Remotely Enabling Remote Desktop Protocol from Domain Controller

Note: these instructions pertain to enabling remote desktop support on a system within a domain from a domain controller. For instructions on enabling remote desktop support from a command line interface, such as a remote SSH connection, see Enabling Remote Desktop Protocol From the Command Line.

I needed to check a remote system for which I had received a report that performance was impaired. When I finally got time to check it tonight, it was fairly late and I didn't want to drive to the remote location to check it. I had remote access to the Windows Small Business Server (SBS) 2003 domain controller at the location via a Remote Desktop connection from one of the servers at my location, but the Windows XP Professional system which I needed to check at the remote location didn't have Remote Desktop functionality turned on.

Thanks to the article How can I remotely enable Remote Desktop on Windows Server 2003? by Daniel Petri, I was able to modify the registry on the Windows XP system at the remote site from the domain controller at that site. I was then able to connect to the Windows XP system using RDP from the SBS 2003 domain controller at that site or from my own server. The steps I followed to be able to establish the Remote Desktop connection are listed below.

  1. Click on Start.
  2. Select Run.
  3. Type regedit and click on OK.
  4. In regedit, click on File.
  5. Select Connect Network Registry.
  6. In the Select Computer window that appears, type the name of the system for which you wish to connect by RDP, e.g. ellie for a system by that name, in the Enter object name to select field.
  7. Click on Check names to verify it.
  8. Click on OK.
  9. At the bottom of the left-hand pane of the window, you will see the remote system listed, e.g. ellie in this example. The registry for the local computer is listed above under My Computer.

    Connect Network Registry

  10. Navigate to HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server registry key under the remote system's registry entries, in this case under ellie in the regedit window, and click on Terminal Server.
  11. In the right pane of the regedit window, for the Terminal Server key, scroll down to you see the fDenyTSConnections value name within it.

    fDenyTSConnections registry entry

  12. Double-click on the fDenyTSConnections value name, which will open a window where you should change its value from 1 to 0.

    fDenyTSConnections value

  13. After changing the value to 0, click on OK.
  14. Close the regedit window.
  15. Reboot the remote Windows XP system. You can do this from the server by getting a command prompt and then typing shutdown -r -f -m \\remsys, where "remsys" is the name of the remote system, e.g. shutdown -r -f -m \\ellie to shutdown a remote system named "ellie". I usually include the -f option, which forces open applications to close without warning on the remote system, if that system is unattended and I want to ensure that some open application doesn't keep the system from rebooting.

When the remote Windows XP system reboots, it should now be listening on the RDP port, which is TCP port 3389. If you have access to a command prompt on that system, you could verify that with a netstat command. 

C:\Documents and Settings\Administrator>netstat -a | find "3389"
  TCP    Ellie:3389             Ellie.example.com:0   LISTENING

From the server, you should now be able to establish a Remote Desktop connection by the following procedure.

  1. Click on Start.
  2. Select Adminsitrative Tools.
  3. Select Remote Desktops.

    Remote Desktops

  4. Right-click in the right-hand pane of the window and select Add new connection.

    Add new connection

  5. Fill in the details for the new connection, i.e. the server name or IP address, the connection name, which is whatever you wish to call it, and the username, password, and domain name. You can check "connect to console" as well, to see the system in the state the user is working on it, if you log in using the user's account. I leave it unchecked, if I'm going to be logging in as administrator. If you will login using the domain administrator's account, put the domain name in the Domain field. If you will be using the local administrator account on the Windows XP system, instead, put the name of the system in the Domain field, e.g. ellie, if I wanted to login with the local administrator's account to a system named Ellie.

    New connection details

  6. You can then click on the system in the left-hand pane of the Remote Desktops window to connect to it.

    Remote desktop connected

  7. You can right-click on the system's name in the left-hand pane of the Remote Desktops window and select Disconnect when you wish to disconnect.

References:

  1. How can I remotely enable Remote Desktop on Windows Server 2003?
    By: Daniel Petri
    Petri IT Knowledgebase
  2. Remote Desktop Protocol
    Wikipedia, the free encyclopedia
  3. Windows Registry
    Wikipedia, the free encyclopedia

Valid HTML 4.01 Transitional

Created: Saturday April 11, 2009 2:07 PM