windows_serverwindows server

There are four steps needed to remotely enable RDP connections in Windows 10.

  1. Open ports in the Windows firewall
  2. Edit the registry
  3. Start the Remote Desktop service
  4. Connect

Step 1: Open firewall ports in Windows firewall

If you download the app and drop it into your c:\ drive, you can run this command and get command line access for that remote box.

c:\psexec \\remote_machine_name cmd

Once you have that command line open, you can run this command to disable the firewall:

netsh advfirewall set currentprofile state off

Alternatively you can run this command to allow only Remote Desktop while still leaving the rest of the firewall as is:

netsh advfirewall firewall set rule group=”remote desktop” new enable=Yes

or simply turn off Windows Firewall

Step 2: Registry Changes to enable Remote Desktop

Option 1: Psexec registry changes

While still in psexec, run this command to change the remote registry:

reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f

Option 2: Manually change registry settings

If you don’t want to continue using psexec, you can follow these instructions instead.

Load up the Services MMC (Control Panel > Administrative Tools > Services), right click on “Services (Local)” and choose “Connect to another computer”. Enter the name of your remote machine and connect to it. You should now be able to find the “Remote Registry” service and start it.

Depending on your environment, this may already be running, but I have found it generally isn’t on newly imaged computers.

It’s time to make use of the Remote Registry and actually enable RDP. Load up regedit and go to File > Connect Network Registry. Enter the name of your remote computer and connect to it. Navigate to HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > Terminal Server. Change the value of “fDenyTSConnections” to “0”.

Step 3: Start the Remote Desktop service

Go back to the Services MMC you used in Step 2 Option 2, find the service “Remote Desktop Services” and start it (or restart if it is already running).

Step 4: Connect

By this point you should be able to connect to a remote desktop session on your remote computer. Remember that only administrative users can connect to an out-of-the-box Remote Desktop setup.