narbulut

How to Extend Windows Server 2025 RDP 120-Day Grace Period?

19 May, 2026

How to Extend Windows Server 2025 RDP 120-Day Grace Period?

Registry Method and Practical PsExec Solution

Narbulut · System Administration Guide

What Is RDP Grace Period and Why Doesn’t slmgr Work?

When you enable the Remote Desktop Services (RDS) role on a Windows Server installation, Microsoft grants you a free 120-day Grace Period. Once this period expires, users can no longer connect to the server via RDP unless you have valid RDS CALs (Client Access Licenses).

Many administrators assume the slmgr /rearm command — used to extend the operating system’s evaluation license — also resets the RDS grace period. This is not the case. slmgr only manages the Windows Server license; the RDS grace period is a completely separate mechanism, reset by deleting the relevant counter key in the Registry.

On Windows Server 2025 Standard or Datacenter, there is no single CMD command that directly resets the RDP grace period. The process requires deleting the relevant time counter key in the Registry. This guide walks you through both the manual Registry method and the practical PsExec alternative that performs the reset with a single command.

Note: Windows Server 2025 is Microsoft’s latest server operating system, released in November 2024. The RDP grace period reset procedure below applies identically to both Standard and Datacenter editions of WS 2025.

Method 1: Manual Registry Reset

You can reset the GracePeriod counter by applying the following 4 steps in order. All operations must be performed with Administrator privileges.

Step 1: Open the Registry Editor

  1. On the server, click the Start menu and type regedit in the search bar.
  2. Right-click the result and select “Run as administrator”.
  3. Use the left-side tree to navigate to the following path:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod

Step 2: Modify Permissions (Take Ownership)

For security reasons, Windows does not allow you to directly delete keys in this folder. You must first take ownership and enable Full Control:

  1. Right-click the GracePeriod folder and select Permissions.
  2. In the dialog that opens, click the Advanced button.
  3. Click the Change link next to the Owner field at the top.
  4. Enter Administrators in the box, click Check Names, then click OK.
  5. Check “Replace owner on subcontainers and objects”, then click Apply and OK to close the windows.
  6. Right-click the GracePeriod folder again and go to Permissions. Select the Administrators group from the list and check the Full Control permission under the Allow column. Click Apply to save.

Step 3: Delete the L$RTMTIMEBOMB Key

  1. Look at the right pane of the GracePeriod folder.
  2. Right-click the binary entry whose name starts with L$RTMTIMEBOMB.
  3. Select Delete and confirm with Yes.
Note: The exact name of this key varies from server to server (example: L$RTMTIMEBOMB_1320153D-8DA3-4e8e-B27B-0D888223A588). Since it is the only key starting with L$RTMTIMEBOMB, you can easily identify it.

Step 4: Restart the Server

The reset will not take effect until the server is restarted. Quick restart command from the command line:

shutdown /r /t 0

When the server comes back up, Windows will automatically create a fresh L$RTMTIMEBOMB key, and your legitimate 120-day evaluation period will start from the beginning.

Method 2 (Alternative): One-Line PsExec + PowerShell

If you don’t want to deal with permissions and ownership settings, you can use Microsoft Sysinternals’ PsExec tool to open PowerShell with SYSTEM privileges and delete the key with a single command.

Step 1: Download PsExec

Download PsExec from the official Microsoft Sysinternals page and extract it to any folder on the server (for example, C:\Tools\).

Step 2: Open PowerShell with SYSTEM Privileges

Open Command Prompt (CMD) as Administrator, navigate to the folder containing PsExec, and run the following command:

psexec -s -i powershell.exe

The new PowerShell window that opens runs under the SYSTEM user; there is no need to take ownership or modify permissions.

Step 3: Delete the Key with a Single Command

Remove-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod' -Name 'L$RTMTIMEBOMB_*'

Step 4: Restart the Server

shutdown /r /t 0

Verification: Was the Reset Successful?

After the server restarts, run the following PowerShell command to verify that the grace period has been reset:

Get-WmiObject -Namespace 'root\cimv2\TerminalServices' -Class Win32_TerminalServiceSetting | Select-Object GracePeriodDays

The command output shows the number of days remaining. If the reset was successful, you should see 120 (or a value close to it). If you see a lower value, make sure the server has been restarted, or repeat the steps.

Common Issues and Solutions

“Access Denied” Error

You may have applied the permission/ownership steps in Step 2 incompletely or incorrectly. Retry the steps, or use Method 2 (PsExec) to run with SYSTEM privileges.

L$RTMTIMEBOMB Is Not Visible

If the GracePeriod folder is empty, the RDS role may not have started yet. Enable the Remote Desktop Services role, restart the server once, and check again.

Timer Didn’t Reset

If you skipped the server restart after deleting the key, the change won’t take effect. Restart with shutdown /r /t 0.

PowerShell Command Returns an Error

Make sure to open PowerShell with SYSTEM privileges (via PsExec). Regular administrator privileges may not be sufficient for this key.

Important — License Compliance: For long-term production use, purchasing Windows Server 2025 RDS CALs (per user or per device) is mandatory. 2025 RDS CALs are backward-compatible — they also work on 2022 and 2019 hosts. This guide is intended solely for test/lab environments and PoC projects; it is not a substitute for actual licensing in production.

Quick Action Summary

Registry Path

HKLM\SYSTEM\CCS\Control\Terminal Server\RCM\GracePeriod

Key to Delete

L$RTMTIMEBOMB_*

PsExec One-Liner

psexec -s -i powershell.exe

Restart Command

shutdown /r /t 0

Leave a Comment

Your email address will not be published. Required fields are marked *

Narbulut Product Analysis

Step 1/12
What area of technological improvement are you planning for your company?
Data Security & BackupRansomware, deleted files and disaster recovery.
Cloud Server (IaaS)Website, ERP, CRM or application hosting.
Team CollaborationSecure file sharing and remote work.
Object Storage (S3)Object Storage for developers.
What industry does your company operate in?
Healthcare / MedicalPatient data (GDPR critical).
Finance / AccountingSensitive financial data.
Manufacturing / EngineeringCAD drawings and production plans.
Other / General ServicesOffice documents and general data.
What type of devices need to be protected?
Employee ComputersLaptop and desktop end-user devices.
Physical / Virtual ServersDatabase, Active Directory or File Server.
What should your backup strategy be?
File & Folder BasedOnly important business files (XLS, PDF, SQL) should be backed up.
Full Disk ImageBack up "Everything" including the operating system.
What is your upload speed for cloud backup?
Fiber / High SpeedI can send large data quickly.
Standard / ADSLMy speed is limited, compression is important.
Is ransomware a threat?
Yes, Very CriticalWe have experienced it before or are at risk.
Standard Protection is SufficientBasic backup measures are enough.
How long would you like to keep versions?
90
30 - 90 DaysTo fix recent errors.
365+
1 Year and AboveLegal requirements or archiving.
What will be the primary purpose of the server?
E-Commerce / WebsiteHigh uptime and speed required.
ERP / Accounting SoftwareDatabase performance is important.
Software DevelopmentFlexible resource management.
What infrastructure do you need?
Windows ServerASP.NET, MSSQL, RDP.
Linux (Ubuntu/CentOS)PHP, Python, MySQL, Docker.
What is the estimated user traffic?
Low / MediumEntry level or new project.
High TrafficHeavy campaigns or many users.
Who will manage the server?
I Will Manage ItI have a technical team, root access is enough.
I Need SupportManaged Services required.
How many people will work in the shared workspace?
1 - 10 UsersSmall teams.
10 - 50+ UsersDepartment-based permissions required.
Is remote access required?
Yes, DefinitelyField team needs to upload files from mobile.
No, Office OnlyAccess only from company computers.
Analyzing Your Responses...
BEST SOLUTION FOR YOU

Product Title

Description

Explore Product Now

Product Information Request

Fill out the form so our solution experts can contact you.

Size uygun Narbulut Cloud Server planlarına göz atın

Narbulut Cloud Server ile ihtiyaçlarınıza en uygun sunucuları yapılandırın.

    SUNUCU TEKLİF & YAPILANDIRMA FORMU

    1. KURUMSAL KİMLİK & İLETİŞİM
    2. TEKNİK GEREKSİNİMLER
    3. LİSANS YÖNETİMİ

    Check out Narbulut Cloud Server plans that suit you

    Configure the servers that best fit your needs with Narbulut Cloud Server.

      SERVER QUOTE & CONFIGURATION FORM

      1. CORPORATE IDENTITY & CONTACT
      2. TECHNICAL REQUIREMENTS
      3. LICENSE MANAGEMENT

      Narbulut Mobile’ı İndirin

      Uygulamayı indirmek istediğiniz platformu seçin

      Google Play
      App Store
      AppGallery

      Download Narbulut Mobile

      Select the platform you want to download the app

      Google Play
      App Store
      AppGallery
      ×