Remote Desktop Firewall

Remotely enable Remote Desktop in Windows 7

Overcoming firewall obstacles

Windows 7 doesn’t allow Remote Desktop connections by default – this has to be enabled by the user (or set via group policy). What happens if you’re in a bind and need quick remote access to a desktop? If you’re in a domain environment you may just be in luck. There are four steps needed to remotely enable RDP connections.

  1. Open ports in the Windows firewall
  2. Start the Remote Registry service
  3. Change a registry setting to enable Remote Desktop
  4. Start the Remote Desktop service

For this guide I assume you are on the same LAN as the remote computer you want to access (you may already have RDP’ed into a server on that LAN), and you are logged in as a Windows user with administrative privileges for the remote computer you are wishing to access.

This isn’t likely to work work if you are on the other side of an agressive firewall.

Note: If you have access to the computer, you can follow the standard procedure for enabling Remote Desktop.

Step 1: Open ports in the Windows firewall

There is no native way to change the settings of a remote Windows firewall. However, you can use PsExec from SysInternals to disable it or change some rules.

If you download the app and drop it into your c:\ drive, you can run this command and get command line access for that remote box.

c:\psexec \\remote_machine_name cmd

Once you have that command line open, you can run this command to disable the firewall:

netsh advfirewall set currentprofile state off

Alternatively you can run this command to allow only Remote Desktop while still leaving the rest of the firewall as is:

netsh advfirewall firewall set rule group=”remote desktop” new enable=Yes

Get the Media Realm Email Newsletter

Sign up for the email newsletter about media and technology. Sent irregularly. No spam.

Step 2: Start the Remote Registry service

Load up the Services MMC (Control Panel > Administrative Tools > Services), right click on “Services (Local)” and choose “Connect to another computer”. Enter the name of your remote machine and connect to it. You should now be able to find the “Remote Registry” service and start it.

Depending on your environment, this may already be running, but I have found it generally isn’t on fresh computers.

Step 3: Change a registry setting to enable Remote Desktop

It’s time to make use of the Remote Registry and actually enable RDP. Load up regedit and go to File > Connect Network Registry. Enter the name of your remote computer and connect to it. Navigate to HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > Terminal Server. Change the value of “fDenyTSConnections” to “0”.

Step 4: Start the Remote Desktop service

Go back to the Services MMC you used in Step 2. Find the service “Remote Desktop Services” and start it (or restart if it is already running).

Step 5: Connect

By this point you should be able to connect to a remote desktop session on your remote computer. Remember that only administrative users can connect to an out-of-the-box Remote Desktop setup. If you have got this far and still can’t connect, it is worth checking your firewall rules to ensure nothing is being blocked.

Anthony Eden is a technologist. He's been developing software and websites and working in broadcast media for over 8 years now. He works full time for Hope Media, and provides contract services through Media Realm.

Follow Anthony on Twitter: @anthony_eden or Google+

Get the Media Realm Email Newsletter

Sign up for the email newsletter about media and technology. Sent irregularly. No spam.