I'm sure you have faced a situation at some point when you needed to RDP in to a client machine but without any luck. That is because the computer must have not had the RDP connections enabled. Even though the "termservice" daemon was running, the access and firewall rules were not enabled for the box. As a result you got this error message:
Luckily, if you know the credentials of an administrator account. Either domain or local it doesn't matter, you will gain access to the box fairly easily.
We use the famous PSTools to establish a remote shell. Use the command prompt to change the settings on the box, by editing the registry.
Here, the client computer is called client.jd0e.com.
# Establishing the remote shell with the client computer psexec \\CLIENT01.jd0e.com -s cmd.exe # Changing the registry keys to enable incoming RDP connections reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v SecurityLayer /t REG_DWORD /d 0 /f # If needed, the windows firewall can be disabled temporarily with this command netsh advfirewall set allprofiles state off
In the open shell window we get the confirmation back:
A logged on user would see the RDP connection settings changing to "allowed", meaning RDP is receiving incoming connections on the computer.
Now we can make the remote desktop connection! 🙂