Remotely enable remote desktop
Sometimes you're in a situation where you want to remotely access a computer, but Remote Desktop/Terminal Services isn't enabled on the machine. You might think you're stuck at this point, but if you have credentials on the machine and can remotely access the registry, you can actually enable remote desktop remotely.
The easy way to do this is through group policy. If you have access, you can change the following setting:
Group Policy Setting: Computer Configuration » Administrative Templates » Windows Components »
Terminal Services » Allows users to connect remotely using Terminal Services
If you don't have access to group policy, here's the procedure to make the change through the registry:
- Start Registry Editor on your local machine (by default, this is located at
c:\windows\regedit.exe
) - Click the File menu, then click "Connect Network Registry"
- Either type the name of the remote server in the dialog box or browse Active Directory to locate the machine
- Click OK
- You may get a credentials screen – if so, enter in the credentials for the machine and hit OK
- You are now connected to the registry of the remote computer
- Go to the following registry key:
HKEY_LOCAL_MACHINE\
System\CurrentControlSet\Control\TerminalServer - If the fDenyTSConnections value doesn't exist, create a new DWORD value named fDenyTSConnections
- Open the fDenyTSConnections value. The possible values for this setting are
as follows:
- 0x0
- Enable remote desktop
- 0x1
- Disable remote desktop
- Change the value from 1 (disable remote desktop) to 0 (enable remote desktop) and click OK
- To make the change take effect, you will need to reboot the remote server
- You can reboot the remote server by opening a command prompt and executing the following
command:
shutdown /m \\servername /r
- Wait for the remote server to reboot – this usually takes a minute or two
- Remote Desktop is now enabled on the remote machine
You can also make this change through the command prompt:
reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0x00000000 /f