Can I create a generalized vm image with RDP disabled

Question

How can we create windows VM image with RDP disabled for VMs created from that image? I want publish an RDP hardened image.

score 0 · Accepted Answer · answered Sep 15 '20 at 06:45

0

You can do this with a Custom Script Extension for Windows

Create a PowerShell scripts which disables RDP and reference it:

{
  "fileUris": ["https://mystorage.blob.core.windows.net/privatecontainer/script1.ps1"],
  "commandToExecute": "powershell.exe script1.ps1",
  "managedIdentity" : {}
}

Powershell script to disable RDP in registry:

Invoke-Command –Computername "customname" –ScriptBlock {Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 1}

answered Sep 15 '20 at 06:45

Markus Meyer

3,327
10
22
35

Great thanks for that. Can we not create a generalized image which has RDP already disabled? The prob is the I want to publish this image and my org can create VMs off it. They might necessarily run the script, so I want to create image which has the RDP disabled. – s-a-n Sep 15 '20 at 19:25

Can I create a generalized vm image with RDP disabled

1 Answers1