Jump to content

Activate Remote Desktop Connection + Firewall

Incroyable HULK
 Share

Recommended Posts

Incroyable HULK

Incroyable HULK

Posted
Posted

Hello all,

I have this regtweak that enable the RDC in the Control Panel:

;Activate Remote Desktop Connection
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]
"fDenyTSConnections"=dword:00000000
"fAllowToGetHelp"=dword:00000001

I've been searching around but I still haven't found what I am looking for (nice tune from U2)

I want to enable the RDC in the SP2 Firewall as well!

Usually, if you click to activate the RDC, the firewall will be configured automatically but not with this regtweak

Any tweak?

Link to comment
Share on other sites

jfmartel

jfmartel

Posted
Posted

Use this in your reg tweak file

;Enable remote desktop

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]

"fDenyTSConnections"=dword:00000000

Use this in your winnt.sif file

[TerminalServices]

AllowConnections=1

PermissionsSetting=0

For your exception

Add

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] OR

<EDIT>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]</EDIT>

"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"

"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"

"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"

"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"

"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"

In my case it's domain profile (other could be standard profile)

You should set your tweak in your Windows Firewall control panel.

Then export your key and add it to your regtweaks file

Hope this help!

<EDIT>Sorry for error</EDIT>

Link to comment
Share on other sites
Ghost82

Ghost82

Posted
Posted
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] OR

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"

"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"

"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"

"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"

"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"

In my case it's domain profile

erhm... both keys are the same?

Link to comment
Share on other sites
Incroyable HULK

Incroyable HULK

Posted
  • Author
Posted

Hum... It didn't work :(

I used this one since our computers are not joined to the domain during the Unattended Installation process

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\SandardProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"

Any ideas?

Link to comment
Share on other sites
jfmartel

jfmartel

Posted
Posted

Havent tried it, i don't know if joining the domain would overwrite the value.....but thats a good idea.

But you can try it. That would preconfigure them.

Once your computer has joined the domain, you can tweak the Firewall with the GPOs

Hope this help!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...