Windows Recovery–Load Registry
So, I used putty to open an SSH connection to the server. Easy I thought, REG ADD “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” /t REG_DWORD /v PortNumber /d d3d /f
noooo, Access Denied .. ok, UAC is enabled .. tried to figure out if there’s a way to elevate the prompt .. but didn’t find a route/solution .. so I decided to reboot the server in Windows Recovery Mode, started regedit.exe and used load hive to load the SYSTEM Hive (found under C:\Windows\System32\Config). entered a name for the temporary hive, changed the PortNumber (always use CurrentControlSet1 – it’s the last successful config) and unloaded the hive.. then I remembered that I read an article about editing the registry ‘offline’ using reg.exe .. just to verify if the changed values have really been written in the SYSTEM Registry I used:
reg load HKLM\Win_SYSTEM C:\windows\system32\config\system reg query "HKLM\Win_SYSTEM\ControlSet001\Control\Terminal Server\WinStations\RDP-Tcp" reg unload HKLM\Win_SYSTEM
and see what I got:
another option is to disable the Firewall completely using this bat/cmd file:
@echo off :start echo **************************************************************** echo * * echo * 1 : Disable Windows firewall on server * echo * * echo * 2 : Enable Windows firewall on server * echo * * echo **************************************************************** set /p choice= choose What to do: if not %choice%=='' set choice=%choice:~0,1% if %choice%==1 goto Menu1 if %choice%==2 goto Menu2 echo %choice% WRONG option, choose 1 or 2 goto start :Menu1 reg load HKLM\Win_SYSTEM C:\windows\system32\config\system reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f reg unload HKLM\Win_SYSTEM @echo on @echo Firewall Disabled ! @echo off goto end :Menu2 reg load HKLM\Win_SYSTEM C:\windows\system32\config\system reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" /v "EnableFirewall" /t REG_DWORD /d "1" /f reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" /v "EnableFirewall" /t REG_DWORD /d "1" /f reg.exe add "HKEY_LOCAL_MACHINE\Win_SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" /v "EnableFirewall" /t REG_DWORD /d "1" /f reg unload HKLM\Win_SYSTEM @echo on @echo Firewall Enabled ! @echo off goto end :end pause
maybe this is of help for someone..