Azure Local – Enable Remote Desktop (RDP)

It is recommended to keep RDP disabled, but sometimes we need RDP access (e.g. troubleshooting around failed updates that require manual install of patches or modules).

Here is how to enable RDP via PowerShell Remoting from another device in the same domain (Requires access from the source server to the target server on the network):

# Establish a session with Remote Session
Enter-PSSession -ComputerName server.domain.local -Credential domain\administrator

# Enable Remote Desktop
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -name "fDenyTSConnections" -Value 0

# Activate the firewall rule
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

# Enable authentication via RDP
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" -name "UserAuthentication" -Value 1

Once we are done, we should disable RDP again using similar commands:

# Establish a session with Remote Session
Enter-PSSession -ComputerName server.domain.local -Credential domain\administrator

# Enable Remote Desktop
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Control\Terminal Server" -name "fDenyTSConnections" -Value 1

# Activate the firewall rule
Disable-NetFirewallRule -DisplayGroup "Remote Desktop"