Incroyable HULK Posted February 10, 2005 Share Posted February 10, 2005 Hello all,I have this regtweak that enable the RDC in the Control Panel:;Activate Remote Desktop Connection[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]"fDenyTSConnections"=dword:00000000"fAllowToGetHelp"=dword:00000001I've been searching around but I still haven't found what I am looking for (nice tune from U2)I want to enable the RDC in the SP2 Firewall as well! Usually, if you click to activate the RDC, the firewall will be configured automatically but not with this regtweakAny tweak? Link to comment Share on other sites More sharing options...
jfmartel Posted February 10, 2005 Share Posted February 10, 2005 Use this in your reg tweak file;Enable remote desktop[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server]"fDenyTSConnections"=dword:00000000Use this in your winnt.sif file[TerminalServices] AllowConnections=1 PermissionsSetting=0For your exceptionAdd[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] OR<EDIT>[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]</EDIT>"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009""139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004""445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005""137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001""138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"In my case it's domain profile (other could be standard profile)You should set your tweak in your Windows Firewall control panel.Then export your key and add it to your regtweaks fileHope this help!<EDIT>Sorry for error</EDIT> Link to comment Share on other sites More sharing options...
Ghost82 Posted February 10, 2005 Share Posted February 10, 2005 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] OR[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009""139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004""445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005""137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001""138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"In my case it's domain profileerhm... both keys are the same? Link to comment Share on other sites More sharing options...
jfmartel Posted February 10, 2005 Share Posted February 10, 2005 Edited my postThanks for notification.... Link to comment Share on other sites More sharing options...
Incroyable HULK Posted February 11, 2005 Author Share Posted February 11, 2005 Hum... It didn't work I used this one since our computers are not joined to the domain during the Unattended Installation process[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\SandardProfile\GloballyOpenPorts\List]"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009""139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004""445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005""137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001""138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"Any ideas? Link to comment Share on other sites More sharing options...
jfmartel Posted February 11, 2005 Share Posted February 11, 2005 Add a "T" to sandard profil..you should check your registry for complete syntax.....Im not sure if it's "StandardProfile" or "Standard Profile"....... Link to comment Share on other sites More sharing options...
Incroyable HULK Posted February 11, 2005 Author Share Posted February 11, 2005 C R A P * I should have double checked that! Missing "t"...Anyway you are correct, it is StandardProfileIf the computer will be added later on to a domain, should I use BOTH values? Link to comment Share on other sites More sharing options...
jfmartel Posted February 11, 2005 Share Posted February 11, 2005 Havent tried it, i don't know if joining the domain would overwrite the value.....but thats a good idea.But you can try it. That would preconfigure them.Once your computer has joined the domain, you can tweak the Firewall with the GPOsHope this help! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now