How To Enable Remote Desktop From Command Line
The Windows 10 Remote Desktop feature lets users access remote computers and servers, allowing them to assist end-users without being physically on-site. One example of this would be if users are fixing a system currently in “Recovery Mode”, only possess SSH access to servers lacking KVM, or pre-configuring a build for deployment.
Conveniently, by setting a registry value, it’s possible for users to enable RDP from the command line (or disable) at will.
While users can set up the RDP feature via the Settings app, they can also enable RDP on Windows 10 with Command Prompt. This method can be used by anyone looking to create scripts that expedite configuring Remote Desktop on more than one computer at a time.
Alternatively, users can send the aforementioned scripts to a remote end-user, permitting them to enable/disable Remote Desktop automatically (without them having to take any additional steps).
The guide below demonstrates how to enable Remote Desktop on Windows 10 with CMD, and open the necessary firewall ports that allow for a successful connection on a Windows 10 machine.
Please note: Windows 10 Home lacks the Remote Desktop feature. Only Windows 10 Pro, Enterprise, and Education have Remote Desktop. Additionally, users should also create a complete backup of the computer prior to altering the commands. Why? Because any mistakes made during registry modification can irreversibly ruin a system.
How to enable remote desktop using Command Prompt
To enable Remote Desktop via the command line, follow the steps below:
-
Open the Windows 10 Start menu.
-
Search “Command Prompt”, and right-click the first result that appears.
-
Select “Run as Administrator”.
-
To enable remote desktop via CMD, enter the following command and hit Enter:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
Please note: Using Command Prompt to enable RDP doesn’t configure the Windows Firewall with the ports that permit RDP connections.
Additional note: The local Administrator group can connect with Remote Desktop Protocol by default. Additionally, all currently logged-in users can also connect.
The following is optional: Enable Remote Desktop via Windows Firewall by entering the following command:
netsh advfirewall firewall set rule group="remote desktop" new enable=Yes
After completing the steps above, RDP will be enabled, allowing users to remotely access devices.
To finely tune the RDP connection, see this guide for the additional MSTSC command line options that will allow you to access the remote computer as an admin, open the connection in full screen, and much more.
How to disable remote desktop with Command Prompt
Now that we’ve learned how to use CMD to enable RDP, it’s time to go over how to disable RDP using Command Prompt:
Step 1: Open the Start menu.
Step 2: Search “Command Prompt”, then right-click the first result.
Step 3: Choose “Run as Administrator” from the pop-up list.
Step 4: Disable RDP by entering the following command:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f
The following is optional: Disable Remote Desktop (via the Windows Firewall) by typing the following command, then hit Enter.
netsh advfirewall firewall set rule group="remote desktop" new enable=No
Upon the completion of the steps outlined above, Remote Desktop services are disabled, and the Windows Firewall port is closed.
In this article, we only utilized Command Prompt, but the same commands can be utilized with PowerShell to configure Remote Desktop Protocol.
Протокол Remote Desktop Protocol (RDP) позволяет удаленно подключиться к рабочему столу компьютера с Windows и работать с ним, как будто это ваш локальный компьютер. По умолчанию RDP доступ в Windows запрещен. В этой статье, мы покажем, как включить и настроить RDP доступ в Windows 10 и Windows Server 2016/2019.
Содержание:
- Включаем удаленный рабочий стол в Windows 10
- Как включить RDP доступ с помощью PowerShell?
- RDP доступ к Windows Server 2016/2019
- Включение RDP с групповых политик в домене Active Direcrtory
- Как удаленно включить RDP на компьютере Windows?
Включаем удаленный рабочий стол в Windows 10
Самый простой способ включить RDP доступ в Windows – воспользоваться графическим интерфейсом.
Откройте свойства системы через панель управления, или выполнив команду SystemPropertiesRemote.
Перейдите на вкладку Remote Settings (Удаленный доступ), включите опцию Allow remote connection to this computer (Разрешить удалённые подключения к этому компьютеру).
В целях безопасности желательно разрешить подключение только с клиентов RDP с поддержкой протокола NLA (Allow connections only from computers running Remote Desktop with Network Level Authentication/ Разрешить подключение только с компьютеров, на которых работает удаленный рабочий стол с проверкой подлинности на уровне сети).
Сохраните изменения, нажав ОК.
По умолчанию право на подключение к компьютеру через RDP есть только у членов группы локальных администраторов. Если вам нужно разрешить RDP доступ другим пользователям, нажмите кнопку Select Users.
Все пользователи, которых вы укажете здесь будет добавлены в локальную группу Remote Desktop Users. Вы можете в командной строке вывести список пользователей в этой группе:
net localgroup "Remote Desktop Users"
или
net localgroup “Пользователи удаленного рабочего стола”
Чтобы добавить нового пользователя в группу доступа RDP, выполните:
net localgroup "Remote Desktop Users" /add publicuser
В русской версии Windows измените название группы на “Пользователи удаленного рабочего стола”.
В новых билдах Windows 10 классическая панель для включения RDP доступа теперь спрятана и Microsoft рекомендует пользоваться новой панелью Setting.
- Перейдите в Settings -> System —> Remote Desktop;
- Включите опцию Enable Remote Desktop;
- Подтвердите включение RDP на компьютере.
Обратите внимание, что вы не можете включить RDP доступ к редакции Windows 10 Home. RDP сервер работает только на Windows 10 Pro и Enterprise. Впрочем, есть обходное решение.
Обратите внимание, что по умолчанию при включении Remote Desktop, включаются две опции:
- Keep my PC awake for connection when it is plugged in ;
- Make my PC discoverable on private networks to enable automatic connection from a remote device
На жмите на ссылку “Advanced settings”. Здесь можно включить использование протокола “Network Level Authentication” для RDP подключений (рекомендуется).
Если на компьютере включен Windows Defender Firewall (брандмауэр), то нужно проверить, что в нем разрешены входящие RDP подключения. По умолчанию для RDP подключений используется порт TCP
3389
, а в последних билдах Windows также используется
UDP 3389
( см. статью про кейс с черным экраном вместо рабочего стола при RDP доступе).
Перейдите в панель управления и выберите элемент Windows Defender Firewall. Откройте список стандартных правил брандмауэра Windows, щелкнув в левом столбце по ссылке Allow an app or feature through Windows Firewall.
Проверьте, что правило Remote Desktop включено для профиля Private (домашняя или рабочая сеть) и, если необходимо, для профиля Public (общедоступные сети).
Подробнее про типы сетей и профили брандмауэра Windows здесь.
Если нужно, вы можете дополнительно ограничить длительность RDP сессий с помощью GPO.
Теперь к данному компьютеру можно подключится с помощью RDP клиента. Встроенный RDP клиент Windows –
mstsc.exe
. Он сохраняет всю историю RDP подключений с компьютера. Поддерживается копирование файлов между локальным и удаленным компьютером прямо через буфер обмена RDP.
Также вы можете использовать менеджеры RDP подключений, такие как RDCMan или mRemoteNG, или альтернативные клиенты.
Для удобства пользователей пароль для RDP подключения можно сохранить в Windows Credential Manager.
Как включить RDP доступ с помощью PowerShell?
Вы можете включить RDP доступ в Windows с помощью пары PowerShell команд. Это гораздо быстрее:
- Запустите консоль PowerShell.exe с правами администратора;
- Включите RDP доступ в реестре с помощью командлета Set-ItemProperty:
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0
Чтобы закрыть RDP доступ, измените значение fDenyTSConnections на 1.
- Разрешите RDP подключения к компьютеру в Windows Defender Firewall. Для этого включите предустановленное правило :
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
- Если нужно добавить пользователя в группу в локальную группу RDP доступа, выполните:
Add-LocalGroupMember -Group "Remote Desktop Users" -Member 'a.petrov'
Чтобы проверить, что на компьютере открыт RDP порт, воспользуйтесь командлетом Test-NetConnection:
Test-NetConnection -ComputerName deskcomp323 -CommonTCPPort rdp
RDP доступ к Windows Server 2016/2019
В отличии от десктопной редакции Windows 10, в Windows Server по умолчанию поддерживается два одновременных RDP подключения. Эти подключения используются администраторами для управления сервером.
Включается RDP в Windows Server аналогично. Через SystemPropertiesRemote, через Server Manager или командами PowerShell, рассмотренными выше.
Вы можете использовать Windows Server в качестве терминального сервера. В этом случае множество пользователей могут одновременно подключаться к собственному рабочему столу на сервере. Для этого нужно установить и настроить на сервере роль Remote Desktop Session Host. Это требует приобретения специальных RDS лицензии (CAL). Подробнее о RDS лицензировании здесь.
Для дополнительно защиты RDP сессий можно использовать SSL/TLS сертификаты.
Включение RDP с групповых политик в домене Active Direcrtory
Если вам нужно включить RDP доступ сразу на большом количестве компьютеров, можно воспользоваться групповыми политиками (GPO). Мы подразумеваем, что все компьютеры включены в домен Windows.
- Запустите консоль управления доменными GPO
gpmc.msc
; - Создайте новую (или отредактируйте уже существующую) групповую политику и привяжите ее к целевой OU с компьютерами или серверами;
- Переключитесь в режим редактирования политики и перейдите в секцию GPO Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Connections;
- Найдите и включите политику Allow Users to connect remotely by using Remote Desktop Services, установив ее в Enable;
- Обновите параметры групповых политик на клиентах;
- После применения данной политики вы сможете подключится ко всем компьютерам по RDP (политика применится как к десктопным клиентам с Windows 10, так и к Windows Server). Если нужно, вы можете более тонко нацелить политики на компьютеры с помощью WMI фильтров GPO.
- Если на компьютерах включен Windows Defender Firewall, нужно в этой же GPO разрешить RDP-трафик для доменного профиля. Для этого нужно активировать правило Windows Firewall: Allow inbound Remote Desktop Exceptions (находится в разделе Computer Configuration -> Administrative Templates -> Network -> Network Connections -> Windows Firewall -> Domain Profile).
Подробнее о настройке правил брандмаура Windows через GPO рассказано здесь.
Как удаленно включить RDP на компьютере Windows?
Также вы можете удаленно включить RDP на любом компьютере Windows. Для этого у вас должен быть удаленный доступ к этому компьютеру (через PowerShell или WMI) и ваша учетная запись состоять в группе локальных администраторов на этом компьютере.
Вы можете удаленно включить RDP через реестр. Для этого на удаленном компьютере должна быть включена служба Remote Registry (по умолчанию она отключена). Чтобы запустить службу:
- Запустите консоль управления службами (
services.msc
); - Выберите Connect to another computer и укажите имя удаленного компьютера;
- Найдите в списке службу Remote Registry, измените тип запуска на Manual (ручной) и затем запустите службу – Start.
Тоже самое можно выполнить удаленно из командной строки с помощью встроенной утилиты
sc
(позволяет создавать, управлять или удалять службы Windows):
sc \\WKMDK22SQ65 config RemoteRegistry start= demand
sc \\WKMDK22SQ65 start RemoteRegistry
Затем на локальном компьютере
- Запустите редактор реестра
regedit.exe
- Выберите в меню Файл пункт Connect Network Registry (Подключить сетевой реестр)
- Укажите имя или IP адрес удаленного компьютера, на котором нужно включить службу RDP;
- Перейдите в раздел
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server
; - Найдите параметр fDenyTSConnections (тип REG_DWORD). Если данный ключ отсутствует – создайте его. Измените его значение на 0, чтобы включить RDP.
Для отключения RDP доступа нужно изменить значение fDenyTSConnections на 1.
Сразу после этого без перезагрузки удаленный компьютер должен стать доступным по RDP.
Но гораздо быстрее можно включить RDP в реестре удаленого компьютера через командную строку:
REG ADD "\\WKMDK22SQ65\HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
Если на удаленном компьютере настроен PowerShell remoting, вы можете выполнить на нем удаленную команду через Invoke-Command:
Invoke-Command -Computername WKMDK22SQ65 -ScriptBlock {Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections" –Value 0}
Если в Windows установлен OpenSSH сервер, вы можете подключиться к нему любым ssh клиентом и внести изменения в реестр в локальной ssh сессии.
Также вы можете подключиться к удаленному компьютеру и включить RDP через WMI:
$compname = “WKMDK22SQ65”
(Get-WmiObject -Class Win32_TerminalServiceSetting -Namespace root\CIMV2\TerminalServices -Computer $compname -Authentication 6).SetAllowTSConnections(1,1)
The Remote Desktop Connection (RDC) tool, also known as Microsoft Terminal Services Client (MSTSC), allows a user to connect to another computer remotely over the network using the Remote Desktop Protocol (RDP). Most users use this tool via its Graphical User Interface (GUI) which is convenient to use, but this article focuses on using the Remote Desktop via the command line.
Connecting to other computers using RDC through the command line allows you to control different settings and preferences of the connection. Windows allows a user to use certain switches to predefine the settings before the connection is made. For example, you can define the name or IP address of the remote computer, or adjust the RDC window size even before running the tool.
Learn how to enable RDC in Windows 11.
Table of contents
- MSTSC commands and switches
- Launch RDC from Run
- Use RDC to connect via console
- Launch RDC with IP address
- Launch RDC with computer name
- Launch RDC in full-screen mode
- MSTSC commands and switches
- Troubleshoot RDC via command line
- Check if RDP is enabled from Command prompt
- Check if RDP is enabled from PowerShell
- Frequently Asked Questions
- What is MSTSC?
- How to open Remote Desktop from the command line?
- How to add username and password to mstsc command line?
- Is the RDP and RDC the same?
Let us help you become aware of the switch options and how you can use them to configure your RDC connections.
MSTSC commands and switches
The conventional way to open the RDC in Windows is by searching for “Remote Desktop Connection” or “RDC” in Run and open the tool.
This then opens the RDC tool where you can enter the name of IP address with port number (optional) of the remote computer that you want to connect to.
Most of you would already be aware of this method.
This section covers the possible commands and switches that you can use with RDC via the command line. We shall start with the most basic ones and then continue.
Launch RDC from Run
The very basic command to run Remote Desktop Connection from the command line is via Run. Simply type in the following in Run and hit Enter.
mstsc
Running this will open the RDC with a blank text field. However, with the addition of a few switches, you can change the settings and preferences of the RDC connection. Let us continue forward with a few examples.
Use RDC to connect via console
Although RDC fully supports GUI, you can also connect to remote machines through a console. This will help in case you wish to continue the session that you got disconnected from earlier. In contrast, a regular GUI-based RDC session creates a new session each time you connect to the same machine.
Use the following command to connect to a remote computer via console:
mstsc /console
Launch RDC with IP address
You can also launch RDC along with the IP address of the machine to connect it with. If the port on the machine is changed from the default value, you can also add the port number. Use the following commands to do so:
mstsc /v:IPAddress
mstsc /v:IPAddress:PortNumber
Replace IPAddress with the complete IP address of the remote computer that you want to connect with, and PortNumber with the port number if changed from its default value.
Launch RDC with computer name
You can also connect to the remote computer by its unique computer name. The switch used for this is the same one used with the IP address and port number in the steps above.
mstsc /v:ComputerName
Replace ComputerName with the unique name of the remote device that you can find in its settings or properties.
Launch RDC in full-screen mode
You can also launch the RDC connection in full-screen mode. Here is how:
mstsc /f
These switches can be combined into a single command to execute an RDC connection to your preferences. Here is an example:
mstsc /f /v:192.168.10.122:8002
MSTSC commands and switches
There are more commands and switches you can use with mstsc command-line to adjust your settings for the connection beforehand. Here is the complete list:
<connectionfile> | For a .rdp file required to make a connection (if applicable). |
/v: | IP Address or computer name of the remote computer. |
/g: | IP Address or device name of a Remote Gateway Server (if applicable). |
/admin | To establish a connection with administrative privileges. |
/f | View the Remote Desktop Window in full-screen mode. |
/w: | To specify the width of the Remote Desktop Window. |
/h: | To specify the height of the Remote Desktop Window. |
/public | Run the Remote Desktop Connection publicly (less secure). |
/span | To match the width and height of the Remote Desktop with the local desktop. |
/edit <connectionfile> | To edit a .rdp file. |
/multimonTo make the monitor layout of the Remote Desktop Services session identical to the client-side configuration. | |
/restrictedAdmin | Connect to the remote PC in Restricted Administration mode. The credentials are not sent to the remote PC in this mode, protecting you if you connect to a compromised PC. |
/remoteGuard | Connect your device to a remote device using the Remote Guard, which prevents sending credentials to a remote PC. |
/prompt | To prompt you to put in credentials to connect to the remote PC. |
/shadow: | The ID of the session that you want to connect to. |
/control | Give control of the session when shadowing. |
/noConsentPrompt | To allow shadowing without user consent. |
/migrate | Migrate legacy connection files created with Client Connection Manager to new .rdp connection files. |
/? | To get help in the command prompt. |
These switches can have the following syntax in either Run or the Command Prompt:
mstsc [<connection file>] [/v:<server[:port]>] [/g:<gateway>] [/admin] [/f] [/w:<width> /h:<height>] [/public] | [/span] [/multimon] [/edit "connection file"] [/restrictedAdmin] [/remoteGuard] [/prompt] [/shadow:<sessionID> [/control][/noConsentPrompt]]
The parameters in the alligator brackets (< and >) are variables that you can adjust according to your preferences.
Troubleshoot RDC via command line
You can also troubleshoot Remote Desktop services through the command line. For example, if you are unable to connect to a device using the GUI RDC but have access via console, you can check whether there are any configurations to be made that will connect you via GUI successfully.
Check if RDP is enabled from Command prompt
Learn how to enable RDP remotely.
You can run the following command to check the status of your device if RDP is enabled or disabled:
netstat /p tcp /a | findstr 3389
If the results come back as “Listening,” it means that RDP is enabled.
Check if RDP is enabled from PowerShell
Another method to check whether RDP is enabled is through Windows PowerShell. You can run the following commands in PowerShell and it will tell you whether the service is available or not.
if ((Get-ItemProperty "hklm:\System\CurrentControlSet\Control\Terminal Server").fDenyTSConnections -eq 0) { write-host "RDP is Enabled" } else { write-host "RDP is NOT enabled" }
If the script returns “RDP is enabled,” it means that it is.
Frequently Asked Questions
What is MSTSC?
Microsoft Terminal Services Client (MSTSC) is a tool that allows a user to remotely connect to another device over the network as if they were physically present on the remote device.
How to open Remote Desktop from the command line?
You can open the Remote Desktop Connection window from Run or Command Prompt using mstsc. You may also add switches like /v and /f to control the connection’s arguments.
How to add username and password to mstsc command line?
You cannot add a username or password directly to the mstsc command. However, you can store the credentials in a generic key against the machine you want to connect to using these 2 commands:cmdkey /generic:"<server>" /user:"<user>" /pass:"<password>"
mstsc /v:"<server>"
Is the RDP and RDC the same?
Remote Desktop Connection (RDC) is a tool used to establish a remote connection between devices. Remote Desktop Protocol (RDP) is the technology that RDC uses to create this remote connection.
- To enable Remote Desktop on Windows 10, open Command Prompt (admin) and run the “reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /v fDenyTSConnections /t REG_DWORD /d 0 /f” and “netsh advfirewall firewall set rule group=”remote desktop” new enable=Yes” commands.
On Windows 10, you can use the Remote Desktop feature to remotely access a computer or server to help other users or manage services without being physically present at the location.
Although you can manage the feature through the Settings app, you can also turn Remote Desktop on or off on Windows 10 using commands with Command Prompt or PowerShell. You may want to use this method to create a script to configure Remote Desktop on multiple computers more quickly. Or you can send the script to a user, allowing them to set up the feature without additional steps automatically.
This guide will teach you the steps to use Command Prompt to enable or disable Remote Desktop and open the required firewall ports for a successful connection on Windows 10.
- Enable Remote Desktop from Command Prompt
- Disable Remote Desktop from Command Prompt
Important: Remote Desktop is not a feature available on Windows 10 Home. It is only on Windows 10 Pro, Enterprise, and Education. It is also recommended you create a full backup of your computer before proceeding, as modifying the registry can cause irreversible damage to your system.
To enable the remote desktop protocol with Command Prompt, use these steps:
-
Open Start on Windows 10.
-
Search for Command Prompt, right-click the top result, and select the Run as administrator option.
-
Type the following command to enable the remote desktop protocol and press Enter:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
-
(Optional) Type the following command to enable remote desktop through the Windows Firewall and press Enter:
netsh advfirewall firewall set rule group="remote desktop" new enable=Yes
Once you complete the steps, the protocol will enable on Windows 10, and you will be able to access the device remotely.
Disable Remote Desktop from Command Prompt
To turn off the remote desktop protocol with Command Prompt, use these steps:
-
Open Start.
-
Search for Command Prompt, right-click the top result, and select the Run as administrator option.
-
Type the following command to disable the remote desktop protocol and press Enter:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f
-
(Optional) Type the following command to disable Remote Desktop through the Windows Firewall and press Enter:
netsh advfirewall firewall set rule group="remote desktop" new enable=No
After you complete the steps, the Remote Desktop service will be turned off, and the Windows Firewall port will be closed.
This guide focuses on Command Prompt, but you can use the same commands to manage the remote desktop protocol using PowerShell.
We may earn commission for purchases using our links to help keep offering the free content. Privacy policy info.
All content on this site is provided with no warranties, express or implied. Use any information at your own risk. Always backup of your device and files before making any changes. Privacy policy info.
If you want to use the Remote Desktop feature without opening the Windows Settings panel, then you can enable Remote Desktop using Command Prompt or Windows PowerShell. If you have a remote desktop client on your mobile or another computer, you will be able to connect it and use your PC remotely.
Remote Desktop is a well-known facility for Windows 11/10 computers that lets you connect two computers or mobile so that an individual can access another computer remotely. You can fix some problems on the computer via mobile or do other jobs according to your requirements. You need a Remote Desktop client like Microsoft Remote Desktop or so on your mobile to connect two devices.
It is possible to enable to disable Remote Desktop via Windows Settings. You need to head to System > Remote Desktop to access the option. However, let’s assume that the Windows Settings panel is not opening due to some reasons, and you need to turn on the Remote Desktop feature. Then you can use this method to start the Remote Desktop using the command line.
To enable Remote Desktop using Command Prompt and Windows PowerShell, follow these steps-
- Open Command Prompt or PowerShell with administrator privilege
- Set value of fDenyTSConnections REG DWORD to 0
- Add a Firewall rule
- Restart your computer
- Start using Remote Desktop in Windows 10.
The commands are not the same for Command Prompt and Windows PowerShell.
1] Enable RDP firewall using Command Prompt
To get started, open the Command Prompt with administrator privilege. You can search for it in the Taskbar search box, and click the Run as administrator option that appears on your screen. After that, enter this following command and hit Enter:
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
By default, the value of fDenyTSConnections is set to 1. This command will change the value to 0.
Next, execute the following command:
netsh advfirewall firewall set rule group="remote desktop" new enable=yes
This command will add and update three rules in the Firewall so that you can start using the Remote Desktop.
2] Enable RDP using Windows PowerShell
You need to open the Windows PowerShell with administrator privilege and enter the following command and hit Enter:
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
This command will change the fDenyTSConnections value to 0. Now, you need to execute the following command to add rules in the Firewall:
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
After that, you will be able to use Remote Desktop in Windows 10.
In case you want to disable Remote Desktop using Command Prompt and Windows PowerShell, you need to enter these steps.
Related: Remote Desktop option is greyed out.
Disable Remote Desktop using Command Prompt or PowerShell
To disable Remote Desktop using Command Prompt and Windows PowerShell, follow these steps-
- Open Command Prompt or PowerShell with administrator privilege
- Set value of fDenyTSConnections REG DWORD as 1
- Add a Firewall rule
- Restart computer.
To know more, you need to read on.
Disable Remote Desktop using Command Prompt
You need to set the default value of fDenyTSConnections as 1. For that, use this command-
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f
Now you need to remove rules from the Firewall. For that, use this command-
netsh advfirewall firewall set rule group="remote desktop" new enable=No
Disable Remote Desktop using PowerShell
You need to change the value of fDenyTSConnections as 1. You can do that by using this command-
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 1
The second command will let you remove the rules from the Firewall:
Disable-NetFirewallRule -DisplayGroup "Remote Desktop"
How do I know if RDP is enabled or not?
If you want to know the status of the RDP protocol on your Windows 11/10 system, then open the Registry Editor. After that, access the Terminal Services and Terminal Server Registry keys. There, look for the fDenyTSConnections DWORD (32-bit) Value. If the value data of this value is set to 0, then RDP is enabled. If it is set to 1, then RDP is disabled.
How to restart the RDP service using PowerShell?
If you want to restart the Remote Desktop Services using PowerShell, then first open the Windows PowerShell as administrator. After that, execute the command given below:
Restart-Service -Force -DisplayName "Remote Desktop Services"
You can also use the following command to restart the RDP service:
Restart-Service -Force -Name "TermService"
That’s all! I hope this simple tutorial will be helpful for you.