to perform Click Ok button button using fucntion.

@Dough Maurer

Thanks for your response i have multiple machines to automate this stuff this banner seems to be hard coded server level which means while deploying images…so am not able to skip this on machine level

If I’m not wrong Bill Steward already answered this question …

https://social.technet.microsoft.com/Forums/en-US/f8c3eee5-8b16-4867-ab59-b26249856932/fails-to-click-ok-button-shown-by-legal-notice-screen-during-rdp-automation?forum=ITCG

… if he doesn’t know a way I do not either, sorry.

The logon banner can be configured via group policy, so whatever setting the server has can be overridden. Like I said I used vb, C#, and powershell with space, timeout, launching the rdp through each and then using send or sendkeys. Seems only sendwait() was allowed at least in the ISE. None of them worked despite the RDP being front, center, and selected and a simple enter or spacebar dismisses it fine. Again, if the banner is being automatically dismissed, then it really isn’t serving a purpose. For those machines you could consider creating a group policy to remove the banner. I’m not sure your familiarity with GPO. You can set up against an OU, group, specific AD object, or you could simply use WMI filtering to apply only to the machines you want.

https://www.prajwaldesai.com/how-to-configure-legal-notices-on-domain-computers-using-group-policy/

If GPO is not an option for whatever reason, it can also be set via registry.

https://answers.microsoft.com/en-us/windows/forum/windows_7-security/configure-a-logon-banner/4e2fda8d-9522-42bf-a272-3be5d55d7565

By the way that’s a nice script. Did you write it?