Hello again! It’s been a few months since I last made a post. But hey, here I am with a quick article. Enjoy!
Earlier this week I ran into a sitaution where I needed to drop into a Remote Desktop (RDP) session on a host to help resolve an appilcation issue. Without going into the weeds, the existing third party remote desktop solution wasn’t working because the user couldn’t log in.
I did have PowerShell remoting enabled though. Here’s how you can enable Remote Desktop Protocal using PowerShell remotely.
Enable Remote Desktop Protocal (RDP)
The registry key that needs adjusted is “fDenyTSConnections” with a value of 0, which is off. We don’t want to Deny connections:
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0
Disable Remote Desktop Protocol (RDP)
RDP is not something you want to leave on all the time if you can avoid it. Modern Windows OS administration should mostly be done with PowerShell remoting when possible. By setting “fDenyTSConnections” with a value of 1, or on, will Deny new connections:
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 1
(Optional) Enable Remote Desktop Protocol Firewall Rule
I prefer to use the Windows Firewall for a lot of reasons (security in layers mostly) so I like to enable the firewall rule for remote desktop. It may not be needed in your scenario.
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
This is a good way to get access to a remote Windows 10 or Windows 11 host IF you already have PowerShell remoting enabled. In my particular scenario, I had already ran winrm quickconfig
on the host while it was joined to my ADDS domain.
If you like this content and want to see more, be sure to like, subscribe, and share: