-
Notifications
You must be signed in to change notification settings - Fork 0
/
CitrixUserinfo.ps1
239 lines (197 loc) · 15.3 KB
/
CitrixUserinfo.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
<#
Collecting and logging some information about the user and his session...
Many parts of the script are stolen/learned from some great powershell guys:
https://twitter.com/mohrpheus78
https://twitter.com/NickInformation
https://twitter.com/guyrleech
and many, many more...
Thanks!
Author: Thorsten Enderlein
https://github.com/endoleg and https://twitter.com/endi24
#>
Start-Transcript -Path "$env:USERPROFILE\Userinfo.log"
write-verbose -message "----------------------------------------------------------------" -verbose
$CitrixSessionID = Get-ChildItem -Path "HKCU:\Volatile Environment" -Name
write-verbose -message "---------- CitrixSessionID: $CitrixSessionID ----------" -verbose
$CitrixClientName = Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_Client_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Name
write-verbose -message "--------- User Clientname: $CitrixClientName - Citrix-HDX/ICA-Connections - not for RDP! ----------" -verbose
$CitrixClientIP = Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_Client_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Address
write-verbose -message "---------- CitrixClientIP: $CitrixClientIP ----------" -verbose
$HDXProtocol = Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_Network_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Component_Protocol
write-verbose -message "---------- HDXProtocol: $HDXProtocol ----------" -verbose
$MTUSize=(ctxsession -v | findstr "EDT MTU:" | select -Last 1).split(":")[1].trimstart()
write-verbose -message "---------- EDT MTU Size from ctxsession.exe: $MTUSize ----------" -verbose
$Latency=(ctxsession -v | findstr "AverageLatency") #| select -Last 1).split(":")[1].trimstart()
write-verbose -message "---------- ICA-Latency (time from keystroke or mouse click to when it is processed on the (session) host) - from ctxsession.exe: $Latency ----------" -verbose
$RTT=(ctxsession -v | findstr "RTT") #| select -Last 1).split(":")[1].trimstart()
write-verbose -message "---------- EDT RTT Round Trip Time (elapsed time for response - lower is better) - from ctxsession.exe: $RTT ----------" -verbose
$EDTBandwidth_bps = Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_Network_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Component_EDTBandwidth_bps
$EDTBandwidth_bps1 = [math]::Round($EDTBandwidth_bps / 1000000)
write-verbose -message "---------- EDT Bandwidth: $EDTBandwidth_bps bps = $EDTBandwidth_bps1 Mbps ----------" -verbose
$EDTRoundTripTime_usec = Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_Network_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Component_EDTRoundTripTime_usec
$EDTRoundTripTime_usec1 = [math]::Round($EDTRoundTripTime_usec / 1000)
write-verbose -message "---------- EDT RoundTripTime (elapsed time for response - lower is better): $EDTRoundTripTime_usec usec = $EDTRoundTripTime_usec1 ms ----------" -verbose
#write-verbose -message "---------- Sessioninfo: (Registry Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Ica\Session\$CitrixSessionID\Connection) ----------" -verbose
$Clientversion=(Get-ItemProperty "Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Ica\Session\$CitrixSessionID\Connection" -name ClientVersion)
$ClientversionSession=$Clientversion.ClientVersion
write-verbose -message "---------- Workspace App ClientVersion: $ClientversionSession ----------" -verbose
$PublishedName=(Get-ItemProperty "Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Ica\Session\$CitrixSessionID\Connection" -name PublishedName)
$PublishedNameSession=$PublishedName.PublishedName
write-verbose -message "---------- Started Desktop/App: $PublishedNameSession ----------" -verbose
$HRES=(Get-ItemProperty "Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Ica\Session\$CitrixSessionID\Connection" -name HRES)
$HRES=$HRES.HRES
write-verbose -message "---------- HRES: $HRES ----------" -verbose
$VRES=(Get-ItemProperty "Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Ica\Session\$CitrixSessionID\Connection" -name VRES)
$VRES=$VRES.VRES
write-verbose -message "---------- VRES: $VRES ----------" -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "------ Reg HKCU\Control Panel\Desktop Logpixel ------------" -verbose
$exists= Get-ItemProperty -Path 'HKCU:\Control Panel\Desktop' | Select-Object -ExpandProperty 'LogPixels' -ErrorAction SilentlyContinue
if (($exists -eq $null) -or ($exists.Length -eq 0))
{ write-verbose -message "---------- LogPixels does not exist (false) - STD = 100% ----------" -verbose
}else{write-verbose -message "---------- LogPixels exists (true) - Logpixel = $exists ----------" -verbose}
write-verbose -message @"
Translation:
96 = 100% DPI
120 = 125%
144 = 150%
192 = 200%
240 = 250%
288 = 300%" -Verbose
"@ -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
$ProfileSize = "{0:N2} GB" -f ((Get-ChildItem $ENV:USERPROFILE -Force -Recurse -EA SilentlyContinue | measure Length -s).Sum /1GB)
write-verbose -message "---------- Profile local $ENV:USERPROFILE - Size: $ProfileSize ----------" -verbose
$Zaehler1= Get-ChildItem $ENV:USERPROFILE -Force -Recurse -EA SilentlyContinue; $Zaehler2=$Zaehler1.count
write-verbose -message "---------- Profil local $ENV:USERPROFILE - Anzahl Dateien: $Zaehler2 ----------" -verbose
##########################################
# Variables $DOMAIN and $Profilepath #
##########################################
$DOMAIN="XYZ"
$Profilepath="\\$DOMAIN\share\ProfileCVAD"
$ProfileSizeServer = "{0:N2} GB" -f ((Get-ChildItem $Profilepath\$env:USERNAME -Force -Recurse -EA SilentlyContinue | measure Length -s).Sum /1GB)
write-verbose -message "---------- Profile Server $Profilepath\$env:USERNAME - size - $ProfileSizeServer----------" -verbose
$Zaehler1= Get-ChildItem $Profilepath\$env:USERNAME -Force -Recurse -EA SilentlyContinue; $Zaehler2=$Zaehler1.count
write-verbose -message "---------- Profile Server $Profilepath\$env:USERNAME - files: $Zaehler2 ----------" -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
$Policy_SessionReliabilityTimeout= Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_Network_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Policy_SessionReliabilityTimeout
write-verbose -message "---------- Policy_SessionReliabilityTimeout: $Policy_SessionReliabilityTimeout ----------" -verbose
$HDXCodec = Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_VirtualChannel_Thinwire_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Component_VideoCodecUse
write-verbose -message "---------- HDX Video Codec: $HDXCodec ----------" -verbose
$HDXCodecType = Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_VirtualChannel_Thinwire_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Component_Monitor_VideoCodecTypeCurrent
write-verbose -message "---------- HDX Video Codec Type: $HDXCodecType ----------" -verbose
$VisualLosslessCompression = Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_VirtualChannel_Thinwire_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Policy_AllowVisuallyLosslessCompression
write-verbose -message "---------- Policy VisualLosslessCompression: $VisualLosslessCompression ----------" -verbose
$VisualQuality = Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_VirtualChannel_Thinwire_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Policy_VisualQuality
write-verbose -message "---------- Policy VisualQuality: $VisualQuality ----------" -verbose
$FramesPerSecond = Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_VirtualChannel_Thinwire_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Policy_FramesPerSecond
write-verbose -message "---------- Policy FramesPerSecond: $FramesPerSecond ----------" -verbose
$HDXColorspace = Get-WmiObject -Namespace root\citrix\hdx -Class Citrix_VirtualChannel_Thinwire_Enum | Where-Object {$_.SessionID -eq $CitrixSessionID} | Select-Object -ExpandProperty Component_VideoCodecColorspace
write-verbose -message "---------- HDXColorspace (H264 = Yuv420): $HDXColorspace ----------" -verbose
$WEM = (Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Where-Object {$_.DisplayName -like "*Citrix Workspace Environment*"}).DisplayVersion | Select-Object -Last 1
write-verbose -message "---------- WEM-Version: $WEM ----------" -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
start-sleep 1
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "---------- Sessioninfo: PublishedName, HRes, Vres, ClientVersion, Clienttype, Sessionstate, ClientName, ClientIP, Username ----------" -verbose
Get-ItemProperty "Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Ica\Session\$CitrixSessionID\Connection"
write-verbose -message "---------- Sessioninfo wmic: hdx path citrix_virtualchannel_thinwire ----------" -verbose
wmic /namespace:\\root\citrix\hdx path citrix_virtualchannel_thinwire get /value
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "---------- User Shell Folders ----------" -verbose
write-verbose -message "---------- Quelle: HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders ----------" -verbose
Get-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders"
write-verbose -message "---------- Mapped Drives ----------" -verbose
$drives = Get-WmiObject -Class Win32_MappedLogicalDisk | select @{Name="Drive";Expression={$_.Name}}, @{Name="UNC Share";Expression={$_.ProviderName}}
if ($drives -ne $null) {Write-Output $drives | ft -AutoSize}
if ($drives -eq $null) {write-verbose -message "No mapped drives present in this user's session." -verbose}
foreach($item in $drives){
$drive= $item.drive
$item = $item.'UNC Share'.Split('\')
if($item[4] -ne $null){
$share= "\\$($item[2])"+ "\$($item[3])" + "\$($item[4])"
Write-host "$($drive)"(Get-DfsnFolderTarget $share).TargetPath
"-----------------------------------"
}
}
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
Write-verbose -message "" -verbose
write-verbose -message "---------- Write username to HKCU ------------" -verbose
REG ADD "HKCU" /v "Username" /d "$env:username" /t REG_SZ /f
Write-verbose -message "" -verbose
write-verbose -message "---------- Username to SID umwandeln ----------" -verbose
$USERNAME = $env:UserName
$objUser = New-Object System.Security.Principal.NTAccount($DOMAIN, $USERNAME)
$strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier])
write-verbose -message "---------- Username $DOMAIN\$env:UserName has SID ----------" -verbose
$strSID.Value
Write-verbose -message "" -verbose
write-verbose -message "---------- Write UserSID $strSID to HKCU ------------" -verbose
REG ADD "HKCU" /v "UserSID" /d "$strSID" /t REG_SZ /f
Write-verbose -message "" -verbose
$Vollername = (Get-ADUser -Identity $env:UserName -Properties DisplayName).DisplayName
write-verbose -message "---------- Write Name $Vollername to HKCU ------------" -verbose
REG ADD "HKCU" /v "Name" /d "$Vollername" /t REG_SZ /f
Write-verbose -message "" -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "---------- redirections ----------" -verbose
Function Get-RegistryKeyPropertiesAndValues
{
<#
This function is used here to retrieve registry values while omitting the PS properties
Example: Get-RegistryKeyPropertiesAndValues -path 'HKCU:\Volatile Environment'
Origin: Http://www.ScriptingGuys.com/blog
Via: http://stackoverflow.com/questions/13350577/can-powershell-get-childproperty-get-a-list-of-real-registry-keys-like-reg-query
#>
Param(
[Parameter(Mandatory=$true)]
[string]$path
)
Push-Location
Set-Location -Path $path
Get-Item . |
Select-Object -ExpandProperty property |
ForEach-Object {
New-Object psobject -Property @{"Folder"=$_;
"RedirectedLocation" = (Get-ItemProperty -Path . -Name $_).$_}}
Pop-Location
}
# Get the user profile path, while escaping special characters because we are going to use the -match operator on it
$Profilepath = [regex]::Escape($env:USERPROFILE)
# List all folders
$RedirectedFolders = Get-RegistryKeyPropertiesAndValues -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" | Where-Object {$_.RedirectedLocation -notmatch "$Profilepath"}
if ($RedirectedFolders -eq $null) {
Write-Output "No folders are redirected for this user"
} else {
$RedirectedFolders | format-list *
}
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "----------------------------------------------------------------" -verbose
write-verbose -message "---------- GPresult /v -----------" -verbose
GPRESULT.exe /v
start-sleep 1
write-verbose -message "---------- Citrix SessionID ----------" -verbose
$CitrixSessionID = Get-ChildItem -Path "HKCU:\Volatile Environment" –Name
$CitrixSessionID
#New-ItemProperty -Path $RegistryPath -Name "Citrix SessionID" -Value $CitrixSessionID -Force
start-sleep 2
write-verbose -message "---------- Logon phase timings --------------------------------" -verbose
$Sessionkey=gcim -Namespace root/citrix/hdx -ClassName Citrix_Sessions -Filter "SessionId = $CitrixSessionID " | select -ExpandProperty Sessionkey
write-verbose -message "---------- CitrixSessionID: $Sessionkey" -Verbose
$gcim= gcim -Namespace root/citrix/Profiles/Metrics -ClassName LogonTimings -Filter "SessionId = '$Sessionkey'"
$gcim
start-sleep 3
$gcimstart = $gcim.UPMStart
$gcimend = $gcim.DesktopReady
$timespan= New-TimeSpan -Start $gcimstart -End $gcimend
write-verbose -message "---------------- Seconds between UPMStart and DesktopReady: $($timespan.Seconds) ------------------------------------------------" -verbose
write-verbose -message "---------- Citrix-Policies ----------" -verbose
start-sleep 3
Get-ItemProperty HKLM:\SOFTWARE\Policies\Citrix\$CitrixSessionID\User\*
Stop-Transcript