Powershell – Enabling RDP remotely

By default on a Windows Server Product Windows Remote Management (WinRM) is enabled, but Remote Desktop (RDP) is Disabled.  On workstation operating systems neither is enabled by default, so if you want to be able to accomplish the following you will need to enable WinRM on the workstations.

Enabling RDP remotely.

Method 1:  Command Line

To enable RDP with the Command Prompt, use the following steps.

  1. Launch the Command Prompt as Administrator.
  2. Type the following command:

 

Note:  Computername is the name of the computer you wish to enable RDP on.

NOTE:  Enabling RDP through the Command Prompt will not configure the Windows Firewall with the appropriate ports to allow RDP connections.

NOTE:  By default the local Administrators group will be allowed to connect with RDP.  Also the user that is currently logged in will also be allowed to connect.

To disable RDP with the Command Prompt, use the following steps.

  1. Launch the Command Prompt as Administrator.
  2. Type the following command:

 

Method 2:  Using PowerShell

To enable RDP with the PowerShell, use the following steps.

Option 1

To enable RDP:

  1. Launch PowerShell as Administrator.
  2. Type the following command and create a script block and use the Invoke-Command cmdlet:

 

You may also like:  Using PowerShell to convert to the Full Graphical Shell on a Windows Server 2012 R2 Datacenter Core Edition

NOTE:  Enabling RDP through PowerShell will not configure the Windows Firewall with the appropriate ports to allow RDP connections.

Type the following:

 

NOTE:  By default the local Administrators group will be allowed to connect with RDP.  Also the user that is currently logged in will also be allowed to connect.

To disable RDP with the PowerShell, use the following steps.

  1. Launch PowerShell as Administrator.
  2. Type the following command:

 

Option 2

To enable RDP RDP with the PowerShell, use the following steps.

  1. Launch PowerShell as Administrator.
  2. Create a PS Session with the desired target computer.
  3. Type the following command once possession is established:

 

NOTE:  Enabling RDP through PowerShell will not configure the Windows Firewall with the appropriate ports to allow RDP connections.

Type the following:

 

NOTE:  By default the local Administrators group will be allowed to connect with RDP.  Also the user that is currently logged in will also be allowed to connect.

To disable RDP RDP with the PowerShell, use the following steps.

  1. Launch PowerShell as Administrator.
  2. Create a PS Session with the desired target computer.
  3. Type the following command once possession is established:
You may also like:  How to use CSVDE Comma Separated Value Data Exchange to Import and Export users into an Active Directory Database in Windows Server 2016

 

Method 3:  Use Group Policy

If you have numerous Servers and/or Workstations that you need to enable RDP on and they are in the same Organization Unit structure in Active Directory you should enable RDP through Group Policy.

To enable RDP Using Group Policy.

  1. Launch the Group Policy Management Console (GPMC)
  2. Either edit an existing Group Policy Object (GPO) or create a new GPO.
  3. Navigate to the following GPO node:

Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections

001-connections-Remotely-Enable-and-Disable-RDP-Remote-Desktop

  1. In the Settings pane double click Allow users to connect remotely by using Remote Desktop Services.

002-allow-users-Remotely-Enable-and-Disable-RDP-Remote-Desktop

  1. Select the Enable Radial button select OK.

003-Remotely-Enable-and-Disable-RDP-Remote-Desktop

  1. Close the GPO editor and link the GPO to the appropriate Organizational Unit.

NOTE:  Enabling RDP through GPO will configure the Windows Firewall with the appropriate ports to allow RDP connections.

Note:  In all the methods demonstrated in this blog any member of the local Remote Desktop Users group will be able to connect to the target computers.

Until next time

Posted on

Leave a Reply

Your email address will not be published. Required fields are marked *