Skip to content

Instantly share code, notes, and snippets.

@Dan1el42

Dan1el42/gist:ddd05775467c9ec16cfe

Created February 16, 2016 17:21
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save Dan1el42/ddd05775467c9ec16cfe to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save Dan1el42/ddd05775467c9ec16cfe to your computer and use it in GitHub Desktop.
Download ZIP
MS-RDG-Device-Redirection - Get decimal value for configuration
Raw
gistfile1.txt
# MS-RDG-Device-Redirection
# https://msdn.microsoft.com/en-us/library/cc243459.aspx
$ByteArray = [System.Array]::CreateInstance([byte], 32)
$ByteArray.Set(0, 1) # Drive redirection disabled
$ByteArray.Set(1, 1) # Printers redirection disabled
$ByteArray.Set(2, 1) # Serial ports redirection disabled
$ByteArray.Set(3, 1) # Clipboard redirection disabled
$ByteArray.Set(4, 0) # Plug and play devices redirection enabled
$ByteArray.Set(29, 0) # Device redirection is controlled by bits 0..4
$ByteArray.Set(30, 0) # Device redirection is controlled, first, by bit 29 and then by bits 0..4
Write-Output ([System.BitConverter]::ToInt32($ByteArray, 0))
@ImperatorRuscal
Copy link
Copy Markdown

ImperatorRuscal commented May 20, 2020
edited
Loading

You have a slight problem here in that you are working on a 32-byte array instead of a 32-bit one. You really want something more like this.

Note:: I'm forcing it to an unsigned 64 bit integer so you can drag the binary out of it if you wanted (and to avoid PS's propensity to take undeclared numeric types as doubles and give the output in scientific notation).

# MS-RDG-Device-Redirection
# https://msdn.microsoft.com/en-us/library/cc243459.aspx

$value = [uint64]87608012759367680   #  important, the base value for the RADIUS attribute (in decimal) if crafting a generic RADIUS type
$value = [uint64]0  #  if making a RADIUS attribute for NPS with the Microsoft Vendor selection
#$value += [uint64]([Math]::Pow(2,0))  # Drive redirection disabled
#$value += [uint64]([Math]::Pow(2,1))  # Printers redirection disabled
#$value += [uint64]([Math]::Pow(2,2))  # Serial ports redirection disabled
#$value += [uint64]([Math]::Pow(2,3))  # Clipboard redirection disabled
#$value += [uint64]([Math]::Pow(2,4))  # Plug and play devices redirection enabled
$value += [uint64]([Math]::Pow(2,29)) # Disable all device redirection
#$value += [uint64]([Math]::Pow(2,30)) # Enable all device redirection

Write-Output $value

Just uncomment the lines you want to activate in the policy. This will give you the proper decimal value (where setting per-byte won't)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment