Enable-RDP-via-GPM

How to: Enable Remote Desktop Protocol Using Group Policy

blank

Table of content

Enabling Remote Desktop through Group Policy in a Windows domain is an extremely easy task for system administrators. The steps to have Group Policy (GPO) configured for Remote Desktop in Active Directory (AD) are as follows.

Prerequisites

  • Must possess administrative rights to manage Group Policies.
  • Must have Group Policy Management Console (GPMC) installed and running in order to set policies.
  • Make sure that target nodes (computers) are joined to Active Directory (AD) domain in order to implement necessary policies.

Enable RDP through Group Policy

  1. Open Group Policy Management. 
    gmc.msc
  2. Navigate to your domain path in the GPM Console and then proceed to the Group Policy Objects section. i.e. Domains > YourDomain.com > Group Policy Objects.
  3. Right click on your Group Policy Objects > New, give it a name (i.e., Enable RDP Policy) > OK.

Configure the Remote Desktop Protocol

  1. Edit the created policy (Enable RDP Policy) and navigate to the following path: 
    Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Connections
  2. Select the policy Allow users to connect remotely using Remote Desktop Services and set it to Enable.

Allow the Firewall for Remote Desktop Protocol

  1. Through GPM console, navigate to the following section: 
    Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Defender Firewall > Domain Profile
  2. Select the policy Windows Defender Firewall: Allow inbound Remote Desktop exceptions and set it to Enable.

Set the policy either globally(Domain Level) or within the specific Organizational Unit (OU)

  1. Set the policy either globally at the domain level or within the specific Organizational Unit (OU) where the target nodes reside.
  2. Then, on the node/client side, force the policy if necessary to ensure immediate application. To do this: 
    gpupdate /force
  3. Validating RDP Access via Manual Testing(Optional): 
    mstsc > Your Target IP
Test-NetConnection -ComputerName YourTargetIP -Port 3389
Conclusion:

You can use the procedure outlined to remote-enable the Remote Desktop Protocol(RDP) feature in all the network nodes through Group Policy. The advantage of such an installation is that it will provide improved centralization for remote handling of your domain infrastructure environment.

Your Comment

Your email will not be published.