How do I change Remote Desktop settings in registry?

Enable/Disable RDP GPO From regedit

I'm trying to enable/disable the Group Policy Object "Allow users to connect remotely using Remote Desktop Services", found at the following path, by way of regedit and/or CLI: Local Computer Policy\Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\ I've tried changing the following two (2) registry keys: HKLM\System\CurrentControlSet\Control\Terminal Server\fDenyTSConnections HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fDenyTSConnections When I change the values, no matter if I do a "gpupdate /force", or reboot, the GPO doesn't change. The value does always stay what I set it at, but the GPO isn't changing. I can manually go in and change the GPO and it does change the system/remote settings appropriately. I am joined to a Domain - this is to notify. I would think that if this was a Domain-related issue, I wouldn't be able to manually change the GPO, or the registry values change wouldn't ever save. My end goal here is to be able to disable RDP connections to the machine from CLI or a batch file. Can someone advise? This machine is running the following: Windows 10 v20H2 (Build 19042.844) Thanks.

remote-desktop-services

Comment

Comment · Show 1

Comment

5 |1600 characters needed characters left characters exceeded

  • Visible to all users
  • Visible to the original poster & Microsoft
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Visible to all users

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

GraceHE-MSFT · Mar 15, 2021 at 02:17 AM

Hi,
We are looking forward to your reply and ready for help.

---If the suggestions above are helpful, please ACCEPT ANSWER. Really appreciate. This will also help others with similar issue to find this post quickly. ---

0 Votes 0 ·

GraceHE-MSFT answered Mar 9, '21 | MikeKachar-5611 commented Mar 9, '21

Hi,

Thank you for posting your query. Here are some suggestions.

type LOCAL SECURITY POLICY in the search box -> open local security policy -> local policies ->user rights assignments -> deny log on through Remote Desktop Service
![75831-microsoftteams-image.png][1]

---If the suggestions above are helpful, please ACCEPT ANSWER. Really appreciate. This will also help others with similar issue to find this post quickly. ---
[1]: /answers/storage/attachments/75831-microsoftteams-image.png


microsoftteams-image.png (116.5 KiB)

Comment

Comment · Show 1

Comment

5 |1600 characters needed characters left characters exceeded

  • Visible to all users
  • Visible to the original poster & Microsoft
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Visible to all users

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MikeKachar-5611 · Mar 09, 2021 at 08:16 PM

This option/setting is to configure what users and groups are prohibited from logging on as a Remote Desktop Services client.

You can see this info when you double-click on the policy, and then go to the "Explain" tab:

Deny log on through Remote Desktop Services

This security setting determines which users and groups are prohibited from logging on as a Remote Desktop Services client.

Default: None.

Important

This setting does not have any effect on Windows 2000 computers that have not been updated to Service Pack 2.



I'm looking to specifically know how to disable the ability to Enable/Disable Remote Desktop via regedit and/or CLI (so I can batch it out), and have it actually modify the Group Policy Object I listed in the original question: Local Computer Policy\Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections\Allow users to connect remotely using Remote Desktop Services

0 Votes 0 ·

GraceHE-MSFT answered Mar 11, '21

Hi,
As your description and query, you are finding a way to enable/disable via REGEDIT. If so, here are some ideas for this.

  1. type REGEDIT in the search box to start REGISTRY EDITOR.

  2. navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server. Then on the right-side pane, double-click on the fSingleSessionPerUser.
    ![76559-image.png][1]

  3. Set the value data to 0 and click OK if you want to enable Remote Desktop. Set the value to 1 and click OK if you need to disable it.
    ![76653-image.png][2]
    Enabling RDP through the registry will not configure the Windows Firewall with the appropriate ports to allow RDP connections.
    Type the following in an administrative command prompt:
    Netsh advfirewall firewall set rule group=”remote desktop” new enable=yes

---If the suggestions above are helpful, please ACCEPT ANSWER. Really appreciate. This will also help others with similar issue to find this post quickly. ---
[1]: /answers/storage/attachments/76559-image.png
[2]: /answers/storage/attachments/76653-image.png


image.png (175.7 KiB)

image.png (111.8 KiB)

Comment

Comment Show 0

Comment

5 |1600 characters needed characters left characters exceeded

  • Visible to all users
  • Visible to the original poster & Microsoft
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Visible to all users

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Change the listening port for Remote Desktop on your computer

Is this page helpful?

Yes No

Any additional feedback?

Feedback will be sent to Microsoft: By pressing the submit button, your feedback will be used to improve Microsoft products and services. Privacy policy.

Submit

In this article

Applies to: Windows Server 2022, Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2008 R2

When you connect to a computer (either a Windows client or Windows Server) through the Remote Desktop client, the Remote Desktop feature on your computer "hears" the connection request through a defined listening port (3389 by default). You can change that listening port on Windows computers by modifying the registry.

  1. Start the registry editor. (Type regedit in the Search box.)
  2. Navigate to the following registry subkey: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
  3. Find PortNumber
  4. Click Edit > Modify, and then click Decimal.
  5. Type the new port number, and then click OK.
  6. Close the registry editor, and restart your computer.

The next time you connect to this computer by using the Remote Desktop connection, you must type the new port. If you're using a firewall, make sure to configure your firewall to permit connections to the new port number.

You can check the current port by running the following PowerShell command:

Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber"

For example:

PortNumber : 3389 PSPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp PSParentPath : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations PSChildName : RDP-Tcp PSDrive : HKLM PSProvider : Microsoft.PowerShell.Core\Registry

You can also change the RDP port by running the following PowerShell command. In this command, we'll specify the new RDP port as 3390.

To add a new RDP Port to the registry:

$portvalue = 3390 Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value $portvalue New-NetFirewallRule -DisplayName 'RDPPORTLatest-TCP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort $portvalue New-NetFirewallRule -DisplayName 'RDPPORTLatest-UDP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol UDP -LocalPort $portvalue

Remotely Enable Remote Desktop on Windows 10

/ / Information Technology

We’ve all been there – we’ve finished at a customer’s site, and need to quickly remote in later on to finish/fix something. Trouble is, Windows doesn’t enable Remote Desktop Protocol by default.

There are four steps needed toremotelyenable RDP connections in Windows 10.

  1. Open ports in the Windows firewall
  2. Edit the registry
  3. Start the Remote Desktop service
  4. Connect

This guide relies on you being on the same LAN as the remote PC you wish to access – you may already have RDP’ed into another server on that LAN. You must also have Windows administrativeprivilegesfor the remote computer. These instructions work well in a domain environment.

Note: If you have access to the computer, you can follow the standard procedure for enabling Remote Desktop.

How to Enable Remote Desktop with Registry, PowerShell or Command Prompt

September 19th, 2019 by Leave a reply »

Is there a script to remotely enable remote desktop on Windows Server 2016? Previously we’ve covered how to turn on remote desktop protocol (RDP) using the GUI interface, but those methods don’t work in some scenarios where you do not have physical access to the computer on which you want to enable RDP. In this tutorial we’ll show you how to enable remote desktop remotely using Registry, PowerShell or Command Prompt.

Method 1: Enable Remote Desktop Using Registry Tweak

Once you are connected to the remote machine’s registry, navigate to the location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server. In the right pane, double-click the DWORD fDenyTSConnections and change its value from 1 to 0.

How do I change Remote Desktop settings in registry?

Reboot your machine and remote desktop should now be accessible. If you need to disable remote desktop in future, just set the value of fDenyTSConnections to 1.

Method 2: Enable Remote Desktop Using PowerShell

Before getting started, you need to establish a session with the remote computer using PowerShell. Once connected, run the following PowerShell commands to enable remote desktop:

Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

How do I change Remote Desktop settings in registry?

The first command will turn on remote desktop, while the second command will activate the firewall rules that allow remote desktop connections.

When you need to disable remote desktop later, run the following commands instead:

Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 1
Disable-NetFirewallRule -DisplayGroup "Remote Desktop"

Method 3: Enable Remote Desktop Using Command Prompt

If you can open a remote Command Prompt window via SSH, PsExec or WinRS, run the following commands to enable remote desktop and configure Windows Firewall to allow remote desktop connections:

reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
netsh advfirewall firewall set rule group="remote desktop" new enable=yes

How do I change Remote Desktop settings in registry?

To disable remote desktop, execute the below commands:

reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f
netsh advfirewall firewall set rule group="remote desktop" new enable=No

That’s all!

  • 2 Ways to Enable Remote Assistance in Windows 10 / 8 / 7
  • Tutorial: Run PowerShell Commands on Remote Computer
  • Disable Command Prompt Using Group Policy or Registry Trick
  • How to Create System Restore Points with Command Prompt or PowerShell


  • Previous Post: How to Speed Up Windows 10 Menu Animations with Ease
  • Next Post: Tutorial: Run PowerShell Commands on Remote Computer

Posted in Others, Tips & Tricks, Windows 10, Windows 7, Windows 8

Tags: enable remote desktop command line enable remote desktop powershell enable remote desktop registry remotely enable remote desktop windows 10

Part 1 Part 1 of 2:Enabling Remote Desktop Remotely

  1. How do I change Remote Desktop settings in registry?
    How do I change Remote Desktop settings in registry?

    1

    Understand the risks. As always, be aware that editing the registry risks causing major problems. Make a backup before you begin, and do not make any unnecessary changes.

    • Only follow this guide if you do not have physical access to the computer. If you do, use the standard user tools to enable remote desktop without editing the registry.

  2. How do I change Remote Desktop settings in registry?
    How do I change Remote Desktop settings in registry?

    2

    Open the Services Microsoft Management Console. Run services.msc from the Start menu search box.[1] You can also find the Services MMC through Control PanelAdministrative ToolsServices.

    • You only need the MMC to start Remote Registry. If the remote computer is running Windows XP, this is probably already running.[2] Skip down to "connect to the remote registry."

  3. How do I change Remote Desktop settings in registry?
    How do I change Remote Desktop settings in registry?

    3

    Start the Remote Registry Service on the remote computer. In the Services MMC, right-click "Services (Local)" and select "Connect to another computer." Enter the name of your remote machine. Once connected, find the Remote Registry service in the MMC and start it, if it isn't already running.

  4. How do I change Remote Desktop settings in registry?
    How do I change Remote Desktop settings in registry?

    4

    Connect to the remote registry. Open regedit. Select FileConnect Network Registry.... Type the remote computer name under "Select Computer" and click Check Names.[3]

  5. How do I change Remote Desktop settings in registry?
    How do I change Remote Desktop settings in registry?

    5

    Find the Terminal Server key. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server.

  6. How do I change Remote Desktop settings in registry?
    How do I change Remote Desktop settings in registry?

    6

    Set fDenyTSConnections to 0. Look for the REG_WORD value named fDenyTSConnections in the Terminal Server details pane. Double click this to open the EDIT DWORD Value box. In this box, set the Value Data field to 0.[4]

  7. How do I change Remote Desktop settings in registry?
    How do I change Remote Desktop settings in registry?

    7

    Test Remote Desktop. Some systems give you immediate access, and some require you to restart the remote computer first. Attempt to connect to Remote Desktop to check. (If you left the MMC open, you can quickly start Remote Desktop from there.)

  8. How do I change Remote Desktop settings in registry?
    How do I change Remote Desktop settings in registry?

    8

    Reboot the remote computer if necessary. There are several ways to do this. The simplest is to open Command Prompt and enter shutdown /i. In the dialog box that opens, select "Restart" from the drop down menu, and enter the name of the remote computer.[5] Try accessing Remote Desktop again once the computer is done restarting.

Part 2 Part 2 of 2:Troubleshooting

  1. How do I change Remote Desktop settings in registry?
    How do I change Remote Desktop settings in registry?

    1

    Confirm you have administrator access. You must have administrator privileges on the remote computer.

  2. How do I change Remote Desktop settings in registry?
    How do I change Remote Desktop settings in registry?

    2

    Bypass the firewall. If you are trying to access the remote computer from a different network, the firewall may be blocking you. There are two routes around this:

    • If the firewall is blocking Remote Registry but not Remote Desktop, connect to a computer on the same network as the target computer, then use it to access the target computer.
    • If the firewall is blocking Remote Desktop, download PSExec from Sysinternals. Use it to gain remote access to the remote computer's command line and make a Remote Desktop exception for the firewall.[6] (Enter netsh advfirewall firewall add rule? for instructions.[7] )

26 Replies

· · ·

How do I change Remote Desktop settings in registry?

Mace

OP

Denis Kelley

How do I change Remote Desktop settings in registry?

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

Apr 22, 2011 at 11:58 UTC

Try this. I have had to do this sometimes.

http://thebackroomtech.com/2007/05/18/how-to-enable-remote-desktop-on-a-windows-xp-machine-remotely/

0

· · ·

How do I change Remote Desktop settings in registry?

Mace

OP

Sosipater

How do I change Remote Desktop settings in registry?

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

Apr 22, 2011 at 12:01 UTC

If there is a user at the remote computer you can get connected using join.me and then enable it yourself.

0

· · ·

How do I change Remote Desktop settings in registry?

Serrano

OP

JPo1215 Apr 22, 2011 at 12:01 UTC

Use this script. Works wonders

http://community.spiceworks.com/scripts/show/302-enable-or-disable-rdp-remote-desktop-on-remote-system-vbs

0

· · ·

How do I change Remote Desktop settings in registry?

Mace

OP

Alex3031

How do I change Remote Desktop settings in registry?

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

Apr 22, 2011 at 12:24 UTC

I think you have all ready been pointed the right way, there are script that will enable RDP on a system as long as you have remote registry access. It looks like a couple of people have pointed you to scripts all ready.

0

· · ·

How do I change Remote Desktop settings in registry?

Jalapeno

OP

chip379811 Apr 22, 2011 at 12:30 UTC

trying the script but it says "make sure you type the right machine name" i have and doesn't work..tried IP, name and nothing

0

· · ·

How do I change Remote Desktop settings in registry?

Chipotle

OP

Kendall

How do I change Remote Desktop settings in registry?

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

Apr 22, 2011 at 12:31 UTC

did you run the script from your PC at home or the server that you are RDPed into?

0

· · ·

How do I change Remote Desktop settings in registry?

Jalapeno

OP

chip379811 Apr 22, 2011 at 12:54 UTC

Yea from remote location.

0

· · ·

How do I change Remote Desktop settings in registry?

Serrano

OP

Best Answer

Don7478 Apr 22, 2011 at 13:08 UTC

From the onsite computer run Regedit.

In Regedit:
File-->Connect Network Registry

In the 'Select Computer' dialogue make sure that the 'Look In' location is correct(should be your domain if applicable)type in the computer name or IP that you want to connect to then click Ok.

Now expand:
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server

Once you've opened that key look for fDenyTSConnection

Set it to a value of 0 <--a zero

The computer will have to restart for the change to take effect.

1

· · ·

How do I change Remote Desktop settings in registry?

Serrano

OP

JPo1215 Apr 22, 2011 at 13:41 UTC

is it possible the computer is off or in sleep mode? Can you ping it?

0

· · ·

How do I change Remote Desktop settings in registry?

Jalapeno

OP

chip379811 Apr 22, 2011 at 14:50 UTC

yep it pings.

0

· · ·

How do I change Remote Desktop settings in registry?

Jalapeno

OP

chip379811 Apr 22, 2011 at 14:55 UTC

seems as there's no way i can get to this.

0

· · ·

How do I change Remote Desktop settings in registry?

Serrano

OP

Don7478 Apr 22, 2011 at 15:05 UTC

The registry edit didn't work? What were the results when you tried?
Were you able to get to it's registry?

0

· · ·

How do I change Remote Desktop settings in registry?

Jalapeno

OP

chip379811 Apr 22, 2011 at 15:17 UTC

I was able to type the IP and it took me to the enter username and password. I inserted the right username and password and nothing.

0

· · ·

How do I change Remote Desktop settings in registry?

Jalapeno

OP

chip379811 Apr 22, 2011 at 15:25 UTC

I was able to use the script just fine to my window servers by simply inserting the IP and it gave me the option to enable and disable, but the problem is i am trying to get to a desktop in the office it just doesn't work. I was able to get a ping from the adress.

0

· · ·

How do I change Remote Desktop settings in registry?

Serrano

OP

JPo1215 Apr 22, 2011 at 15:47 UTC

so the script works on the servers, you can ping the desktop which proves connectivity, you can run regedit on the desktop but cant authenticate...

do you have admin rights to the desktop?

0

· · ·

How do I change Remote Desktop settings in registry?

Jalapeno

OP

chip379811 Apr 22, 2011 at 15:51 UTC

I just found out the desktop is not on the domaincontroller, but can still ping..would that have something to do with it?

0

· · ·

How do I change Remote Desktop settings in registry?

Serrano

OP

Don7478 Apr 22, 2011 at 15:53 UTC

Most definitely wold change the permissions required.

0

· · ·

How do I change Remote Desktop settings in registry?

Datil

OP

Cazi Apr 22, 2011 at 16:27 UTC

If the desktop is not on the domain you would need to enter local admin credentials when connecting to the remote registry.

0

· · ·

How do I change Remote Desktop settings in registry?

Serrano

OP

JPo1215 Apr 22, 2011 at 16:34 UTC

ciprian3798 wrote:

I just found out the desktop is not on the domaincontroller, but can still ping..would that have something to do with it?

yes it does.

in that case:

Cazi wrote:

If the desktop is not on the domain you would need to enter local admin credentials when connecting to the remote registry.

+1

0

· · ·

How do I change Remote Desktop settings in registry?

Jalapeno

OP

chip379811 Apr 22, 2011 at 17:17 UTC

i tried and some reason username/password doesn't work.

0

· · ·

How do I change Remote Desktop settings in registry?

Mace

OP

Alex3031

How do I change Remote Desktop settings in registry?

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

Apr 22, 2011 at 19:49 UTC

ciprian3798 wrote:

i tried and some reason username/password doesn't work.

Might need tobe in the format of PCName\LocalUsername & Password.

0

· · ·

How do I change Remote Desktop settings in registry?

Serrano

OP

RjD Apr 23, 2011 at 14:48 UTC

I have also seen where strangely there were no users in the remote desktop group(including local and domain admins), never was too sure the how or why that one occured i just added them into the group and it worked fine afterwards. another thing is the firewalls may be causing blockages check those settings remotely as well for both port and program access

0

· · ·

How do I change Remote Desktop settings in registry?

Habanero

OP

CE Harden

How do I change Remote Desktop settings in registry?

This person is a verified professional.

Verify your account to enable IT peers to see that you are a professional.

Apr 25, 2011 at 07:29 UTC

I created this a long time age:

http://community.spiceworks.com/scripts/show/616-enable-remote-desktop-remotelyand you may like:

http://www.lazynetworkadmin.com/knowledgebase-mainmenu-6/2-windows/68-remote-assistance-take-control-without-permission

I make that one a few years back with help from another admin.

0

· · ·

How do I change Remote Desktop settings in registry?

Chipotle

OP

lt.son Apr 25, 2011 at 08:39 UTC

I use Remote Enabler.

It's quick and easy.

http://download.cnet.com/Remote-Desktop-Enabler/3000-2094_4-10572855.html

0

  • prev
  • 1
  • 2
  • next

This topic has been locked by an administrator and is no longer open for commenting.

To continue this discussion, please ask a new question.