How to Enable Remote Desktop with Registry, PowerShell or Command Prompt

September 19th, 2019 by Admin Leave a reply »

Is there a script to remotely enable remote desktop on Windows Server 2016? Previously we’ve covered how to turn on remote desktop protocol (RDP) using the GUI interface, but those methods don’t work in some scenarios where you do not have physical access to the computer on which you want to enable RDP. In this tutorial we’ll show you how to enable remote desktop remotely using Registry, PowerShell or Command Prompt.

Method 1: Enable Remote Desktop Using Registry Tweak

Once you are connected to the remote machine’s registry, navigate to the location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server. In the right pane, double-click the DWORD fDenyTSConnections and change its value from 1 to 0.

Reboot your machine and remote desktop should now be accessible. If you need to disable remote desktop in future, just set the value of fDenyTSConnections to 1.

Method 2: Enable Remote Desktop Using PowerShell

Before getting started, you need to establish a session with the remote computer using PowerShell. Once connected, run the following PowerShell commands to enable remote desktop:

Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

The first command will turn on remote desktop, while the second command will activate the firewall rules that allow remote desktop connections.

When you need to disable remote desktop later, run the following commands instead:

Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 1
Disable-NetFirewallRule -DisplayGroup "Remote Desktop"

Method 3: Enable Remote Desktop Using Command Prompt

If you can open a remote Command Prompt window via SSH, PsExec or WinRS, run the following commands to enable remote desktop and configure Windows Firewall to allow remote desktop connections:

reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
netsh advfirewall firewall set rule group="remote desktop" new enable=yes

To disable remote desktop, execute the below commands:

reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f
netsh advfirewall firewall set rule group="remote desktop" new enable=No

That’s all!