Public/Get-CitrixSessionEncryptionLevel.ps1
|
<#
.SYNOPSIS Retrieves the encryption level for a user's session on a specified computer. .DESCRIPTION This function fetches the encryption level of a session based on the user and computer specified, supporting both Windows Server and Windows Client operating systems. .PARAMETER Computer The name of the computer where the session is located. .PARAMETER User The username of the session to query. .EXAMPLE Get-CitrixSessionEncryptionLevel -Computer "Server01" -User "jdoe" Retrieves the encryption level for user 'jdoe' on 'Server01'. .EXAMPLE Get-CitrixSessionEncryptionLevel -Computer "Win10Client" -User "jdoe" Retrieves the encryption level for user 'jdoe' on 'Win10Client'. .NOTES Requires administrative privileges on the remote computer. #> Function Get-CitrixSessionEncryptionLevel { [CmdletBinding()] Param( [Parameter(Mandatory = $true, ValueFromPipeline = $true)] [string]$Computer, [Parameter(Mandatory = $true, ValueFromPipeline = $true)] [string]$User ) Process { Try { # Determine the OS type of the specified computer #$osInfo = Get-WmiObject -Class Win32_OperatingSystem -ComputerName $Computer #$isServer = $osInfo.ProductType -ne 1 # ProductType != 1 means it's a server $quserResult = (quser $User /server:$Computer) -replace '\s{2,}', ',' | ConvertFrom-Csv $sessionId = if ($quserResult.id -match "Disc") { $quserResult.SESSIONNAME } else { $quserResult.ID } $regPath = "SOFTWARE\Citrix\Ica\Session\$sessionId\Connection" $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('LocalMachine', $Computer) $regKey = $reg.OpenSubKey($regPath) $encryptionValue = $regKey.GetValue("EncryptionLevel") $encryptionLevel = switch ($encryptionValue) { "40" { "RC5 (128 bit) Encryption" } "30" { "RC5 (56 bit) Encryption" } "20" { "RC5 (40 bit) Encryption" } "10" { "RC5 (128 bit) login only" } "1" { "Basic" } "0" { "None (Disconnected)" } default { "N/A (Disconnected)" } } Write-Output "$encryptionLevel" } Catch { Write-Error "Error querying the sessions from $Computer : $_" } } } |