#requires –runasadministrator
function Set-RegistryValue($key, $name, $value, $type="String") { 
  if ((Test-Path $key) -eq $false) { md $key | Out-Null } 
       Set-ItemProperty $key $name $value -type $type 
  } 
 #修改注册表，更改远程端口
 Set-RegistryValue "HKLM:\SYstem\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp" PortNumber 3389 Dword
 Set-RegistryValue "HKLM:\SYstem\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" PortNumber 3389 Dword
 #防火墙设置
 New-NetFirewallRule -displayName "新远程桌面端口"  -name "remote desktop tcp in" -Direction Inbound -LocalPort 3389 -Protocol TCP -Action Allow
 New-NetFirewallRule -displayName "新远程桌面端口" -name "remote desktop udp in" -Direction Inbound -LocalPort 3389 -Protocol UDP -Action Allow
 New-NetFirewallRule -displayName "新远程桌面端口" -name "remote desktop tcp out" -Direction Outbound -LocalPort 3389 -Protocol TCP -Action Allow
 New-NetFirewallRule -displayName "新远程桌面端口" -name "remote desktop udp out" -Direction Outbound -LocalPort 3389 -Protocol UDP -Action Allow

修改3389端口后以管理员运行。