How to Enable RDP (Remote Desktop Protocol) on Windows
Remote Desktop Protocol — better known as RDP — is one of the most useful built-in features Windows offers, yet many users don't realize it's already on their machine, just waiting to be switched on. Whether you want to access your work PC from home or manage a server remotely, enabling RDP is the starting point.
What Is RDP and Why Does It Matter?
RDP is a protocol developed by Microsoft that lets you connect to and control another Windows computer over a network or the internet. When you connect via RDP, you see the remote machine's desktop in real time, can open files, run programs, and interact with it as if you were sitting right in front of it.
It's baked into Windows — no third-party software required on the host machine. The remote viewer (the computer you're connecting from) uses the Remote Desktop Connection app, also built into Windows, or an RDP client on Mac, Android, or iOS.
Which Windows Versions Support RDP Hosting?
This is the first variable that determines your path. Not every edition of Windows can host an RDP connection:
| Windows Edition | Can Host RDP? |
|---|---|
| Windows 11 / 10 Pro | ✅ Yes |
| Windows 11 / 10 Enterprise | ✅ Yes |
| Windows 11 / 10 Home | ❌ No (can connect to others, not host) |
| Windows Server (all versions) | ✅ Yes |
If you're on Windows Home, the native RDP hosting feature is locked out by design. Users in that situation typically turn to workarounds or third-party remote access tools — a different path entirely.
How to Enable RDP on Windows 10 and Windows 11 🖥️
Assuming you're on a supported edition, enabling RDP takes less than two minutes.
Method 1: Through Settings (Easiest)
On Windows 11:
- Open Settings → System → Remote Desktop
- Toggle Remote Desktop to On
- Confirm when prompted
- Note the PC name shown on that screen — you'll need it to connect
On Windows 10:
- Open Settings → System → Remote Desktop
- Click Enable Remote Desktop
- Toggle it on and confirm
That's the core step. The machine is now listening for incoming RDP connections on port 3389 by default.
Method 2: Through System Properties (Classic Route)
- Press Windows + R, type
sysdm.cpl, hit Enter - Go to the Remote tab
- Under Remote Desktop, select Allow remote connections to this computer
- Optionally check Network Level Authentication (NLA) — more on this below
- Click OK
Method 3: Via PowerShell (For Advanced Users or Remote Management)
If you're managing a machine without direct access to its GUI, run this in an elevated PowerShell window:
Set-ItemProperty -Path 'HKLM:SystemCurrentControlSetControlTerminal Server' -Name "fDenyTSConnections" -Value 0 Enable-NetFirewallRule -DisplayGroup "Remote Desktop" This edits the registry directly and opens the necessary firewall rule simultaneously.
Firewall and Network Considerations
Enabling RDP in Settings only gets you halfway if your Windows Firewall is blocking the connection. Windows usually updates the firewall rule automatically when you enable RDP through Settings, but it's worth verifying:
- Go to Windows Defender Firewall → Allow an app or feature through Windows Defender Firewall
- Confirm Remote Desktop is checked for your active network profile (Private and/or Domain)
If the machine is on a corporate network or behind a router, additional steps may apply:
- Router port forwarding — For connections coming from outside your local network, port 3389 often needs to be forwarded to the host machine's local IP address
- VPN access — Many organizations route RDP over a VPN rather than exposing port 3389 directly to the internet, which is considered safer practice
- Static local IP — If you're port-forwarding, assigning a static internal IP to the host machine prevents the address from changing after a router restart
Network Level Authentication (NLA) — Should It Be On?
NLA requires users to authenticate before a full remote session is established, rather than after the desktop loads. This is a meaningful security distinction:
- With NLA on: credentials are verified at the network level first, reducing exposure to certain attack types
- With NLA off: the login screen loads for anyone who can reach the machine, which is a wider attack surface
For most setups, leaving NLA enabled is the stronger default. The main case for disabling it is compatibility — some older RDP clients or non-Windows devices may not support NLA cleanly.
User Account Requirements
RDP connections require a user account with a password on the host machine. Accounts with blank passwords won't work by default due to Windows security policy.
By default, Administrators can connect via RDP. To allow a standard user account, you need to explicitly add it:
- In the Remote Desktop settings page, click Select users that can remotely access this PC
- Add the relevant user account
What Changes Depending on Your Setup 🔐
The process above covers the fundamentals, but the variables that shape your actual experience include:
- Windows edition — Home vs. Pro determines whether hosting is even possible natively
- Network environment — Home LAN, corporate domain, or remote internet access each require different firewall and routing configurations
- Security posture — Exposing RDP directly to the internet carries well-documented risks; VPN-first approaches are common in professional environments
- Number of simultaneous users — Standard Windows installations support one concurrent RDP session; Windows Server editions are designed for multi-user scenarios
- Client device — Connecting from another Windows PC, a Mac using Microsoft Remote Desktop, or a mobile device each have slightly different setup steps on the client side
Getting RDP running on your machine is a straightforward process on supported Windows editions — but how you secure it, route it, and manage access depends entirely on what you're trying to do and the environment you're working in.