You’re stuck in a jam. The remote workstation is on, the user isn’t there and you have a mandate.
“Install this software before you leave.” Of course the software just happens to be the one application you CAN’T just push. It needs a local install. “UGH!” your brain says to the world.
No problem. As long as the computer is on your network, you can enable Remote Desktop access.
First you need to have local Administrative rights on the computer in question.
Launch REGEDIT and Choose File/Connect Network Registry
In the provided box, enter in the name of the computer
Once connected you’ll have a new option near the bottom.
Under the “2nd” HKEY_LOCAL_MACHINE (which is that nasty remote computer) Navigate to
HKEY_LOCAL_MACHINE\System\Current Control Set\Control\TerminalServer
Edit the value called fDenyTSConnections and change from 1 to 0
change from 1 to 0
Now if you’re running Windows XP, you’re probably done and can happily remote in.
With Windows 7 and Windows Vista there’s an extra step, you need to enable two rules on the Firewall
Navigate to the following registry key
HKEY_LOCAL_MACHINE\System\Current Control Set\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
You’ll see a pile of values. Find the one named “RemoteDesktop-In-TCP”
You’ll see a LOOOOOOOONNNNNG string of data in there. Near the very beginning it will read something along the lines of what you see below
Edit the Active=FALSE to ACTIVE=TRUE so it reads as in the box below. Click OK
Then execute the following command in a command prompt.
SHUTDOWN –f –r –t 0 –m \\COMPUTERNAME
Where “COMPUTERNAME” is the NETBIOS name of the PC
SHUTDOWN –f –r –t 0 –m x.x.x.x
Where x.x.x.x is the IP address of the computer
Now you COULD probably trigger this via GPO and Preferences too. But on the Enterprise why would you? Baaaaaad!
But in Small Business environments I have seen the need for this, so it COULD be set in those instances. Of course you’ll have to remember add anybody who SHOULD be remoting to the local computer group “Remote Desktop Users”
A handy thing to know how to do, especially if you are effectively “Locked away” from physical access to a managed machine.
The Energized Tech