How to enable Remote Desktop via Group Policy
This one had me stumped, but it’ll teach me to search the internet properly before blundering through. Even if you allow the Windows Firewall to accept Remote Desktop Connections you still need to enable Terminal Services elsewhere in the GP hierarchy. D’oh!
Here’s what you need to enable Remote Desktop remotely:
Computer Configuration > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Windows Firewall: Allow Remote Desktop Exception
Computer Configuration > Administrative Templates > Windows Components > Terminal Services > Allow users to connect remotely using Terminal Services
Enable both of those options and you’ll be Remote Desktop-ing into PCs by the next day 
(or rather, until your Domain clients refresh their Group Policy settings 
)
James said,
13 February, 2009 at 1:26 pm
Many thanks for this! Turned you up in Google – straight to the point.
Saved me a bunch of legwork. Cheers!
Phil Wiffen said,
13 February, 2009 at 4:28 pm
No worries James, glad it helped
Peter said,
25 February, 2009 at 1:52 pm
Just like James said. Straight to the point and I REALLY like that. As soon as the server reboots after some updates, then I’ll be changing the terminal connection settings. Thanks again.
Peter
Olsi Deda said,
13 March, 2009 at 12:56 pm
straight to the point
Sean said,
18 March, 2009 at 7:25 pm
Perfect, this one was exactly what I needed! now I can try and put that hair back in that I pulled out!
Mike said,
2 June, 2009 at 7:13 pm
Works!!! Thanks.
Clay said,
4 June, 2009 at 11:13 pm
Thanks!
However, you actually don’t need the windows firewall exception. That’s for workstations to receive requests for remote help, not for allowing you remote in. At least that’s how I read the Group Policy definition and remote desktop is working for me with only the second setting.
Phil Wiffen said,
5 June, 2009 at 8:36 am
That’s good to know Clay