If you want to open the remote desktop connectivity on a remote computer, you have few options. There is one that is very easy to find on posts – change the registry key: hklm\system\currentcontrolset\control\terminal server, key fDenyTSConnections to value 0. The second option is to propagate the same registry key with group policy (maybe this is the best choice).
However, what to do if you need to connect to the remote computer in this moment and there is no possibility to connect to the remote registry (remote registry service is disabled)? You can use a simple trick to execute commands on remote computer. The easiest way is psexec (you can download it here) and execute two commands:
- psexec \\remotemachine reg add “hklm\system\currentcontrolset\control\terminal server” /f /v fDenyTSConnections /t REG_DWORD /d 0
- psexec \\remotemachine netsh advfirewall firewall set rule group=”remote desktop” new enable=yes
This will enable the Firewall rule and change a registry key also in a situation where all other trying would fail. Be careful with firewall profiles. If you want to open RDP only for domain or private profile, you have to modify the command line properly..