Use CMPivot Query to Find RDP Port Number

In this post, I will show you how to use CMPivot query to find RDP port number using SCCM. By default, the RDP port is set to 3389, but in case it is changed, you can run a CMPivot query and find the port number.

When you connect to a computer (either a Windows client or Windows Server) through the Remote Desktop client, the Remote Desktop feature on your computer “hears” the connection request through a defined listening port (3389 by default). You can change that listening port on Windows computers by modifying the registry.

The Remote Desktop port (RDP port) 3389 on Windows is a popular target for hackers. That’s why most organizations prefer to change the RDP port as a means to secure their network. There are multiple ways to change the RDP port number on Windows computers, such as registry, PowerShell, or CMPivot. When you want to determine the RDP port that is configured on any given computer, you can use a CMPivot query because it is quick and accurate.

CMPivot Queries in Configuration Manager lets you see the state of devices in your environment in real time. You can launch the CMPivot tool and run a query on all currently connected devices in the target collection and get the results.

Use CMPivot Query to Find RDP Port Number

Perform the following steps to find RDP port number using CMPivot query in SCCM:

• Launch the ConfigMgr console and go to Assets and Compliance > Overview > Device Collections.
• Right-click on the device collection and select Start CMPivot.
• Run the below CMPivot query to find the RDP port of all the devices within the device collection.

Registry('HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp') | where Property == 'PortNumber'

In the CMPivot query output, the Value field shows the RDP port number. There is an export option in the CMPivot query window where you can export the RDP port numbers of computers to an external file.