How to remotely enable/disable the firewall in Windows 7 / 2008 R2, and change RDP listening port

Had an issue about a month ago. I had to change the listening port on a user computer that had been changed from default RDP 3389 to 67890, but I couldn't get to it with COMPUTER:67890 (inside or outside the network).  Everything WAS setup with a group policy but for some reason, when it was removed, the settings stayed on the computer.  Regardless, the computer was still listening on 67890.  So, I decided to remotely change it back to 3389, and ensure that the service worked afterwards without rebooting the system.

Again, this is a remote operation so I needed tools.  My First step: download PSTools if you don't already have it.  It includes one of the best system admin tools known.... PSEXEC.   This program will allow an admin with full domain privileges to all domain computers run remote commands on that computer.  Get PSEXEC and the rest of PSTools from here: Here 

Be sure to double click on PSEXEC after you have extracted it.  This way you won't get the disclaimer when running PSEXEC commands.  Also, I find it helpful to just extract the PSTools to a directory that is already a system path (C:\Windows, or C:\Windows\System32).

Second, I had to open up a administrator command prompt on the target machine.  I did this by opening an admin command prompt and then ran psexec \\COMPUTERNAME cmd.exe.  This command allowed me to connect to the target via cmd prompt, and physically run commands on the target computer.

I used this to disable the firewall on the target workstation, by typing in the following commands on the target cmd prompt: netsh advfirewall set allprofiles state off.  

This command will turn off the Domain, Public, and Private profiles on the target computer.  If you already have them disabled via GPO or something local, then skip this.  Otherwise you may want to re-enable it prior to completion: netsh advfirewall set allprofiles state on.

Third, I had to start the remote registry service on the target machine.  Opened up services on my machine, and remotely connected to the services on the target machine.  I right clicked on Remote Registry Service and started it.

I then attached to the registry on the target machine by opening up regedit, clicking on File, Connect, Network Registry, and typing in the target computer name.

Lastly, the RDP port had to be reset to default 3389.  I had to dig into the registry on the target machine to change it from 67890 to 3389.  I searched MS and found the following from: http://support.microsoft.com/kb/306759

1. Locate and then click the following registry subkey:
   HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
2. On the Edit menu, click Modify, and then click Decimal.
3. Type the new port number, and then click OK.  (TYPE 3389)
4. Quit Registry Editor.
5. Restart the computer.

Granted, it does say restart the computer, but I was able to RDP into the target computer from my workstation right after changing this.  Also, I am using NLS, so this wasn't the reason.

Thanks!


EDIT:

Thanks to JH, a powershell script he created accomplishes this much better and faster.  Please use this in combination with the above is stuck:

 #Enable remote desktop on computer in computer OU

 

$creds = Get-Credential

 

$PCName = read-host " Enter Computer Name"

 

Enter-PSSession -ComputerName $PCName -Credential $creds

 

Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0

 

Enable-NetFirewallRule -DisplayGroup "Remote Desktop"