This is a simple script to set the fDenyTSConnections registry value on a group of machines in a text file.  The text file was generated from a dump of machines in the computers container of the Active Directory domain I was operating in, therefore the need for the Split statement using a tab delimiter.


# Name:			setRDP.ps1
# Author:			Tom Determan
# Date:			09.10.2010
# Description:		Enables Terminal Services on Windows Machines

# servers.txt is an output from the AD Forest of machines.

$servers = Get-Content 'c:\Users\tdeterman\Scripts\servers.txt'

ForEach ($server in $servers)

	$line = @($server.Split("`t"))
	$MachineName = $line[0]
	$responses = Get-WMIObject -query "select StatusCode from Win32_PingStatus where Address = '$MachineName'"

	$response = $false

	# Parse through array of responses from Win32_PingStatus and check for any valid responses

	ForEach ($i in $responses) {

		if ($i.statuscode -eq 0) {

			$response = $true




	# If a response from ping succeeds then go ahead and set the registry key to enable remote desktop.

	if ($response) {

		# Attach to the remote registry

		$reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $MachineName)

		$regKey = $reg.OpenSubKey("SYSTEM\CurrentControlSet\Control\Terminal Server",$true)


 		write-host ("Enabling Terminal Services on: $MachineName")

		$curval = $regKey.GetValue('fDenyTSConnections')

		write-host ("Current Value: $curval")

		# Set Value to 0 to Enable TS Connections


		$newval = $regKey.GetValue('fDenyTSConnections')

		write-host ("New Value: $newval")

	} else {

		Write-host ("$MachineName does not response")