# Enable Remote Desktop by modifying the registry
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0
# Check if there is any existing firewall rule for port 3389 (RDP)
$ExistingRule = Get-NetFirewallRule -Direction Inbound | Where-Object { $_.LocalPort -eq 3389 }
# Enable the rule if it exists
if ($ExistingRule) {
$ExistingRule | Enable-NetFirewallRule
"Existing Remote Desktop firewall rules have been enabled."
} else {
# Create a new firewall rule if no existing rule is found
New-NetFirewallRule -DisplayName "Allow RDP" -Direction Inbound -LocalPort 3389 -Protocol TCP -Action Allow
"No existing rule found, a new Remote Desktop firewall rule has been created and enabled."
}
# Enable Network Level Authentication (NLA) by modifying the registry
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -value 1
# Check if Remote Desktop service has been enabled
$RDPStatus = (Get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server').fDenyTSConnections
if ($RDPStatus -eq 0) {
"Remote Desktop is enabled"
} else {
"Remote Desktop is not enabled"
}
KAGAYA's Blog 