How to Enable Remote Desktop Protocol (RDP) Using Command Prompt (CMD)

How to Enable Remote Desktop Protocol (RDP) Using Command Prompt (CMD)

Remote Desktop Protocol (RDP) is a powerful tool that allows users to connect to a computer remotely over a network or the internet. It’s especially useful for IT administrators, remote workers, and anyone who needs to access their system while away from their desk. In this blog, we’ll cover how to enable RDP using the Command Prompt (CMD) in Windows.

Prerequisites

Before proceeding, ensure the following:

1. You have administrative privileges on the system where you want to enable RDP.
2. The system is running a version of Windows that supports Remote Desktop, such as Windows Professional, Enterprise, or Server editions.

Steps to Enable RDP Using CMD

Step 1: Open Command Prompt as Administrator

To enable RDP, you need administrative privileges. Follow these steps:

1. Press Win + S and type cmd.
2. Right-click on “Command Prompt” and select “Run as administrator.”

Step 2: Enable Remote Desktop

Use the following command to enable RDP:

reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

This command modifies the Windows registry to allow incoming Remote Desktop connections by setting the fDenyTSConnections value to 0.

Step 3: Allow RDP Through the Firewall

By default, the Windows Firewall blocks RDP traffic. Use this command to create a firewall rule to allow RDP:

netsh advfirewall firewall set rule group="Remote Desktop" new enable=Yes

This ensures that the firewall permits RDP traffic on the default port (TCP 3389).

Step 4: Verify the Configuration

You can verify that RDP is enabled by checking the status of the registry key. Use the following command:

reg query "HKLM\System\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections

If the output shows 0x0, RDP is enabled.

Additionally, verify that the firewall rule is active by running:

netsh advfirewall firewall show rule name="Remote Desktop"

Step 5: Optional – Change RDP Port (Advanced)

For added security, you can change the default RDP port. Use this command to modify the registry:

reg add "HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber /t REG_DWORD /d <NewPortNumber> /f

Replace <NewPortNumber> with your desired port number, e.g., 3390. After changing the port, ensure the firewall rule is updated to reflect the new port.

Step 6: Restart the Remote Desktop Service

For the changes to take effect, restart the Remote Desktop service using this command:

net stop termservice && net start termservice

Testing RDP Access

After enabling RDP, you can test the connection from another computer:

1. Open the Remote Desktop Connection application (mstsc) on the client machine.
2. Enter the IP address or hostname of the target computer.
3. Click “Connect” and log in with the credentials of a user account on the target system.

Troubleshooting Tips

• Ensure the user account has permission to access RDP. Add the user to the “Remote Desktop Users” group if needed:

net localgroup "Remote Desktop Users" <username> /add

• Verify that the network allows RDP traffic if you are behind a corporate firewall or NAT.
• Use the ping command to test connectivity between the client and server:

ping <target_IP>

Conclusion

Enabling RDP using Command Prompt is a straightforward process that provides flexibility and control, especially in headless or remote scenarios. By following the steps outlined in this guide, you can quickly set up and manage RDP access to your system. For enhanced security, consider changing the default RDP port and enabling Network Level Authentication (NLA).

With RDP enabled, you can enjoy seamless access to your system from virtually anywhere!

​

How to Enable Remote Desktop Protocol (RDP) (F.A.Q)