How to enable Remote Desktop Using PowerShell

Remote Desktop is very common still for many companies remote users to use, not all users needed since they most likely use VPN to get access to apps or just using the cloud-based. PowerShell is a new way to make changes to your remote computer lot easier than opening GUI and waiting for it to load and make changes. If you are admin of the network, it’s very easy to make changes and get the status of remote computer settings. Here in this post will do the Remote Desktop enable using PowerShell, let’s get started it

Computer or server must meet the following requirements:

  • The WinRM service should be started
  • You must have administrator permissions on the remote device
  • Firewall rule should be set to allow RDP connection default port 3389 if you have changed the default port make sure to add to your firewall rule

To start the session from your Windows 10 computer or Windows server, open PowerShell with Administrator

Command: Enter-PSSession -ComputerName YourRemoteComputerName or IP address -Credential domain\administrator

Once you are connected to a remote computer or server, you can run the following command to get current status:

Get-ItemProperty -Path ‘HKLM:\System\CurrentControlSet\Control\Terminal Server’-name “fDenyTSConnections”

Then to change the setting to allow RDP connection, just run following:

Set-ItemProperty -Path ‘HKLM:\System\CurrentControlSet\Control\Terminal Server’-name “fDenyTSConnections” -Value 0

You should also make sure that you have only secured RDP authentication (NLA – Network Level Authentication) to check  run the command: you should see 1

Get-ItemProperty -Path ‘HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp’ -name “UserAuthentication”

 If you see 0 then set it to 1 by running:

Set-ItemProperty -Path ‘HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp’ -name “UserAuthentication” -Value 1

To test the Remote Desktop connection:

Test-NetConnection ComputerName or IP address -CommonTCPPort RDP

That’s it for now, here is a screenshot of the GUI look like after you have enabled the RDP

Note: if the user whom RDP into this remote computer is not admin user you need to add them to a remote desktop group, if you want to do via PowerShell you can check this post out: How to add a local user to windows 10 via PowerShell