All Products
Document Center

:How do I start Remote Desktop Connection to RDP on a Windows instance?

Last Updated:Dec 29, 2020

Disclaimer: this article may be contributed by the community or involve third-party product information. We recommend that you visit the community or the official website of third-party products for help and support. Third-party products will not be provided by Alibaba Cloud after-sales support. This document is for reference only. Alibaba Cloud makes no guarantee by express or any other means.


By using the Remote Desktop Connection to the RDP service, you can easily manage and operate Windows instances. If the Remote Desktop Connection RDP service is not enabled, you cannot perform the Remote Desktop Connection. This topic describes how to enable Remote Desktop Connection (RDP) for a Windows instance.


Alibaba Cloud reminds you that:

  • Before you perform operations that may cause risks, such as modifying instance configurations or data, we recommend that you check the disaster recovery and fault tolerance capabilities of the instances to ensure data security.
  • You can modify the configurations and data of instances including but not limited to Elastic Compute Service (ECS) and Relational Database Service (RDS) instances. Before the modification, we recommend that you create snapshots or enable RDS log backup.
  • If you have authorized or submitted sensitive information such as the logon account and password in the Alibaba Cloud Management Console, we recommend that you modify such information in a timely manner.

The content of this article has been verified in the Windows Server 2012 version of the system, and may be slightly different in other versions. For more information, see the official documentation for the version.

  1. Log on to a Windows instance. For more information, see connect to a Windows instance through Alibaba Cloud VNC.
  2. Open the run window, enter cmd, and click OK to open the command line tool.
  3. Run the following command to check whether port 3389 is listening: If port 3389 is not listened to, follow these steps to enable remote desktop connection to the RDP service and enable port 3389.
    netstat -aon | findstr "3389"
  4. Run the following command to enter PowerShell mode:
  5. Run the following command to enable remote desktop connection to the RDP service.
    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server" -Name fDenyTSConnections -Value 0 -Force Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" -Name UserAuthentication -Value 1 -Force netsh.exe advfirewall firewall add rule name="Open RDP Port 3389" dir=in action=allow protocol=TCP localport=3389
    The following command output is returned.
  6. Connect to a Windows instance from a local client. For more information, seeconnect to a Windows instance from a local client.


Application scope

  • Elastic Compute Service