To enable Remote Desktop from CMD in Windows, you can use the reg command to modify the system registry and then enable the firewall rule for RDP. For example, running reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f will turn on Remote Desktop, and then you should execute netsh advfirewall firewall set rule group="remote desktop" new enable=Yes to allow connections through the firewall. This method is especially useful for administrators who need to enable RDP quickly without using the GUI.
Why Use CMD to Enable Remote Desktop?
Using CMD to enable Remote Desktop offers several advantages:
- Speed: Quickly enable RDP without navigating through menus.
- Automation: Use scripts to enable RDP on multiple machines.
- Remote Management: Ideal for scenarios where you only have command-line access.
- Flexibility: CMD can access advanced settings that are not always available in the graphical interface.
Prerequisites
Before enabling Remote Desktop from CMD, ensure the following:
- You have administrative privileges on the computer.
- The computer runs a Windows version that supports remote desktops, such as Windows 10 Pro, Enterprise, or Windows Server editions.
- Ensure the Windows Firewall and network settings allow Remote Desktop connections.
Step-by-Step Guide How to Enable Remote Desktop from CMD
Step 1: Open Command Prompt as Administrator
- Click Windows + S to open the search bar.
- Type cmd & right-click on the “Order Prompt” result.
- Select Run as administrator.
Step 2: Enable Remote Desktop
To enable Remote Desktop, you need to modify the Windows registry and configure firewall rules. Here’s how:
1. Modify the Windows Registry
The registry key that controls Remote Desktop is located at:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server
Run the following command to enable Remote Desktop:
reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
- /v: Specifies the registry value name (fDenyTSConnections).
- /t: Specifies the type of the value (REG_DWORD).
- /d: Sets the value data to 0 (enables RDP).
- /f: Forces the operation without confirmation prompts.
2. Configure Network Level Authentication (Optional)
Network Level Authentication (NLA) enhances security by requiring users to authenticate before establishing a Remote Desktop connection. To enable NLA, run:
reg add "HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 1 /f
Setting UserAuthentication to 1 enables NLA.
Step 3: Open Firewall Ports
Remote Desktop requires specific firewall rules to allow incoming connections. By default, RDP uses TCP port 3389. Use the following command to enable the necessary firewall rule:
netsh advfirewall firewall set rule comunitys="Remote Desktop Protocol (RDP)" new enable=yes
This command activates the pre-configured firewall rules for Remote Desktop.
If you’re using a custom port, you need to create a new rule. For example:
netsh advfirewall firewall join rule name="Custom Remote Desktop (RDP)" protocol=TCP dir=in localport=3389 action=permit
Replace 3389 with your custom port number if necessary.
Step 4: Verify Remote Desktop Settings
To confirm that Remote Desktop is enabled, you can:
- Check the registry value for fDenyTSConnections. Run:
reg query "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections
If the output shows 0x0, Remote Desktop is enabled.
- Verify the firewall rules. Run:
netsh advfirewall firewall show rule name="Remote Desktop"
Ensure the rule is enabled and configured correctly.
- Check the registry value for fDenyTSConnections. Run:
Step 5: Enable Remote Desktop Services
If Remote Desktop still doesn’t work, ensure the Remote Desktop Services are running. Use the following commands:
- To start the Remote Desktop Services:
sc config TermService start= auto
sc start TermService
- To check the status of the service:
sc query TermService
The output should indicate that the service is starting.
Step 6: Connect to the Remote Computer
Once Remote Desktop is enabled, you can connect to the remote PC using the RDP client:
- Press Windows + R, write mstsc, & hit Enter.
- Submit the IP address or hostname of the RDP Personal Computer.
- Press Merger & log in with the adequate credentials.
Automating the Process with a Batch File
If you need to enable Remote Desktop on multiple machines, consider creating a batch file. Here’s an example:
@echo off rem Enable Remote Desktop reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f rem Enable Network Level Authentication reg add "HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 1 /f rem Open Firewall for Remote Desktop netsh advfirewall firewall set rule comunity="Remote Desktop" new enable=yes rem Start Remote Desktop Services sc config TermService start= auto sc start TermService @echo Remote Desktop enabled successfully.
Save the file as EnableRDP.bat and run it as an administrator on each computer.
Troubleshooting
If Remote Desktop is not working after following the above steps, consider the following:
- Firewall Issues: Verify the firewall rules using netsh advfirewall firewall show rule name=”Remote Desktop”.
- Service Status: Ensure the TermService service is running.
- Network Configuration: Check that the remote computer’s IP address is reachable.
- Port Conflicts: Ensure no other application is using port 3389.
- Windows Version: Confirm that the remote computer’s Windows edition supports Remote Desktop.
Conclusion
Enabling Remote Desktop through CMD is a powerful method, especially for IT professionals managing multiple devices. By modifying the registry, configuring firewall rules, and ensuring the Remote Desktop Services are running, you can enable RDP efficiently. Whether for automation or troubleshooting, CMD provides a flexible and scriptable way to manage Remote Desktop settings.
