Enable Remote Desktop remotely on Windows 10

In this post I show you how you can enable Remote Desktop on Windows 10 via Group Policy, PowerShell, WMI, or psexec because even the geekiest CLI geek sometimes needs to RDP into a remote Windows machine.

You probably know you can enable Remote Desktop in the Windows 10 Control Panel’s System app. That’s quick to do if the computer is on your desk. However, if you want to access a remote machine and Remote Desktop is disabled for security reasons in your organization, you have to enable Remote Desktop access remotely.

Allow remote connections in the Windows 10 Control Panel

Allow remote connections in the Windows 10 Control Panel

Allow Remote Desktop via Group Policy 

The easiest way certainly is to enable RDP access via Group Policy: Allow users to connect remotely using Remote Desktop Services

You can find the policy here:

Computer Configuration > Administrative Templates > Windows Components >Remote Desktop Services > Remote Desktop Session Host > Connections.

Allow users to connect remotely by using Remote Desktop Services

Allow users to connect remotely by using Remote Desktop Services

You will also have to allow RDP in the Windows Firewall on the remote Windows 10 computer:

Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile

Allow inbound Remote Desktop connections via Group Policy

Allow inbound Remote Desktop connections via Group Policy

The only problem is that Group Policy is sluggish, and if you want to log in quickly to a remote machine, it is often not an option. By contrast, on a PowerShell console, you can essentially get the job done with a single command.

Enable Remote Desktop via PowerShell 

However, there is a catch—actually, two. Windows Firewall might get in your way, and if PowerShell remoting is not enabled on the machine, things can get a bit tricky. I know of two methods to enable Remote Desktop remotely via PowerShell. Which method you use mostly depends on your Windows Firewall configuration.

Let’s assume first that PowerShell remoting is enabled on the remote machine. If so, you can simply enable Remote Desktop by modifying a registry key on the remote machine:

1Invoke-Command -Computername <computer name> -ScriptBlock {Set-ItemProperty -Path “HKLM:\System\CurrentControlSet\Control\Terminal Server” -Name “fDenyTSConnections” –Value 0 }

We are using Invoke-Command to execute the Set-ItemProperty remotely, which changes the value fDenyTSConnections to 0.

Most likely, Windows Firewall blocks RDP on the remote machine. To open the Remote Desktop port, you can use this PowerShell command:

1Invoke-Command -Computername <computer name> -ScriptBlock {Enable-NetFirewallRule -DisplayGroup “Remote Desktop”}

We are using PowerShell remoting again to execute Enable-NetFirewallRule remotely.

Enable Remote Desktop via WMI ^

If PowerShell remoting is not enabled on the remote machine, you can still use PowerShell via WMI for the task. This can be useful if you need to enable RDP on multiple machines or if this task is part of a larger automation problem and your organization’s security guidelines don’t allow PowerShell remoting. Sitaram wrote a PowerShell script that uses the Get-WmiObject cmdlet. This allows you to manage computers remotely without PowerShell remoting.

I removed the part of the script that first checks via Test-Connection if the computer is online because this would require an additional firewall setting to make the script work.Click To Expand Code

To understand how the script works, please read Sitaram’s article. To use the script, you just have to save it to a file (Enable-RDPAccess.ps1) and then run this command:

1.\Enable-RDPAccess.ps1 -ComputerName <computer name>
Enable RDP via WMI

Enable RDP via WMI

If you want to enable RDP on multiple Windows 10 computers, you can save the computer names in a text file and then use Get-Content to pipe the computer names to Enable-RDPAccess.ps1:

1Get-Content <path to text file> | Enable-RDPAccess.ps1

Theoretically, you probably can also configure the Windows Firewall to allow the RDP connection with Get-WmiObject. However, I couldn’t find the corresponding class. If you know more, please post a comment below.

Nevertheless, I know another way to configure the firewall via WMI, and that is with the wmic command:

1wmic /node:<computer name> process call create “cmd.exe /c netsh firewall set service RemoteDesktop enable”

Of course, you can also enable Remote Desktop with wmic:

1wmic /node:<computer name> process call create ‘cmd.exe /c reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f’
Remotely enable RDP on Windows 10 with wmic

Remotely enable RDP on Windows 10 with wmic

Note that you have to configure the Windows Firewall of the remote machine to allow WMI access for the PowerShell script and for wmic to work. You could do this via Group Policy:

Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security.

Right-click Inbound Rules and then add the predefined rule Windows Management Instrumentation (WMI).

Enable WMI in Windows Firewall via Group Policy

Enable WMI in Windows Firewall via Group Policy

But now we are where we were in the beginning. We could then just use Group Policy to enable RDP right away. However, if WMI is already enabled in your firewall for other reasons, using Get-WmiObject is an option.

Also, if you often have to enable RDP remotely on Windows 10 machines, but your company policy doesn’t allow you to work with PowerShell remoting, you could also consider opening WMI in your firewall permanently. I suppose it is less risky simply because WMI is more difficult to use than PowerShell remoting, and all the script kiddies who downloaded PowerShell scripts to hack into your systems will be in trouble.

Enable RDP via psexec 

Yet another option is Microsoft’s free tool psexec. It also doesn’t require PowerShell remoting to be enabled. The only downside is that it is not as straightforward to use as Invoke-Command in PowerShell scripts. Psexec requires that Windows Firewall is open for File and Printer sharing, which is probably more common than open WMI ports or enabled PowerShell remoting:

Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Windows Firewall: Allow inbound file and printer sharing exception

Allow file and printer sharing in the Windows Firewall

Allow file and printer sharing in the Windows Firewall

To modify the registry to enable RDP with psexec, you have to run this command:

1psexec.exe \\<computer name> reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f

This command also just sets the registry key that disables Terminal Server access to 0.

To allow RDP connections in the Windows Firewall, you can also use psexec:

1psexec.exe \\<computer name> netsh firewall set service RemoteDesktop enable
Enable Remote Desktop with psexec

Enable Remote Desktop with psexec

Conclusion 

If you have to enable Remote Desktop remotely, you have a variety of options. Which one you use depends on how quickly you need access and the Windows Firewall configuration on the remote machine. If all the firewall ports discussed in this post are closed, Group Policy is your only option. If someone is close to the computer, the person can reboot the machine to apply the GPO. Yes, you can also remotely reboot the machine. But if you don’t have a system management tool with this feature, you also have to open a couple of firewall ports for a remote reboot.

Leave a Reply

Your email address will not be published. Required fields are marked *