After adding the Remote Desktop Session Host roll to a server the following firewall rules get created and are enabled by default.
Name Group Profile Enabled Action Override Program Local Address Remote Address Protocol Local Port Remote Port Allowed Users Allowed Computers
Terminal Services - WMI (DCOM-In) Terminal Services All Yes Allow No %systemroot%\system32\svchost.exe Any Any TCP 135 Any Any Any
Terminal Services - WMI (TCP-In) Terminal Services All Yes Allow No %systemroot%\system32\svchost.exe Any Any TCP RPC Dynamic Ports Any Any Any
Terminal Services (NP-In) Terminal Services All Yes Allow No System Any Any TCP 445 Any Any Any
Terminal Services (RPC) Terminal Services All Yes Allow No %systemroot%\system32\svchost.exe Any Any TCP RPC Dynamic Ports Any Any Any
Terminal Services (RPC-EPMAP) Terminal Services All Yes Allow No %systemroot%\system32\svchost.exe Any Any TCP RPC Endpoint Mapper Any Any Any
What is Terminal Services doing that it requires WMI, RPC, and NetBIOS to be enabled?
Best Answer
Based on a cursory Google search, it looks like it's related to communication with a RDS License server and for remote management of the RDS role.