Clean RDP Sessions

Just found it useful with the garbage of RDP session to clean-

Paste the below lines on a notepad and rename it- rdp_clean.bat. Execute the batch file through cmd line as admin user.

@echo off
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default" /va /f
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Servers" /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Servers"
cd %userprofile%\documents\
attrib Default.rdp -s -h
del Default.rdp



Reboot Windows 10 using RDP

This article is for sysadmins who know better, wanting to Shut down or Restart (or even enter Sleep) over RDP anyway.

At left, user clicked on Start, Power, then has three choices. Using RDP at right, choices are rather limited.

Using Command Prompt

Open a Command Prompt

a. To initiate a Shut down, type:

shutdown /s /t 0

then press Enter Continue reading “Reboot Windows 10 using RDP” »


Virtualbox fixing VRDE on instead

By default, Remote Display only works on localhost / and cannot be accessed by ip address or hostname.

Check VRDE / Remote Display IP Address
You can check VRDE / Remote Display ip address using the following methods:

Open command prompt and run netstat -an |find /i “listening” or netstat -an |find /i “[PORT_NUMBER]” and you shall notice it is listening on Continue reading “Virtualbox fixing VRDE on instead” »


Change the listening port for RDP on your computer- Windows 10, Windows 8.1, Windows 8, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2008 R2

When you connect to a computer (either a Windows client or Windows Server) through the Remote Desktop client, the Remote Desktop feature on your computer “hears” the connection request through a defined listening port (3389 by default). You can change that listening port on Windows computers by modifying the registry.

  1. Start the registry editor. (Type regedit in the Search box.)
  2. Navigate to the following registry subkey: KEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber
  3. Click Edit > Modify, and then click Decimal.
  4. Type the new port number, and then click OK.
  5. Close the registry editor, and restart your computer.

The next time you connect to this computer by using the Remote Desktop connection, you must type the new port. If you’re using a firewall, make sure to configure your firewall to permit connections to the new port number.


Secure RDP connection through Vyatta using PuTTY

vyatta-rdpConnecting to SSH Server as gateway instead of directly RDP to a PC is safer way and add another layer ofencryption.With this method,we can connect to any client that is behind the firewall provided that we have open the port 22 (or any other SSH port) to the SSH Server.

In First step, we’ll configure the vyatta, so that it will forward the ssh request to the internal Linux server that it will receive on it’s port 222.

(From the Configuration Mode, issue these commands) Continue reading “Secure RDP connection through Vyatta using PuTTY” »


Change Windows RDP default listening port 3389

  1. Start Registry Editor.
  2. Locate and then click the following registry subkey:
  3. On the Edit menu, click Modify, and then click Decimal.
  4. Type the new port number, and then click OK.
  5. Quit Registry Editor.
  6. Restart the computer.

Note When you try to connect to this computer by using the Remote Desktop connection, you must type the new port. Maybe you have to set the firewall to allow the new port number before you connect to this computer by using the Remote Desktop connection.

Worked for Windows XP, Vista & 7 (didn’t tested on Server Edn. and Windows 8)


Replacing the default (self signed) certificate on a RD Session Host server

Many times I wanted to get rid of that annoying certificate warning message when I make a RDP connection to a RD Session Host server or a workstation. If you are using RDP inside an Active Directory network, the warning is gone, because the connection is using kerberos for security, but if you are connecting from outside to the inside, well…you will be prompted to accept the server certificate, and this is because the certificate is self signed and is not trusted. The following method works for clients OS (Win XP, Vista,7) too, not just for RD Session Host servers.

To install a trusted certificate I will use a script that I found on Microsoft technet. For this guide an Enterprise Internal CA will issue the certificates since is cheaper and much easy to work with, but if you have a lot of external clients a commercial certificate is recommended. To start we need to request and install a certificate on the local computer store on the RD Session Host server. For that open the Certificates Store console (Start > Run > mmc), select Certificates and click the Add button. On the wizard that just popped-up choose Computer Account > Local Computer. Continue reading “Replacing the default (self signed) certificate on a RD Session Host server” »