← Previous Windows Performance Troubleshooting: Slow PC Fix Guide
Chapter 9 of 10 Windows ↑ Index
Next → Group Policy for Windows Workstations: Essential Settings Guide
Windows Chapter 9 of 10 by Administrator 4 min read

Windows Remote Desktop: How to Enable and Connect Remotely

Remote Desktop Protocol (RDP) is one of the most used tools in IT support and remote work. It allows you to take full control of a Windows machine over the network, as if you were sitting in front of it. This guide covers enabling RDP, connecting from Windows and other platforms, securing the connection, and troubleshooting common issues.

Enabling Remote Desktop on Windows 10 and 11

Via Settings

  1. Open Settings > System > Remote Desktop
  2. Toggle Enable Remote Desktop to On
  3. Note the PC name shown — this is what you will type in the connection client
  4. Under User accounts, click Select users that can remotely access this PC to grant non-administrator users RDP access

Via PowerShell

# Enable Remote Desktop
Set-ItemProperty -Path "HKLM:SystemCurrentControlSetControlTerminal Server" `
  -Name "fDenyTSConnections" -Value 0 -Type DWord

# Enable Remote Desktop through Windows Firewall
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

# Verify the service is running
Get-Service -Name "TermService" | Select-Object Status, StartType

# Start the Remote Desktop service if stopped
Start-Service -Name "TermService"
Set-Service -Name "TermService" -StartupType Automatic

# Add a user to the Remote Desktop Users group
Add-LocalGroupMember -Group "Remote Desktop Users" -Member "domainusername"

Connecting to a Remote Desktop Session

From Windows: mstsc.exe

Press Win + R, type mstsc, press Enter. In the Remote Desktop Connection window:

  • Computer — Enter the IP address or hostname of the remote machine
  • Click Show Options to configure display resolution, local resources (printers, clipboard, drives), and save the connection as an .rdp file
  • Click Connect, enter credentials when prompted

From a Command Line

# Connect to a remote machine with specific resolution
mstsc /v:192.168.1.50 /w:1920 /h:1080

# Connect in full-screen mode
mstsc /v:hostname.domain.local /f

# Connect using a saved .rdp file
mstsc "C:RDP ConnectionsServerName.rdp"

# Admin console session (connects to session 0, bypasses session limit)
mstsc /v:192.168.1.50 /admin

From macOS or Linux

Install Microsoft Remote Desktop from the Mac App Store. On Linux, use Remmina (apt install remmina remmina-plugin-rdp) or FreeRDP (xfreerdp). On iOS and Android, use the Microsoft Remote Desktop mobile app.

Remote Desktop over the Internet

By default, RDP listens on TCP port 3389. Exposing port 3389 directly to the internet is a significant security risk — automated scanners continuously probe for open RDP ports and attempt brute-force credential attacks. Safer approaches:

VPN (Recommended)

Connect the remote user to the corporate VPN first, then RDP to the internal IP address. The machine is never directly accessible from the internet. This is the recommended approach for business environments.

Azure Virtual Desktop or Windows 365

For cloud-hosted remote desktops, Microsoft Azure Virtual Desktop (AVD) provides RDP over HTTPS through the Azure gateway — no inbound firewall ports needed on the endpoint.

Changing the Default RDP Port (Security Through Obscurity)

# Change RDP port from 3389 to a custom port (e.g., 54321)
# Note: This requires updating firewall rules and communicating the new port to users
Set-ItemProperty -Path "HKLM:SystemCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp" `
  -Name "PortNumber" -Value 54321 -Type DWord

# Update the firewall rule for the new port
Remove-NetFirewallRule -DisplayName "Remote Desktop - User Mode (TCP-In)"
New-NetFirewallRule -DisplayName "Custom RDP Port 54321" `
  -Direction Inbound -Protocol TCP -LocalPort 54321 -Action Allow

# Restart the RDP service
Restart-Service -Name "TermService"

# Connect using the custom port from the client
# mstsc /v:hostname:54321

Network Level Authentication (NLA)

Network Level Authentication requires users to authenticate before a full RDP session is established, reducing the attack surface for credential brute-force and some denial-of-service attacks. NLA is enabled by default on Windows 10 and 11 but can be verified or enforced:

# Verify NLA is enabled (value should be 1)
Get-ItemProperty -Path "HKLM:SystemCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp" |
  Select-Object UserAuthentication

# Enable NLA
Set-ItemProperty -Path "HKLM:SystemCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp" `
  -Name "UserAuthentication" -Value 1 -Type DWord

Troubleshooting RDP Connection Issues

Cannot Connect: Check if RDP is Listening

# On the remote machine, verify port 3389 is listening
netstat -an | findstr 3389

# Test connectivity from the client machine
Test-NetConnection -ComputerName 192.168.1.50 -Port 3389

Firewall Blocking RDP

# Check firewall rule status
Get-NetFirewallRule -DisplayGroup "Remote Desktop" | Select-Object DisplayName, Enabled, Direction

# Re-enable RDP firewall rules
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

Too Many Sessions (Windows Workstation Limit)

Windows 10 and 11 workstations allow only one concurrent RDP session and one local session. If someone is already logged in locally, an RDP connection will prompt to disconnect them. Windows Server editions allow multiple concurrent sessions (with appropriate RDS licences).

Slow RDP Performance

  • Reduce colour depth (16-bit instead of 32-bit) in mstsc > Display
  • Disable wallpaper and visual themes in mstsc > Experience
  • Select the appropriate connection speed profile in the Experience tab

Tags: Tutorial How To Step by Step Remote Desktop Windows

Related Articles

Windows Group Policy for Windows Workstations: Essential Settings Guide Essential Group Policy settings for Windows workstations: password policy, account lockout... Windows Windows Performance Troubleshooting: Slow PC Fix Guide Diagnose and fix slow Windows performance: identify bottlenecks, disable startup items, cl... Windows WSL2 Setup Guide: Run Linux on Windows 10 and 11 Complete WSL2 setup guide for Windows 10 and 11: install Linux distributions, configure me... Windows Windows Event Viewer Guide: Read and Troubleshoot System Logs Learn to read and troubleshoot Windows Event Viewer logs. Covers log types, critical Event...
← Previous Chapter Windows Performance Troubleshooting: Slow PC Fix Guide
View All Chapters
Next Chapter → Group Policy for Windows Workstations: Essential Settings Guide