Skip to content

Windows Server 2012: Enabling RDS in the answer file

by rkorock on October 20, 2012

When building an answer file (autounattended.xml) for an automated deployment of Windows Server 2012 or Windows 8, I often want the new system to automatically have Remote Desktop Services enabled so I can easily connect to it. This really helps for headless installs.

I used Windows System Image Manager (WSIM) to build my answer files, so here are the instructions to using WSIM to enable Remote Desktop in the answer file.

The 2 simple things your answer file needs to do

1. Enable Remote Desktop

2. Modify Windows Firewall

 

1. Enable Remote Desktop:

In the Windows Image pane of WSIM, add the component:amd64_Microsoft-Windows-TerminalServices-LocalSessionManager__neutral to “Pass 4 Specialize”

Then change the fDenyTSConnections from true to false like below

enabling rd

 

2. Modify Windows Firewall

We have to modify Windows Firewall to allow incoming RD requests. Without doing this step, incoming RD requests will be blocked, and you will not be able to connect.

In the Windows Image pane of WSIM, add the component:amd64_Networking-MPSSVC-Svc__neutral to “Pass 4 Specialize

In the Answer File pane of WSIM, expand the newly added MPSSVC component (like below), left-click on FirewallGroups, and select ‘Insert New FirewallGroup

disabling firewall1

 

Once you have the new FirewallGroup, click on it and edit to look like below:

disabling firewall2

Active: true
Group: Remote Desktop
Key:RemoteDesktop
Profile: all (You can set this as desired, but I use ‘all’)

That’s all!, this answer file will now enable RD and the appropriate firewall rules. For reference, here is the finished pieces of the answer file.

Enabling RD

        <component language="neutral" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorarchitecture="amd64" publickeytoken="31bf3856ad364e35" versionscope="nonSxS">
            <fdenytsconnections>false</fdenytsconnections>
        </component>

 

Configuring Firewall Rules

        <component language="neutral" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" name="Networking-MPSSVC-Svc" processorarchitecture="amd64" publickeytoken="31bf3856ad364e35" versionscope="nonSxS">
            <firewallgroups>
                <firewallgroup wcm:action="add" wcm:keyvalue="RemoteDesktop">
                    <active>true</active>
                    <group>Remote Desktop</group>
                    <profile>all</profile>
                </firewallgroup>
            </firewallgroups>
        </component>

From → Uncategorized

No comments yet

Leave a Reply


*

Note: HTML is allowed. Your email address will not be published.

Subscribe to this comment feed via RSS