-
-
Notifications
You must be signed in to change notification settings - Fork 543
/
windows-change-rdp-port.bat
57 lines (45 loc) · 2.34 KB
/
windows-change-rdp-port.bat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
@echo off
mode con cp select=437 >nul
rem set RdpPort=3333
rem https://learn.microsoft.com/windows-server/remote/remote-desktop-services/clients/change-listening-port
rem HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
rem RemoteDesktop-Shadow-In-TCP
rem v2.33|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%SystemRoot%\system32\RdpSa.exe|[email protected],-28778|[email protected],-28779|[email protected],-28752|Edge=TRUE|Defer=App|
rem RemoteDesktop-UserMode-In-TCP
rem v2.33|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=3389|App=%SystemRoot%\system32\svchost.exe|Svc=termservice|[email protected],-28775|[email protected],-28756|[email protected],-28752|
rem RemoteDesktop-UserMode-In-UDP
rem v2.33|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=3389|App=%SystemRoot%\system32\svchost.exe|Svc=termservice|[email protected],-28776|[email protected],-28777|[email protected],-28752|
rem 设置端口
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber /t REG_DWORD /d %RdpPort% /f
rem 设置防火墙
rem 各个版本的防火墙自带的 rdp 规则略有不同
rem 全部版本都有: program=%SystemRoot%\system32\svchost.exe service=TermService
rem win7 还有: program=System service=
rem 以下为并集
for %%a in (TCP, UDP) do (
netsh advfirewall firewall add rule ^
name="Remote Desktop - Custom Port (%%a-In)" ^
dir=in ^
action=allow ^
service=any ^
protocol=%%a ^
localport=%RdpPort%
)
rem 家庭版没有 rdp 服务
sc query TermService
if %errorlevel% == 1060 goto :del
rem 重启服务 可以用 sc 或者 net
rem UmRdpService 依赖 TermService
rem sc stop 不能处理依赖关系,因此 sc stop TermService 前需要 sc stop UmRdpService
rem net stop 可以处理依赖关系
rem sc stop 是异步的,net stop 不是异步,但有 timeout 时间
rem TermService 运行后,UmRdpService 会自动运行
rem 如果刚好系统在启动 rdp 服务,则会失败,因此要用 goto 循环
rem The Remote Desktop Services service could not be stopped.
:restartRDP
net stop TermService /y && net start TermService || (
timeout 5
goto :restartRDP
)
:del
del "%~f0"