Forgot to enable RDP on a newly deployed Windows machine? Instead of physically going to the console, use this PowerShell command to enable Remote Desktop and open the necessary firewall ports.

The Fix

# Replace 'TargetComputerName' with the actual hostname or IP of the remote machine
$computerName = "TargetComputerName"

# Enable Remote Desktop Service
(Get-WmiObject -Class "Win32_TerminalServiceSetting" -Namespace "root\cimv2\TerminalServices" -ComputerName $computerName).SetAllowTSConnections(1) | Out-Null

# Enable firewall rule for RDP (TCP port 3389)
Invoke-Command -ComputerName $computerName -ScriptBlock {
    Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
}

Why it works

  • The first line uses WMI to directly configure the Terminal Services setting to allow RDP connections. The second part uses Invoke-Command to remotely enable the built-in Windows Firewall rules for Remote Desktop.

Verify

# From your local machine
Test-NetConnection -ComputerName TargetComputerName -Port 3389
  • If successful, the TcpTestSucceeded property should show True. You can then attempt to connect via Remote Desktop Client.

Notes

  • Requires winrm service to be running on the target computer.
  • Requires current user to have administrative privileges on the remote machine.
  • Remote PowerShell (WinRM) must be enabled on the target (Enable-PSRemoting).

Techworks Blog