Windows NT WIN-F6SLGVICLOP 10.0 build 17763 (Windows Server 2016) AMD64
Microsoft-IIS/10.0
Server IP : & Your IP : 18.224.64.24
Domains :
Cant Read [ /etc/named.conf ]
User : elibrary.unsap.ac.id
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Lock Shell
Lock File++
Readme
D: /
win-acme.v2.2.9.1701.x64.pluggable /
Scripts /
Delete
Unzip
Name
Size
Permission
Date
Action
EasyDNS.ps1
7.87
KB
-rw-rw-rw-
2024-05-22 04:53
ImportADFS.ps1
3.13
KB
-rw-rw-rw-
2024-05-22 04:53
ImportAzureADApplicationProxy.ps1
4.4
KB
-rw-rw-rw-
2024-05-22 04:53
ImportAzureApplicationGateway.ps1
6.06
KB
-rw-rw-rw-
2024-05-22 04:53
ImportExchange.ps1
6.34
KB
-rw-rw-rw-
2024-05-22 04:53
ImportExchange.v2.ps1
5.16
KB
-rw-rw-rw-
2024-05-22 04:53
ImportExchangeHybrid.ps1
6.09
KB
-rw-rw-rw-
2024-05-22 04:53
ImportJKS.ps1
1.39
KB
-rw-rw-rw-
2024-05-22 04:53
ImportKemp.ps1
2.59
KB
-rw-rw-rw-
2024-05-22 04:53
ImportNTDS.ps1
2.54
KB
-rw-rw-rw-
2024-05-22 04:53
ImportRDGateway.ps1
2.74
KB
-rw-rw-rw-
2024-05-22 04:53
ImportRDListener.ps1
2.86
KB
-rw-rw-rw-
2024-05-22 04:53
ImportRDS.ps1
2.27
KB
-rw-rw-rw-
2024-05-22 04:53
ImportRDSFull.ps1
8.23
KB
-rw-rw-rw-
2024-05-22 04:53
ImportSQL.ps1
2.19
KB
-rw-rw-rw-
2024-05-22 04:53
ImportSSTP.ps1
3.52
KB
-rw-rw-rw-
2024-05-22 04:53
ImportVRBCloudGateway.ps1
1.13
KB
-rw-rw-rw-
2024-05-22 04:53
ImportWinRM.ps1
2.86
KB
-rw-rw-rw-
2024-05-22 04:53
ImportWinRM.v2.ps1
2.04
KB
-rw-rw-rw-
2024-05-22 04:53
ImportWindowsAdminCenter.ps1
3.25
KB
-rw-rw-rw-
2024-05-22 04:53
PSRDSCerts.bat
364
B
-rwxrwxrwx
2024-05-22 04:53
PSScript.bat
406
B
-rwxrwxrwx
2024-05-22 04:53
microsoft-dns.ps1
443
B
-rw-rw-rw-
2024-05-22 04:53
Save
Rename
<# .SYNOPSIS Imports a cert from WACS renewal into the RD Gateway, RD Listener, RD WebAccess, RD Redirector and RD Connection Broker .DESCRIPTION Note that this script is intended to be run via the install script plugin from win-acme via the batch script wrapper. As such, we use positional parameters to avoid issues with using a dash in the cmd line. Proper information should be available here https://github.com/PKISharp/win-acme/wiki/Install-Script or more generally, here https://github.com/PKISharp/win-acme/wiki/Example-Scripts .PARAMETER NewCertThumbprint The exact thumbprint of the cert to be imported. The script will copy this cert to the Personal store if not already there. .PARAMETER RDCB This parameter specifies the Remote Desktop Connection Broker (RD Connection Broker) server for a Remote Desktop deployment. If you don't specify a value, the script uses the local computer's fully qualified domain name (FQDN). .PARAMETER OldCertThumbprint The exact thumbprint of the cert to be replaced. The script will delete this cert from the Personal store of the RD Connection Broker upon successful completion. If you don't specify this value and the RD Connection Broker is not the local machine, the replaced cert will remain in the store. .EXAMPLE ImportRDS.ps1 <certThumbprint> <ConnectionBroker.contoso.com> <oldCertThumbprint> .NOTES The private key of the letsencrypt certificate needs to be exportable. Set "PrivateKeyExportable" in settings.json to true. In order for this script to update the cert on a remote RD Connection Broker, PowerShell on the RD Connection Broker needs to be configured to receive remote commands and the scheduled task needs to be configured to run with highest privileges as a domain user who is an admin on both the machine running the update and the RD Connection Broker. #> param( [Parameter(Position=0,Mandatory=$true)] [string]$NewCertThumbprint, [Parameter(Position=1,Mandatory=$false)] [string]$RDCB, [Parameter(Position=3,Mandatory=$false)] [string]$OldCertThumbprint ) $LocalHost = (Get-WmiObject win32_computersystem).DNSHostName+"."+(Get-WmiObject win32_computersystem).Domain if (-not $PSBoundParameters.ContainsKey('RDCB')) {$RDCB = (Get-WmiObject win32_computersystem).DNSHostName+"."+(Get-WmiObject win32_computersystem).Domain} try { if ($RDCB -ne $LocalHost) {$RDCBPS = New-PSSession -ComputerName $RDCB} } catch { "Could not create remote PowerShell Session to Remote Desktop Connection Broker" "Error: $($Error[0])" return } try { if ($RDCB -ne $LocalHost) { try { Invoke-Command -Session $RDCBPS {Import-Module RemoteDesktopServices} } catch { "Could not load Remote Desktop Services module on $RDCB" "Error: $($Error[0])" return } } Import-Module RemoteDesktopServices } catch { "Could not load Remote Desktop Services module on $LocalHost" "Error: $($Error[0])" return } $CertInStore = Get-ChildItem -Path Cert:\LocalMachine\My -Recurse | Where-Object { $_.thumbprint -eq $NewCertThumbprint} | Sort-Object -Descending | Select-Object -f 1 if ($CertInStore) { try { Set-Item -Path RDS:\GatewayServer\SSLCertificate\Thumbprint -Value $CertInStore.Thumbprint -ErrorAction Stop Stop-Service TSGateway -Force -ErrorAction Stop $Retry = 0 do { Start-Sleep -Seconds $Retry Start-Service TSGateway -ErrorAction SilentlyContinue $TSGatewayService = Get-Service TSGateway $Retry++ } while ($TSGatewayService.Status -ne 'Running' -and $Retry -lt 5) Start-Service TSGateway -ErrorAction Stop "Cert thumbprint set to RD Gateway listener and service restarted" } catch { "Cert thumbprint was not set successfully to RD Gateway" "Error: $($Error[0])" return } try { wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="$($CertInStore.Thumbprint)" # This method might work, but wmi method is more reliable #Set-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name SSLCertificateSHA1Hash -Value $CertInStore.Thumbprint -ErrorAction Stop "Cert thumbprint set to RDP listener" } catch { "Cert thumbprint was not set successfully to RDP listener" "Error: $($Error[0])" return } try { Add-Type -AssemblyName 'System.Web' $tempPasswordPfx = [System.Web.Security.Membership]::GeneratePassword(10, 5) | ConvertTo-SecureString -Force -AsPlainText $tempPfxPath = New-TemporaryFile | Rename-Item -PassThru -NewName { $_.name -Replace '\.tmp$','.pfx' } (Export-PfxCertificate -Cert $CertInStore -FilePath $tempPfxPath -Force -NoProperties -Password $tempPasswordPfx) | out-null } catch { "Could not export temporary Certificate. RD Gateway, RD WebAccess, RD Redirector and RD Connection Broker certificates not set." "Error: $($Error[0])" return } try { # Configure RDPublishing Certificate for RDS Set-RDCertificate -Role RDPublishing ` -ImportPath $tempPfxPath ` -Password $tempPasswordPfx ` -ConnectionBroker $RDCB -Force "RDPublishing Certificate for RDS was set" } catch { "RDPublishing Certificate for RDS was not set" "Error: $($Error[0])" return } try { # Configure RDWebAccess Certificate for RDS Set-RDCertificate -Role RDWebAccess ` -ImportPath $tempPfxPath ` -Password $tempPasswordPfx ` -ConnectionBroker $RDCB -Force "RDWebAccess Certificate for RDS was set" } catch { "RDWebAccess Certificate for RDS was not set" "Error: $($Error[0])" return } try { # Configure RDRedirector Certificate for RDS Set-RDCertificate -Role RDRedirector ` -ImportPath $tempPfxPath ` -Password $tempPasswordPfx ` -ConnectionBroker $RDCB -force "RDRedirector Certificate for RDS was set" } catch { "RDRedirector Certificate for RDS was not set" "Error: $($Error[0])" return } try { # Configure Certificate that RDWebClient checks for # Warning: browser caching can keep the old Certificate for a long time! if ((Get-Command -Module RDWebClientManagement|Measure-Object).Count -eq 0) { "RDWebClient not installed, skipping" } else { Remove-RDWebClientBrokerCert Import-RDWebClientBrokerCert -Path $tempPfxPath -Password $tempPasswordPfx "RDWebClient Certificate for RDS was set" } } catch { "RDWebClient Certificate for RDS was not set" "Error: $($Error[0])" return } try { # Configure RDGateway Certificate for RDS Set-RDCertificate -Role RDGateway ` -ImportPath $tempPfxPath ` -Password $tempPasswordPfx ` -ConnectionBroker $RDCB -force $Retry = 0 do { Start-Sleep -Seconds $Retry Start-Service TSGateway -ErrorAction SilentlyContinue $TSGatewayService = Get-Service TSGateway $Retry++ } while ($TSGatewayService.Status -ne 'Running' -and $Retry -lt 5) Start-Service TSGateway -ErrorAction Stop "RDGateway Certificate for RDS was set" } catch { "RDGateway Certificate for RDS was not set" "Error: $($Error[0])" return } finally { "Cleaning up" Remove-Item -Path $tempPfxPath if ($RDCB -ne $LocalHost) { if ($PSBoundParameters.ContainsKey('OldCertThumbprint')) { $RemoteCert = Invoke-Command -Session $RDCBPS {Get-ChildItem -Path Cert:\LocalMachine\My -Recurse | Where-Object { $_.thumbprint -eq $Using:NewCertThumbprint}} if ($RemoteCert -and $RemoteCert.thumbprint -ne $OldCertThumbprint) { Invoke-Command -Session $RDCBPS {Get-ChildItem -Path Cert:\LocalMachine\My -Recurse | Where-Object { $_.thumbprint -eq $Using:OldCertThumbprint} | Remove-Item} } else { "Remote cert not changed, skipping deletion." } } Remove-PSSession $RDCBPS } } } else { "Cert thumbprint not found in the My cert store... have you specified --certificatestore My?" }