Remote Desktop Frequently Asked Questions

Complete FAQ for the Windows Remote Desktop Protocol (RDP)

Remotely enable remote desktop

Sometimes you're in a situation where you want to remotely access a computer, but Remote Desktop/Terminal Services isn't enabled on the machine. You might think you're stuck at this point, but if you have credentials on the machine and can remotely access the registry, you can actually enable remote desktop remotely.

The easy way to do this is through group policy. If you have access, you can change the following setting:

Group Policy Setting: Computer Configuration » Administrative Templates » Windows Components » Terminal Services » Allows users to connect remotely using Terminal Services

If you don't have access to group policy, here's the procedure to make the change through the registry:

  1. Start Registry Editor on your local machine (by default, this is located at c:\windows\regedit.exe)
  2. Click the File menu, then click "Connect Network Registry"
  3. Either type the name of the remote server in the dialog box or browse Active Directory to locate the machine
  4. Click OK
  5. You may get a credentials screen – if so, enter in the credentials for the machine and hit OK
  6. You are now connected to the registry of the remote computer
  7. Go to the following registry key:


  8. If the fDenyTSConnections value doesn't exist, create a new DWORD value named fDenyTSConnections
  9. Open the fDenyTSConnections value. The possible values for this setting are as follows:
    Enable remote desktop
    Disable remote desktop
  10. Change the value from 1 (disable remote desktop) to 0 (enable remote desktop) and click OK
  11. To make the change take effect, you will need to reboot the remote server
  12. You can reboot the remote server by opening a command prompt and executing the following command:
    shutdown /m \\servername /r
  13. Wait for the remote server to reboot – this usually takes a minute or two
  14. Remote Desktop is now enabled on the remote machine

You can also make this change through the command prompt:

reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0x00000000 /f