Remote Desktop Protocol (RDP)
Remote Desktop is disabled by default due to security issues. There are instances where access to your computer from off-campus is needed, if this is the case, please consider the following changes to make RDP slightly more secure.
Here are detailed instructions on connecting to your computer from on off-campus location. This is a 4 step process
A - Turn the RDP function on
B - Change the default port
C - Open the Firewall to allow the new port
D - Activate and install Multi-Factor Authentication.
Step A: Turn the RDP function on - In windows 10, click Start and type Allow remote access to your computer. Select the check box to allow remote connections
Step B: Change the default port - We recommend that you change the default 'port' Remote Desktop (RDP) is using. We are suggesting you use the first 4 digits of your NDSU phone number for the port number so it is easy to remember.
1. Click 'Start', type 'regedit', press enter, and open the Registry Editor.
2. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
3. Find and edit 'PortNumber', and then click Decimal.
4. Type the new port number, and then click OK. **IMPORTANT - you will need to know the port number in Step C, We are suggesting you use the first 4 digits of your NDSU phone number or any other number you will easily remember.
5. Quit Registry Editor.
Step C: we need to create a custom rule in the firewall to allow communication through that port
1. Click 'Start', type 'windows firewall', click 'Windows Firewall with Advanced Security'
2. Select "Inbound Rules" on the top left & right-click & select "New Rule..."
3. A new "Inbound Rule Wizard" window opens, Select "Program" and click Next
4. Select "This program path:" browse to C:\Windows\System32\svchost.exe click Open, click Next
5. Click Yes for the service warning
6. Select "allow the connection" and click Next
7. When does this rule apply? - leave all three checked and click Next
8. Name the new rule - "Custom RDP"
9. Click Finish
10. Double click the 'Custom RDP' and Select the 'Protocols and Ports' tab.
11. Change "Protocol Type' to 'TCP' then change 'Local Port' port to 'Specific Ports' and enter the port number you entered in regedit.
11. Apply settings and Save
Step D: Activate and install Multi-Factor Authentication - At this point RDP should work. If the computer is managed by central IT, the system will ask you for MFA when attempting to connect. This is a security feature that is installed by default. If your system is not managed by central IT, please check with your IT department to obtain installation instructions. Most NDSU employees have already signed up for the service at https://www.ndsu.edu/its/mfa/#c483989
Now you are ready to connect, we highly suggest testing it from another computer in your office before you need it. You will need to know your computer name. Below is a screenshot of the basic information. PLEASE NOTE there is a : between the computer name and port number