You are here
Home > Windows Server > Windows Server Setup and Implementation > How to Configure Remote Desktop for Administration?

How to Configure Remote Desktop for Administration?

  • The two components of Remote Desktop for Administration you will need to support and configure are:
    1. Terminal Services for the server portion
    2. The Remote Desktop Connection (RDC) for the client portion.
  • An alternative to using RDC is the Remote Desktops snap-in, which lets you connect to and manage multiple remote desktops.

To enable the Remote Desktop on the server

  1. Access Control Panel -> System And Maintenance ->  System.->
  2. On the System page, click Remote Settings in the left pane.

You have two configuration options for enabling Remote Desktop: 

  1. Select Allow Connections From Computers Running Any Version Of  Remote Desktop (Less Secure) to allow connections from any version of Windows Using Remote Desktop for Administration 
  2. Select Allow Connections Only From Computers Running Remote Desktop With Network Level Authentication (More Secure) to allow connections only from Windows Vista or Windows Server 2008 (and computers with secure network authentication).

Permitting and Restricting Remote Logon

By default, all members of the Administrators group can log on remotely.

Members of Remote Desktop Users group are allowed to log on remotely.

To add a member to this group

  1. Access Control Panel -> System And Maintenance -> System.
  2. On the System page, click Remote Settings in the left pane.
  3. On the Remote tab, click Select Users. To add users or groups to the list, click Add.

This can be done through site, domain, and organizational policy.

Now you may access the appropriate Group Policy object and select Computer Configuration, Windows Settings, Security Settings, Local Policies, and User Rights Assignments.

You may double-click Allow Log On Through Terminal Services to see a list of users and groups currently granted this right.

Also Group Policy can be used to configure Terminal Services.

  • The precedence hierarchy for Terminal Services configuration is as follows:  Computer-level Group Policy  User-level Group Policy Local computer policy using the Terminal Services Configuration tool  User policy on the Local User and Group level  Local client settings
  • You can configure local policy on individual computers or on an organizational unit (OU) in a domain.
  • You can use Group Policy to configure Terminal Services settings per connection, per user, per computer, or for groups of computers in an OU of a domain.
  • The Group Policy settings for Terminal Services are modified using the Group Policy Object Editor and are located in Computer Configuration\Administrative Templates\ Windows Components\Terminal Services and in User Configuration\Administrative Templates\Windows Components\Terminal Services.