Over the weekend, I was trying to access a Windows Server 2008 server core installation using the Remote Desktop Connection client. I’d enabled remote desktop connections (and legacy connections) with:

cscript %windir%\system32\scregedit.wsf /ar 0
cscript %windir%\system32\scregedit.wsf /cs 0

and both times the system reported that the:

Registry has been updated.

Even so, I still couldn’t successfully connect. It seemed logical that this was a firewall issue. Reading Daniel Petri’s article on configuring the firewall on server core for remote management confirmed that installing roles does indeed open the associated ports and that for domain-joined machines the firewall profile allows remote management; however for workgroup machines it may be necessary to run:

netsh advfirewall firewall set rule group=“remote administration” new enable=yes

Even though this returned:

Updated 3 rule(s).
Ok.

It still didn’t let me connect but then I noticed that remote desktop has its own firewall group (i.e. it’s not included in remote administration) so I tried something more specific:

netsh advfirewall firewall set rule group=“remote desktop” new enable=yes

The rule was updated:

Updated 1 rule(s).
Ok.

and I was able to connect to the server. I later found that Julie Smith also suggests this approach over at The Back Room Tech but most posts on the subject seem to be focused on opening ports for Microsoft Management Console (MMC)-based remote administration.