INFORMATICS

The Best

Enable or Disable RDP - Registry (Windows)

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive
 

nable or Disable RDP - Registry (Windows)

Method 1: CMD

You can use the change logon command to display the status of current logons or to disable and enable logons from Terminal Services clients.

When you disable logons, current users are NOT affected, but new client sessions will NOT connect to the server.

NOTE: You must have administrative privileges to use the change logon command.

When you open a CMD prompt on the terminal server and type change logon /?, you receive:

Enable or disable session logins.

CHANGE LOGON \{/QUERY | /ENABLE | /DISABLE\}

  /QUERY    Query current session login mode.
  /ENABLE   Enable user login from sessions.
  /DISABLE  Disable user login from sessions.

NOTE: Logons from the console session are not affected. 

NOTE: If you restart the server, logons are enabled. 

NOTE: If you disable logons from a client session and then log off, you must log on to the console to enable further logons.

NOTE: When you disable logons, you receive: Session logins are currently DISABLED. When you enable logons, you receive: Session logins are currently ENABLED.

NOTE: When logons are disabled, a client attempting to connect will receive:

Remote logins are currently disabled.

 

Method 2: Using Registry

Allow or prohibit Remote Desktop connections to your Windows machine through Command Prompt or PowerShell.

Run the required command from shell with Administrative privileges.

To enable RDP:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

To disable RDP:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f

Solution

Often administrators need to have exclusive access to the server and be able to block such access by users. In such situations, it is required to temporarily disable logging in via the RDP protocol. We do this with the commands shown.

 

Method 2:  Using PowerShell

To enable RDP with the PowerShell, use the following steps.

Option 1

To enable RDP:

  1. Launch PowerShell as Administrator.
  2. Type the following command and create a script block and use the Invoke-Command cmdlet:

NOTE:  Enabling RDP through PowerShell will not configure the Windows Firewall with the appropriate ports to allow RDP connections.

Type the following:

To disable RDP with the PowerShell, use the following steps.

  1. Launch PowerShell as Administrator.
  2. Type the following command:

 

Method 3:  Use Group Policy

If you have numerous Servers and/or Workstations that you need to enable RDP on and they are in the same Organization Unit structure in Active Directory you should enable RDP through Group Policy.

To enable RDP Using Group Policy.

  1. Launch the Group Policy Management Console (GPMC)
  2. Either edit an existing Group Policy Object (GPO) or create a new GPO.
  3. Navigate to the following GPO node:

Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections

Search