scriptos/rdp-access-mailbenachrichtigung
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Umzug ins neue Repo

Browse Source
This commit is contained in:
scriptos
2023-11-06 19:42:58 +01:00
parent 993e5d51e9
commit e8289a2915
6 changed files with 299 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
local-version/Mailbenachrichtigung bei RDP Anmeldung (Local Version).xml Normal file
View File

Binary file not shown.

63
local-version/rdp-access-mail-notification.v3.local.ps1 Normal file
View File

@@ -0,0 +1,63 @@
# Konfigurationsparameter
$SMTPServer = "smtp.media-techport.int"
$FromName = "Media-Techport.DE | Notification Service"
$FromEmail = "noreply@media-techport.de"
$LogoURL = "https://assets.media-techport.de/logos/main/LogoSchwarz.png" # URL zum Logo
$ManualRecipient = "system@media-techport.de" # Manuell festgelegter E-Mail-Empfänger
# Funktion zum Senden von E-Mails
function Send-Email {
param(
[string]$To,
[string]$Subject,
[string]$HTMLBody
)
$emailMessage = @"
<!DOCTYPE html>
<html>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8'>
</head>
<body>
$HTMLBody
</body>
</html>
"@
Send-MailMessage -SmtpServer $SMTPServer -From "$FromName <$FromEmail>" -To $To -Subject $Subject -Body $emailMessage -BodyAsHtml -Encoding "UTF8"
}
# Parameter aus dem Ereignisprotokoll auslesen
$eventID = 1149 # Event ID für RDP-Anmeldungen
$eventLogName = "Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operational"
$latestEvent = Get-WinEvent -LogName $eventLogName -FilterXPath "<QueryList><Query Id='0' Path='$eventLogName'><Select Path='$eventLogName'>*[System[(EventID=$eventID)]]</Select></Query></QueryList>" | Select-Object -First 1
if ($latestEvent) {
$xml = [xml]$latestEvent.ToXml()
if ($xml.Event.UserData) {
$user = $xml.Event.UserData.EventXML.Param1
$domain = $xml.Event.UserData.EventXML.Param2
$clientIP = $xml.Event.UserData.EventXML.Param3
$eventTime = $latestEvent.TimeCreated
$computerName = $latestEvent.MachineName
$HTMLBody = @"
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<p><img src="$LogoURL" alt="" width="265" height="81" /></p>
<p><strong>Hallo Patrick Asmus,</strong></p>
<p>Es wurde eine Anmeldung per RDP auf der Windows Maschine <strong>$computerName</strong> registriert.<br /><br /><strong>Datum:</strong> $($eventTime.ToString('dd.MM.yyyy'))<br /><strong>Uhrzeit:</strong> $($eventTime.ToString('HH:mm:ss'))<br /><strong>Dom&auml;ne:</strong> $domain<br /><strong>Benutzer:</strong> $user<br /><strong>IP-Adresse des Clients:</strong> $clientIP</p>
</body>
</html>
"@
Send-Email -To $ManualRecipient -Subject "RDP-Anmeldung auf $computerName registriert" -HTMLBody $HTMLBody
}
}