Docs / Windows Server / How to Enable Remote Desktop on Windows Server

How to Enable Remote Desktop on Windows Server

By Admin · Mar 2, 2026 · Updated Apr 23, 2026 · 29 views · 3 min read

How to Enable Remote Desktop on Windows Server

Remote Desktop Protocol (RDP) allows you to connect to and manage your Windows Server Breeze remotely from any RDP client. This guide walks you through enabling and configuring Remote Desktop securely on your Kazepute Breeze running Windows Server.

Prerequisites

  • A Kazepute Breeze running Windows Server 2019 or 2022
  • Administrator access to the server
  • A static IP address or known public IP for your Breeze

Enable Remote Desktop via Server Manager

The easiest way to enable RDP is through Server Manager:

  1. Open Server Manager from the Start menu or taskbar.
  2. Click Local Server in the left pane.
  3. Find the Remote Desktop property (it will say "Disabled" by default).
  4. Click Disabled to open the System Properties dialog.
  5. Select Allow remote connections to this computer.
  6. Optionally uncheck "Allow connections only from computers running Remote Desktop with Network Level Authentication" for broader compatibility.
  7. Click OK and confirm the firewall rule prompt.

Enable Remote Desktop via PowerShell

For a faster approach, open an elevated PowerShell prompt and run:

# Enable RDP
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -Name "fDenyTSConnections" -Value 0

# Allow RDP through Windows Firewall
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

# Optional: Enable Network Level Authentication
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name "UserAuthentication" -Value 1

Configure RDP Port (Optional)

By default, RDP listens on port 3389. For added security, you can change this to a non-standard port:

# Change RDP port to 3390 (example)
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name "PortNumber" -Value 3390

# Add firewall rule for the new port
New-NetFirewallRule -DisplayName "RDP Custom Port" -Direction Inbound -Protocol TCP -LocalPort 3390 -Action Allow

# Restart the RDP service
Restart-Service -Name TermService -Force

Connecting to Your Breeze

From your local machine, open the Remote Desktop Connection client (mstsc.exe on Windows, or a third-party RDP client on Mac/Linux). Enter your Breeze's public IP address and click Connect. Log in with your Windows Server administrator credentials.

Security Best Practices

  • Use Network Level Authentication (NLA): This requires authentication before a full session is established, reducing brute-force risk.
  • Limit RDP users: Only grant Remote Desktop access to users who genuinely need it. Use lusrmgr.msc to manage group membership.
  • Change the default port: Moving RDP off port 3389 significantly reduces automated attack traffic.
  • Enable account lockout policies: Configure lockout after a set number of failed attempts via Group Policy.
  • Use strong passwords: Enforce complexity requirements and minimum length via Local Security Policy.

Troubleshooting

If you cannot connect via RDP, verify the following:

  • The Windows Firewall rule for Remote Desktop is enabled.
  • The Remote Desktop Services (TermService) service is running.
  • Your Breeze's network security settings allow inbound traffic on port 3389 (or your custom port).
  • Check Event Viewer under Applications and Services Logs > Microsoft > Windows > TerminalServices-LocalSessionManager for connection logs.

Was this article helpful?

Related Articles