There was an issue where I needed to be able to ascertain whether or not a terminal server was listening for RDP and actually functioning properly. The main advice out there was to use portqry which simply told you whether or not the TCP port was listening or Telnet which wasn’t very clean or actually trying to connect with an RDP client. None of those were very good for my purposes, to script some tests to truly validate that RDP (and by extension the network between the test machine and the tested machine) was working.
As I searched I finally ran into rdp_sec_check on the Portcullis Labs website (http://labs.portcullis.co.uk/application/rdp-sec-check/) based on the MSFT RDP documentation (http://msdn.microsoft.com/en-us/library/cc240445.aspx) and after a few quick tests I realized it was what I needed for my testing, it just required a little tweaking to be a little more aligned with what I wanted and the goal was to tweak as little as possible for my needs.
The script is perl script which is popular in the Windows world but not so popular that I am guaranteed it is everywhere. Additionally, since the script depended on an additional module from CPAN to be loaded I decided to embed the perl script into an EXE with the CPAN module so it was a single simple EXE for folks to use. I expect that will greatly expand the number of admins who will be able to use it. If you like, since the original script was GPLv2, the source is included in the ZIP file so you can run the perl script directly if you prefer.
After I had finished my mods the Windows utility qwinst was brought to my attention by @ldap389. This is a good tool for checking the RDP service with considerably functionality but it requires perms to run against servers. This utility does not require any rights.
I want to say a HUGE THANKS to Mark Lowe and Portcullis Security (@portcullis) for making this available. Otherwise it would have required writing something based off of the RDP documentation mentioned above. After testing this and getting feedback, it is possible I may still do that and write the code in C++. Time will tell, if this serves the needs in a good enough fashion, I will leave it as is.
Finally, it should be obvious at this point, but this is not a normal joeware utility. I don’t usually do this but it was the most feasible solution at the moment and figured I would share once I saw the dearth of available tools for my Windows Admin friends. As such, this tool will look and "feel" different from my other tools. You will be fine. 🙂