Enabling Remote Desktop via Group Policy
In a previous post, I provided some details on the "Jameson Datacenter" (a.k.a. my home lab). In a follow-up post, I also discussed the Active Directory domain structure and mentioned how I use the Group Policy feature of Active Directory to "effortlessly" configure new servers.
For example, I have defined a Group Policy (named Enable Terminal Services Policy) with the following settings:
- Computer Configuration
- Policies
- Windows Settings
- Security Settings
- Windows Firewall with Advanced Security
- Inbound Rules
- Remote Desktop (TCP-In)
- Enabled: Yes
- Action: Allow
- Remote Desktop (TCP-In)
- Inbound Rules
- Windows Firewall with Advanced Security
- Security Settings
- Administrative Templates
- Windows Components
- Terminal Services
- Terminal Server
- Connections
- Allow users to connect remotely using Terminal Services: Enabled
- Connections
- Terminal Server
- Terminal Services
- Windows Components
- Windows Settings
- Policies
By linking this Group Policy to the appropriate OUs (e.g. Development/Resources/Servers) I do not have to manually enable Remote Desktop connections on each new server (e.g. a new SharePoint development VM). Instead this is automatically configured as soon as I join a server to the domain and reboot.
I'll cover some of the other Group Policy objects in subsequent posts.