Tamper Protection and Remote Desktop not working when changed from defaults

[chrcol]

Remote desktop can be enabled automatically with two commands.

Not sure, how NTLite is trying to do it, but these will work.

reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
netsh advfirewall firewall set rule group="remote desktop" new enable=yes

Tamper protection, I have no way of automating it, so its just hoping the NTLite problem can be fixed.

Defender does disable if choose to disable it, but I prefer to have Defender enabled and Tamper Protection off, so that combination of options.

 

[garlin]

For RDP, Settings / System / Remote Desktop -> enabled changes the fDenyTSConnections reg setting.
You must add the netsh firewall command yourself.

After the system boots, Tamper Protection can't be changed except through the Security Center (by the user). This is to defeat malware from manipulating the setting. Add this reg file to Integrate, so the saved value is already changed before boot.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features]
"TamperProtection"=dword:00000000

 

[chrcol]

Thanks, I will report back if the 0 works after the next test run.

Also will adjust my post install commands to just the netsh command for remote desktop. I suggest a description is added in ntlite so when enable remote desktop is selected the user is warned it wont adjust the firewall for them, and as such the settings applet will also still report it disabled. (the widget only changes when the rule is also in place).

 

[chrcol]

Ok finally tested it, sadly something still bumped it back to 1, it was added in the registry section in NTLite.

I still have tamper protection in NTLite directly set to disabled, so in case that interferes with the registry file I can try putting that back to default.

 

[chrcol]

Will take defeat on this one, I guess MS just locked it down so hard that even integrating it isnt possible. At least its just one click after install to turn it off.

Remote desktop working fine at least.

 

[francis11]

A kind of dirty? trick to turn off Tamper Protection permantly borrowed from here with thanks to pieterdezwart and explained here
Following reggie added to NTL reg section should do it with benefits if plan also is to alter EDGE search engine, add extensions on startup of EDGE among other stuff on ie. 10/ 11 PRO.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF]
"EnrollmentState"=dword:00000001
"EnrollmentType"=dword:00000000
"IsFederated"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Provisioning\OMADM\Accounts\FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF]
"Flags"=dword:00d6fb7f
"AcctUId"="0x000000000000000000000000000000000000000000000000000000000000000000000000"
"RoamingCount"=dword:00000000
"SslClientCertReference"="MY;User;0000000000000000000000000000000000000000"
"ProtoVer"="1.2"