pftq.com
Blabberbox » 42 » Remote Desktop SetupShare on Twitter

Remote Desktop Setup

October 15th, 2015 | Posted by pftq in 42 | #
Good articles on securing the Remote Desktop function of Windows, so that it uses encryption, etc.

Basic things all RDP should have:
http://www.howtogeek.com/175087/how-to-enable-and-secure-remote-desktop-on-windows/

In addition, set up temporary account lockout after 3 failed passwords:
https://security.berkeley.edu/resources/best-practices-how-articles/securing-remote-desktop-rdp-system-administrators

Lastly, set up two-factor for logins:
https://duo.com/docs/rdp

If you want the computer to always be on even if power outtage, see:
http://www.technewsworld.com/story/78930.html
https://www.pftq.com/pq/42/auto_login_and_lock.php

And also buy a remote IP power strip to be able to reboot in case your computer freezes.

For those unsure about doing this due to security:
Is VPN Needed for RDP Security?
http://security.stackexchange.com/questions/38957/does-microsoft-remote-desktop-require-a-vpn-to-be-secured

---------

Additional settings depending on your  use...


Increase the max outstanding connections to 3000, so having a bunch of failed logins can't suddenly lock you out remotely permanently.  Run the following in command prompt:
Quote
REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v MaxOutstandingConnections /t REG_DWORD /d 65536

Also add this to the registry to prevent potential error "all connections are in use" that can happen somewhat randomly (run in command prompt):
Quote
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v MaxConnectionsPer1_0Server /t REG_DWORD /d 10
Quote
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v MaxConnectionsPerServer /t REG_DWORD /d 10

Additionally under gpedit.msc RDP connections settings, set "Limit number of connections" and "Restrict Remote Desktop Services Users to a single..." to unlimited to avoid "all connections are in use" error as well that builds up over time.

If you're trying to record the desktop while the RDP is minimized or signed out, you'll also need the following two regedit settings + a second RDP that remotes into the first RDP.  The second RDP remoting into the one you want to record is what needs the regedit below:
https://social.technet.microsoft.com/Forums/sqlserver/en-US/0dd103cc-0da3-4d78-9a79-7aaf8598184c/using-remotedesktopsuppresswhenminimized-for-a-nested-rdp-session?forum=winserverTS
Quote
HKEY_LOCAL_MACHINE\Software\Microsoft\Terminal Server Client
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Terminal Server Client
- Create a DWORD value with the name RemoteDesktop_SuppressWhenMinimized and set its value to 2.
Last Updated Oct 23rd, 2021 | 682 unique view(s)

Leave a Comment

Name: (Have an account? Login or Register)
Email: (Won't be published)
Website: (Optional)
Comment:
Enter the code from image: