Adding Permissions to the RDP Protocol

Updated: February 16, 2011

Applies To: Windows Server 2008 R2

Allow Remote RPC on each virtual machine.

Membership in the local Administrators group, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

To add RDP protocol permissions to a virtual machine

  1. Click Start, point to All Programs, and then click Accessories.

  2. Right-click Command Prompt, and then click Run as administrator.

  3. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.

  4. At the command prompt, type the following commands:

    • wmic /node:localhost RDPERMISSIONS where TerminalName="RDP-Tcp" CALL AddAccount "<DOMAIN>\<SERVER_NAME>$",1

    • wmic /node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or TerminalName='Console') and AccountName='<DOMAIN>\\<SERVER_NAME>$'" CALL ModifyPermissions 0,1

    • wmic /node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or TerminalName='Console') and AccountName='<DOMAIN>\\<SERVER_NAME>$'" CALL ModifyPermissions 2,1

    • wmic /node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or TerminalName='Console') and AccountName='<DOMAIN>\\<SERVER_NAME>$'" CALL ModifyPermissions 9,1

    • Net stop termservice

    • Net start termservice

  5. Log off the computer.