Group Policy Management Archives - the Sysadmin Channel https://thesysadminchannel.com/tag/group-policy-management/ Documenting My Life as a System Administrator Wed, 16 Jan 2019 05:00:32 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.3 144174110 How To Enable Remote Desktop Via Group Policy (GPO) https://thesysadminchannel.com/how-to-enable-remote-desktop-via-group-policy-gpo/ https://thesysadminchannel.com/how-to-enable-remote-desktop-via-group-policy-gpo/#respond Fri, 23 Mar 2018 04:13:38 +0000 https://thesysadminchannel.com/?p=149 Picture this: you just setup a remote site and now you find yourself having to support servers (or users) you can’t physically get to.  Since walking to their desk is not an option, you need to figure out How to enable… Continue Reading

The post How To Enable Remote Desktop Via Group Policy (GPO) appeared first on the Sysadmin Channel.

]]> Picture this: you just setup a remote site and now you find yourself having to support servers (or users) you can’t physically get to.  Since walking to their desk is not an option, you need to figure out How to enable Remote Desktop via Group Policy so it gets applied to machines at that site.  Today, that’s exactly what I’m going to show you how to do.

Enable Remote Desktop via Group Policy

The biggest problem you could be potentially faced with, is actual permissions to modify any GPOs. I’m going to assume you have the permissions so we’ll just continue on with a bullet list that’s easy peasy for you to understand.

  • Open up Group Policy Management Console (GPMC).
  • Create a New Group Policy Object and name it Enable Remote Desktop.
  • Navigate to: Computer Configuration -> Windows Settings -> Security Settings -> Windows Firewall with Advanced Security -> Windows Firewall with Advanced Security -> Inbound Rules and Create a New Rule. Screenshot below.

Enable Remote Desktop via Group Policy

  • Select Port in the New Inbound Rule Wizard.
  • Ensure TCP and Specific Local Port : 3389

  Firewall Rule Port 3389

  • Allow the Connection and only select Domain and Private Profiles.
  • Name this rule – Inbound Rule for RDP Port 3389

 

Now that we have added the local ports, we’ll need to enable the Remote Desktop Session Host policies.

  • Go to Computer Configuration -> Policies -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Connections
  •  Allow users to connect remotely by using Remote Desktop Services to Enable.

Connections - Allow RDP Settings

  • Now we’re going to enable Network Level Authentication.  This is highly recommended and has many security advantages.  However, that’s out of the scope of this article so I won’t go in to the details now.
  • Go to Computer Configuration -> Policies -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Security
  • Set Require user authentication for remote connections by using Network Level Authentication to Enable.

Security - Enable NLA Group Policy

  • Last but certainly not least, we need to apply the newly created GPO to an Organizational Unit so it actually works.
  • Close out of GPMC.  There aren’t any more settings to configure.

 

Enable Remote Desktop using Group Policy (GPO) Video Demo

 
Last but certainly not least be sure to check out our YouTube Channel for awesome How-To’s and other Sysadmin related content.

The post How To Enable Remote Desktop Via Group Policy (GPO) appeared first on the Sysadmin Channel.

]]> https://thesysadminchannel.com/how-to-enable-remote-desktop-via-group-policy-gpo/feed/ 0 149