How to Change RDP Port using PowerShell

When you connect to a computer or a server through the Remote Desktop client, the Remote Desktop feature on your computer “hears” the connection request through a defined listening port (3389 by default).

Some organizations prefer to change the default RDP port (3389) on Windows servers to a custom port to make it more challenging for potential attackers to gain unauthorized access.

Fortunately, with the power of PowerShell, changing the RDP port becomes a straightforward process. By executing a single command in PowerShell, you can customize your RDP port to suit your specific requirements.

You can also change RDP port number using SCCM or manually by editing the registry. However, changing the RDP listening port on a Windows server using PowerShell is the most convenient and secure method.

PowerShell Script to Change RDP Port

The following PowerShell script allows you to change the RDP port from the default 3389 to a custom port. Before running the below PS script, you’ll need to specify the custom port for RDP.

To run the below script, copy and paste it into a text editor and change the name to something like changeRDPport.ps1. On your Windows Server or Windows 11, launch the Windows PowerShell as an administrator and run the below script.

$portvalue = 3390

Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value $portvalue 

New-NetFirewallRule -DisplayName 'RDPPORTLatest-TCP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol TCP -LocalPort $portvalue 
New-NetFirewallRule -DisplayName 'RDPPORTLatest-UDP-In' -Profile 'Public' -Direction Inbound -Action Allow -Protocol UDP -LocalPort $portvalue

Verifying the new RDP Port

After you have modified the RDP port number using the above script, you can run a simple PowerShell command to verify the RDP listening port. You can also use CMPivot query to quickly determine the RDP port of a client computer or Windows server.

Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber"

SCCM 2503 Upgrade New Features and Hotfixes

Create a Device Collection for SCCM 2409 Clients

Device Collection for SCCM 2403 Clients

SCCM 2403 Hotfixes, Upgrade and New Features

ConfigMgr 2401 Technical Preview Released

New Features in Intune 2502 release (February 2025)

Intune Service Release 2406 New Features (June 2024)

Microsoft Intune 2405 New Features (May 2024)

How to Disable Android Enterprise system app in Intune

Intune ends support for Android device administrator

How to Install WSUS Console on Windows 11

How to enable memory integrity using Group Policy

Uninstall Mail and Calendar Apps using PowerShell

How to Create Batch File to Delete Temp Files