Tuesday, November 12, 2013

Enable remote desktop from command line remotely


To enable remote desktop.
§  Open registry editor by running regedit from Run.
§  Go to the node HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server
§  Change the data of the value fDenyTSConnections to 0.

PsTools:-
psloggedon.exe –l
psloggedon.exe \\ <ip> or <comp name>
psloggedon.exe <username>
Eg:-
psexec.exe \\ipaddress cmd

Download Link:


First run this PsTool  your local pc to access the command prompt of user remotely :

psexec.exe \\ipaddress cmd

or

psexec.exe \\computername  cmd

Now you will get cmd of the remote user

Then We can enable remote desktop from windows command line by running the following command.

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

To disable remote desktop we need to run the below command.

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f

Reboot or logoff is not required after running the above command. I have tested this on Windows XP and Windows 7 and it has worked fine. It would work fine on Windows Vista too.

To enable Remote assistance:

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fAllowToGetHelp /t REG_DWORD /d 1 /f

You can run the below command for each user you want to allow to connect remotely.

net localgroup “Remote Desktop Users” Domain\Loginid /add

If you have a group of domain users and want to allow the whole group to do remote desktop on the computer, you can do that as well with a single command. Just replace the loginid in the above command with the group name.

net localgroup “remote desktop users” “group name”  /add
net localgroup “remote desktop users” “domain users”  /add


Enabling/Disabling Windows Firewall from cmd remotely:

First run this PsTool  your local pc to access the command prompt of user remotely :

psexec.exe \\ipaddress cmd

or

psexec.exe \\computername  cmd

Now you will get cmd of the remote user


For win7 :

Netsh advfirewall set allprofiles state off
Netsh advfirewall set allprofiles state on
netsh advfirewall firewall set rule group="remote desktop" new enable=Yes
netsh advfirewall firewall set rule group="remote desktop" new enable=No


For xp :

netsh firewall show opmode
netsh firewall set opmode disable
netsh firewall set opmode enable