The Remote Desktop that comes in Windows is a nice and handy feature where it allows you to remotely login and control the computer as if you are sitting in front of it. This feature is turned off by default and can be easily enabled by selecting an option from the Remote tab at System Properties. Then the controller can just run the Remote Desktop Connection shortcut that is found in the Start menu, enter either the IP address or hostname of the computer that will be controlled, followed by logging in with the username and password that is set to the computer.
It is logical to keep the remote desktop turned off and only turning it back on when you need it to prevent from any possible break-in. Another great way to keep your Remote Desktop servers more secure is by changing Remote Desktop default port number. However it doesn’t make sense if you’re a network administrator because the reason to use remote desktop is to save you the trouble of being in front of the computer in the first place. Although there is no visible option that you can find in Windows to enable the Remote Desktop feature remotely, there is however a way around it.
Switching on or off the Remote Desktop feature involves updating only a single registry value. Since Windows allows you to remotely access and manage another computer’s registry, this makes it possible for you to remotely turn on or off the Remote Desktop. Try running the Registry Editor (regedit), go to File and you will see a “Connect Network Registry”. To make things much easier, there is a free utility called Remote Desktop Enabler (download link available at the end of this article) that comes in a simple user interface for you to enable the Remote Desktop on remote and local Windows computers in just a few steps.
The first step is to select the computer that you want to enable the Remote Desktop, or you can manually specify the IP address or computer name. Secondly, you are required to enter a valid user account information. The final option is to select whether to enable or disable the remote desktop on the remote computer. There is also an option to restart the computer by ticking the reboot checkbox.
As previously said, this utility makes it easy to update the registry value for Remote Desktop but unfortunately it does not work right out of the box because some of the default security configuration in Windows is preventing this from working. If you’re getting “Error: (Access Denied)” message when trying to enable the Remote Desktop on a Windows 7 computer, here are the things that you need to do first:
1. Enable Remote Registry service
- Click the Start button, type services.msc at the Search programs and files bar and press Enter. Look for Remote Registry in the list, right click on it and select Start. This will temporarily start the Remote Registry service and will be stopped when you restart the computer. To permanently start this service whenever Windows is booted up, double click on the Remote Registry, click on the drop down menu for Startup type and select Automatic.
2. Use the disabled built-in Administrator account
- For some unknown reason you must use the built-in Administrator account that is disabled by default in Windows 7. To enable the Administrator account, click the Start button, right click on Computer and select Manage. Expand System Tools > Local Users and Groups, Users > double click on Administrator, and uncheck Account is disabled. Click OK to close the Administrator Properties window.
3. Set a password for the Administrator account
- Enabling the built-in Administrator account allow you can login without a password. You will need to set a password for this to work. At the Computer Management window that you launched from step 2, right click on Administrator and select Set Password. Click the Proceed button and type a password.
4. Turn on File and Printer Sharing
- Go to Control Panel > Network and Sharing Center > click the Change advanced sharing settings at the left pane > select the Turn on file and printer sharing radio button and click Save changes.
As you can see, Microsoft has placed a much secure default configuration on Windows 7. The Remote Desktop Enabler will not work if ANY of the requirements above are not met. As for Windows XP, there are also some configuration changes to be made or else you will get the message “Error: Remote Desktop not on COMPUTER“.
1. A user account in administrator group must have a password.
- Unlike Windows 7, you can use any user account as long as it belongs in the Administrator gruop. Go to Control Panel > User Accounts > pick the account that you want to set a password > click Create a password
2. Disable Simple File Sharing.
- Go to Control Panel > Folder Options > View tab > scroll to the bottom in Advanced settings and uncheck “Use simple file sharing”.
File and Print sharing is allowed in Firewall or you can disable the Windows Firewall.