Difference between revisions of "Enabling Remote Desktop Connections"
From WPKG | Open Source Software Deployment and Distribution
(updated info about enable RDP on Win10.) (Tags: Mobile edit, Mobile web edit) |
(fixed formatting) (Tags: Mobile edit, Mobile web edit) |
||
| Line 38: | Line 38: | ||
</source> | </source> | ||
| − | ---- I'm using this on Win10 Pro | + | ---- |
| + | I'm using this on Win10 Pro | ||
| + | <source lang="xml"> | ||
<package id="RemoteDesktop" | <package id="RemoteDesktop" | ||
name="Remote Desktop" | name="Remote Desktop" | ||
| Line 65: | Line 67: | ||
<remove cmd='netsh advfirewall firewall set rule group=â€Assistência Remota†new enable=no' /> | <remove cmd='netsh advfirewall firewall set rule group=â€Assistência Remota†new enable=no' /> | ||
</package> | </package> | ||
| − | + | </source> | |
---- | ---- | ||
Latest revision as of 00:20, 31 October 2017
In XP, you have Remote Desktop Connection / Terminal Sessions, disabled by default.
You can enable them with a simple registry edit.
The XML for WPKG will look like this:
<package
id="remotedesktop"
name="Remote Desktop"
revision="1"
reboot="false"
priority="0">
<check type="registry" condition="equals" path="HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\fDenyTSConnections" value="0" />
<install cmd='reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f' />
<upgrade include="install" />
<remove cmd='reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f' />
</package>
This will allow you to log on as Administrator (either domain or local) using Terminal Sessions.
A more complex scenario exists if the Terminal Service itself had been disabled; in which case the following is more suitable.
<package id="rdp" name="Remote Desktop" revision="3" reboot="true" priority="5">
<check type="logical" condition="or">
<check type="registry" condition="equals" path="HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\fDenyTSConnections" value="0" />
<check type="registry" condition="equals" path="HKLM\SYSTEM\CurrentControlSet\Services\TermService\Start" value="2" />
</check>
<install cmd='reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f' />
<install cmd='sc config termservice start= auto' />
<upgrade include="install" />
<remove cmd='reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f' />
<remove cmd='sc config termservice start= disabled' />
</package>
I'm using this on Win10 Pro
<package id="RemoteDesktop"
name="Remote Desktop"
revision="8"
execute="once"
reboot="false"
priority="500">
<check type="logical" condition="or">
<check type="registry" condition="equals" path="HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\fDenyTSConnections" value="0" />
<check type="registry" condition="equals" path="HKLM\SYSTEM\CurrentControlSet\Services\TermService\Start" value="2" />
</check>
<install cmd='reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f' />
<install cmd='reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v SecurityLayer /t REG_DWORD /d 0 /f' />
<install cmd='reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 0 /f' />
<install cmd='netsh advfirewall firewall set rule group=â€Assistência Remota†new enable=yes' />
<install cmd='sc config termservice start= auto' />
<!--MAYBE It's NEED TO USE : reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v TSEnabled /t REG_DWORD /d 1 /f -->
<upgrade include="install" />
<remove cmd='reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 1 /f' />
<remove cmd='sc config termservice start= disabled' />
<remove cmd='netsh advfirewall firewall set rule group=â€Assistência Remota†new enable=no' />
</package>
Question: how to enable Terminal Sessions for other, non-Administrator users?
Answer: That would involve adding those users to the Remote Desktop Users group. This cannot be done in the registry, but with the command net group "Remote Desktop Users" /add usernamehere.