Paginas

25 May 2016

Remotely Enable Remote Desktop in Windows


In this Post I will show you how to Remotely enable Remote Desktop in Windows. It will work in all versions of Windows from 7 to 10. By default Windows 7 doesn't allow Remote Desktop connections and this has to be enabled by the user (or set via group policy). What happens if you eed quick remote access to a desktop? If you're in a domain environment you may just be in luck. There are four steps needed to remotely enable RDP connections.

  1. Open ports in the Windows firewall
  2. Start the Remote Registry service
  3. Change a registry setting to enable Remote Desktop
  4. Start the Remote Desktop service

For this guide I will assume that you are on the same LAN as the remote computer you want to access and you are logged in as a Windows user with administrative privileges for the remote computer you are wishing to access. If it's not the case, you must run all the commands with "Run As Different User" and choose an administrative account (Domain or Local Admin). If you are behind a Firewall, you must check if all the required ports are open (TCP 135, TCP 445, TCP 3389, Admin$ and IPC$ shares enabled).


Step 1: Open ports in the Windows firewall

There is no native way to change the settings of a remote Windows firewall. However, you can use PsExec from SysInternals to disable it or change some rules. Download the App in here, drop it into your C:\ drive and run this command:
  • c:\psexec \\remote-machine-name-or-IP cmd
Once you have that command line open, you can run this command to disable the firewall:
  • netsh advfirewall set currentprofile state off
Alternatively you can run this command to allow only Remote Desktop while still leaving the rest of the firewall as is:
  • netsh advfirewall firewall set rule group="remote desktop" new enable=Yes


Step 2: Start the Remote Registry service

Load up the Services MMC (Control Panel > Administrative Tools > Services), right click on "Services (Local)" and choose "Connect to another computer". Enter the name of your remote machine and connect to it. You should now be able to find the "Remote Registry" service and start it.
Depending on your environment, this may already be running.



Step 3: Change a registry setting to enable Remote Desktop

It's time to make use of the Remote Registry and actually enable RDP. Load up regedit and go to File -> Connect Network Registry. Enter the name of your remote computer and connect to it. Navigate to HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > Terminal Server.
  • Change the value of "fDenyTSConnections" to "0".


Step 4: Start the Remote Desktop service

Go back to the Services MMC you used in Step 2. Find the service "Remote Desktop Services" and start it (or restart if it is already running).



Step 5: Connect

By this point you should be able to connect to a remote desktop session on your remote computer. Remember that only administrative users (like Domain Admins and Local Admins) can connect to an out-of-the-box Remote Desktop setup. If you have got this far and still can't connect, it is worth checking your firewall rules to ensure nothing is being blocked like RDP port (TCP 3389).

No comments:

Post a Comment