How to get the IP Address of the Remote Desktop Client?

可紊 提交于 2019-12-14 03:46:29

问题


I'm trying to write a script to log the IP address of the Windows client from which the user initiated Remote Desktop to log in to the Windows Server. How to capture the IP address of the client in the Server?


回答1:


So, you ignore proxy...

  • using environment var: CLIENTNAME in domain you can resolve it back to IP

without domain controller:

  • using WMI script you can get to Event Log, source: Security, look for category Logon/Logoff where username = environment variable USERNAME



回答2:


If you want to use "pure" Powershell 2.0:

$Wtsapi32 = @'
using System;
using System.Text;
using System.Runtime.InteropServices;

namespace Wtsapi32 {

    public enum WTS_INFO_CLASS
    {
        WTSInitialProgram,
        WTSApplicationName,
        WTSWorkingDirectory,
        WTSOEMId,
        WTSSessionId,
        WTSUserName,
        WTSWinStationName,
        WTSDomainName,
        WTSConnectState,
        WTSClientBuildNumber,
        WTSClientName,
        WTSClientDirectory,
        WTSClientProductId,
        WTSClientHardwareId,
        WTSClientAddress,
        WTSClientDisplay,
        WTSClientProtocolType
    };  

    [StructLayout(LayoutKind.Sequential)]
    public struct WTS_CLIENT_ADDRESS
    {
        public uint AddressFamily;
        [MarshalAs(UnmanagedType.ByValArray, SizeConst = 20)]
        public byte[] Address;
    }

    public class PS {

        public const IntPtr WTS_CURRENT_SERVER_HANDLE = IntPtr.Zero;
        public const int WTS_CURRENT_SESSION = -1;

        [DllImport("wtsapi32.dll",  EntryPoint="WTSQuerySessionInformation")]
        public static extern bool WTSQuerySessionInformation(
            System.IntPtr hServer, 
            int sessionId, 
            WTS_INFO_CLASS wtsInfoClass, 
            out System.IntPtr ppBuffer, 
            out uint pBytesReturned);

        [DllImport("wtsapi32.dll",  EntryPoint="WTSFreeMemory")]
        public static extern void WTSFreeMemory(
            IntPtr memory);         
    }
}
'@

Add-Type -TypeDefinition $Wtsapi32



回答3:


If you are using PowerShell or a .NET language, the trunk version of the Cassia library supports this -- just grab the latest build from the build server (login as a guest and use the artifacts link). To print the remote addresses of all sessions on the local server, you might use something like the following:

ITerminalServicesManager manager = new TerminalServicesManager();
foreach (ITerminalServicesSession session in manager.GetLocalServer().GetSessions())
{
    IPEndPoint ipEndPoint = session.RemoteEndPoint as IPEndPoint;
    if (ipEndPoint != null)
    {
        Console.WriteLine(ipEndPoint.Address);
    }
}


来源:https://stackoverflow.com/questions/1510093/how-to-get-the-ip-address-of-the-remote-desktop-client

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!