Remote Desktop Connection is also Known by several names formerly Microsoft Terminal Services Client, mstsc, Remote Desktop, or tsclient. In IT terms we used to call Remote Desktop or RDP. It is one of the components of Microsoft windows that allow a user to take control of a remote computer or virtual machine over a network connection. To access Remote connection both the devices should be connected to the same network or to the internet. Once the connection is established the users can now access and take control of the other system. You can have unrestricted control over the Mouse, Keyboard, or basically the entire computer. Mostly Remote Desktop is used by IT professionals, Customer support representatives, Managed service providers, or MSPs. In most of the Corporate companies Users use RDP to access the client machines to work remotely. As I mentioned above Remote Desktop is installed and enabled by default in windows machines. If you are still searching for a way to enable Remote Desktop connection, this article will guide you to achieve this.
Table of Contents
Follow the below-mentioned methods to enable Remote Desktop connection.
- Enable Remote Desktop connection using Windows Settings
- Enable Remote Desktop connection using System properties
- Enable Remote Desktop connection using Command Prompt
- Enable Remote Desktop connection using PowerShell
This article will guide you to Enable Remote Desktop connection using several methods.
1.Enable RDP using Windows Settings
Open Windows Settings by pressing windows + I and Click on System.
From the Right-hand pane click on Remote Desktop.
From the Left-hand pane Click the toggle Enable Remote Desktop
Click on the confirm when Prompted.
2.Enable RDP using System properties
Open run command by pressing Windows + R and type control and hit enter, this command will open the control panel. Set the View by to Large icons Search for System and click on it.
From the Right-hand pane choose Remote Settings.
Click the Remote tab and select Allow remote connections to this computer.
Keep the box checked for Network Level Authentication for better security. Also, note that you will need to enable incoming remote connections on the PC you’re connecting.
3.Enable Remote Desktop connection using Command Prompt
Note: Modifying the Registry is risky, and it cause irreversible damage to your OS Installation Follow the steps correctly. Friendly advice Before Modifying Registry Creating Restore Point is recommended.
Open Run command with Admin Privileges. Search for command prompt in Cortana search right click on command prompt and choose run as admin.
Now type the following command and hit enter
reg add “HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f
fDenyTSConnections specifies whether Remote Desktop connections are enabled.
By default, this value will be set to 1, once you execute this command will change the value to 0.
Next, execute the following command to allow RDP in the firewall.
netsh advfirewall firewall set rule group=”remote desktop” new enable=yes
This command will update the firewall rules and now you can start using Remote Desktop connection.
4.Enable Remote Desktop connection using PowerShell
Note: Modifying the Registry is risky, and it cause irreversible damage to your OS Installation Follow the steps correctly. Friendly advice Before Modifying Registry Creating Restore Point is recommended.
Open Windows PowerShell in admin mode, search for PowerShell in Cortana search, right-click and choose run as admin.
Now enter the following command and hit enter.
Set-ItemProperty -Path ‘HKLM:\System\CurrentControlSet\Control\Terminal Server’-name “fDenyTSConnections” -Value 0
fDenyTSConnections specifies whether Remote Desktop connections are enabled.
By default, this value will be set to 1, once you execute this command will change the value to 0.
Next execute the following command to allow RDP in firewall.
Enable-NetFirewallRule -DisplayGroup “Remote Desktop”
This command will update the firewall rules and now you can start using Remote Desktop connection.
By default on a Windows Server Product Windows Remote Management [WinRM] is enabled, but Remote Desktop [RDP] is Disabled. On workstation operating systems neither is enabled by default, so if you want to be able to accomplish the following you will need to enable WinRM on the workstations.
Enabling RDP remotely.
Method 1: Command Line
To enable RDP with the Command Prompt, use the following steps.
- Launch the Command Prompt as Administrator.
- Type the following command:
Reg add “\\computername\HKLM\SYSTEM\CurentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f
Reg add “\\computername\HKLM\SYSTEM\CurentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f |
Note: Computername is the name of the computer you wish to enable RDP on.
NOTE: Enabling RDP through the Command Prompt will not configure the Windows Firewall with the appropriate ports to allow RDP connections.
NOTE: By default the local Administrators group will be allowed to connect with RDP. Also the user that is currently logged in will also be allowed to connect.
To disable RDP with the Command Prompt, use the following steps.
- Launch the Command Prompt as Administrator.
- Type the following command:
Reg add “\\computername\HKLM \SYSTEM\CurentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 1 /f
Reg add “\\computername\HKLM \SYSTEM\CurentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 1 /f |
Method 2: Using PowerShell
To enable RDP with the PowerShell, use the following steps.
Option 1
To enable RDP:
- Launch PowerShell as Administrator.
- Type the following command and create a script block and use the Invoke-Command cmdlet:
Invoke-Command –Computername “server1”, “Server2” –ScriptBlock {Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 0}
Invoke-Command –Computername “server1”, “Server2” –ScriptBlock {Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 0} |
NOTE: Enabling RDP through PowerShell will not configure the Windows Firewall with the appropriate ports to allow RDP connections.
Type the following:
Invoke-Command –Computername “server1”, “Server2” –ScriptBlock {Enable-NetFirewallRule -DisplayGroup "Remote Desktop"}
Invoke-Command –Computername “server1”, “Server2” –ScriptBlock {Enable-NetFirewallRule -DisplayGroup "Remote Desktop"} |
NOTE: By default the local Administrators group will be allowed to connect with RDP. Also the user that is currently logged in will also be allowed to connect.
To disable RDP with the PowerShell, use the following steps.
- Launch PowerShell as Administrator.
- Type the following command:
Invoke-Command –Computername “server1”, “Server2” –ScriptBlock {Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 1}
Invoke-Command –Computername “server1”, “Server2” –ScriptBlock {Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 1} |
Option 2
To enable RDP RDP with the PowerShell, use the following steps.
- Launch PowerShell as Administrator.
- Create a PS Session with the desired target computer.
- Type the following command once possession is established:
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 0
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 0 |
NOTE: Enabling RDP through PowerShell will not configure the Windows Firewall with the appropriate ports to allow RDP connections.
Type the following:
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
Enable-NetFirewallRule -DisplayGroup "Remote Desktop" |
NOTE: By default the local Administrators group will be allowed to connect with RDP. Also the user that is currently logged in will also be allowed to connect.
To disable RDP RDP with the PowerShell, use the following steps.
- Launch PowerShell as Administrator.
- Create a PS Session with the desired target computer.
- Type the following command once possession is established:
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 1
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 1 |
Method 3: Use Group Policy
If you have numerous Servers and/or Workstations that you need to enable RDP on and they are in the same Organization Unit structure in Active Directory you should enable RDP through Group Policy.
To enable RDP Using Group Policy.
- Launch the Group Policy Management Console [GPMC]
- Either edit an existing Group Policy Object [GPO] or create a new GPO.
- Navigate to the following GPO node:
Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections
- In the Settings pane double click Allow users to connect remotely by using Remote Desktop Services.
- Select the Enable Radial button select OK.
- Close the GPO editor and link the GPO to the appropriate Organizational Unit.
NOTE: Enabling RDP through GPO will configure the Windows Firewall with the appropriate ports to allow RDP connections.
Note: In all the methods demonstrated in this blog any member of the local Remote Desktop Users group will be able to connect to the target computers.
Until next time – Ride Safe!
Rick Trader
Windows Server Instructor – Interface Technical Training
Phoenix, AZ
Subscribe to this author's posts feed via RSS