In my case, the logons I saved were all in connection group “profiles”, which were in a different section of the XML file. Set the CredentialData and EncryptionMethod properties to use the cert thumbprint: Find the certificate thumprint–I did this by looking it up in MMC but there are a bunch of ways to enumerate the certificate store and retrieve a thumbprint.Īfter that, it’s a quick change to the script:ġ. I had the same problem as you (my passwords are encrypted using a certificate). $logonCredentials = Select-XML -Xml $XML -XPath '//logonCredentials' $EncryptionSettings = New-Object -TypeName RdcMan.EncryptionSettings $RDGFile = "$env:USERPROFILE\Documents\RDPConnections.rdg"Ĭopy-Item $RDCMan "$TempLocation\RDCMan.dll" $RDCMan = "C:\Program Files (x86)\Microsoft\Remote Desktop Connection Manager\RDCMan.exe" Needless to say, I found the password I needed! If the credentials were added by another account or on another system, you will get a “Failed to decrypt” error as seen below, which is the same error you get if you try to copy the RDG file and open it on another computer or with another user profile. The passwords can only be decrypted with the user profile that added them to the RDG file, however, so they are still reasonably secure. Using a handy trick blogged by Thomas Prud’Homme, I decrypted all the credentials found in the RDG file. It’s just an XML file, so can be easily parsed with PowerShell. The credentials are stored in encrypted form in the RDG file you create for your RDP connections. Of course, it crossed my mind whether these credentials could be decrypted, and it turns out they can, quite easily, with a little PowerShell. Today I needed to find a password for a certain account I had used before (but had forgotten), and I remembered that I had stored the credentials in the Remote Desktop Connection Manager, Microsoft’s free RD tool.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |