The Windows 10 Remote Desktop feature lets users access remote computers and servers, allowing them to assist end-users without being physically on-site. One example of this would be if users are fixing a system currently in “Recovery Mode”, only possess SSH access to servers lacking KVM, or pre-configuring a build for deployment.
Conveniently, by setting a registry value, it’s possible for users to enable RDP from the command line (or disable) at will.
While users can set up the RDP feature via the Settings app, they can also enable RDP on Windows 10 with Command Prompt. This method can be used by anyone looking to create scripts that expedite configuring Remote Desktop on more than one computer at a time.
Alternatively, users can send the aforementioned scripts to a remote end-user, permitting them to enable/disable Remote Desktop automatically (without them having to take any additional steps).
The guide below demonstrates how to enable Remote Desktop on Windows 10 with CMD, and open the necessary firewall ports that allow for a successful connection on a Windows 10 machine.
Please note: Windows 10 Home lacks the Remote Desktop feature. Only Windows 10 Pro, Enterprise, and Education have Remote Desktop. Additionally, users should also create a complete backup of the computer prior to altering the commands. Why? Because any mistakes made during registry modification can irreversibly ruin a system.
Enable remote desktop using Command Prompt
To enable Remote Desktop via the command line, follow the steps below:
Step 1: Open the Windows 10 Start menu.
Step 2: Search “Command Prompt”, and right-click the first result that appears.
Step 3: Select “Run as Administrator”.
Step 4: To enable remote desktop via CMD, enter the following command and hit Enter:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
Please note: Using Command Prompt to enable RDP doesn’t configure the Windows Firewall with the ports that permit RDP connections.
Additional note: The local Administrator group can connect with Remote Desktop Protocol by default. Additionally, all currently logged-in users can also connect.
The following is optional: Enable Remote Desktop via Windows Firewall by entering the following command:
netsh advfirewall firewall set rule group="remote desktop" new enable=Yes
After completing the steps above, RDP will be enabled, allowing users to remotely access devices.
To finely tune the RDP connection, see this guide for the additional MSTSC command line options that will allow you to access the remote computer as an admin, open the connection in full screen, and much more.
How to disable remote desktop with command prompt
Now that we’ve learned how to use CMD to enable RDP, it’s time to go over how to disable RDP using Command Prompt:
Step 1: Open the Start menu.
Step 2: Search “Command Prompt”, then right-click the first result.
Step 3: Choose “Run as Administrator” from the pop-up list.
Step 4: Disable RDP by entering the following command:
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f
The following is optional: Disable Remote Desktop (via the Windows Firewall) by typing the following command, then hit Enter.
netsh advfirewall firewall set rule group="remote desktop" new enable=No
Upon the completion of the steps outlined above, Remote Desktop services are disabled, and the Windows Firewall port is closed.
In this article, we only utilized Command Prompt, but the same commands can be utilized with PowerShell to configure Remote Desktop Protocol.