Terminal Server Group Policy Guide in Server 2008
Terminal Server Computer Configuration Group Policies
Computer Group Policy
Settings for Terminal Server Connections
Computer Configuration\Administrative
Templates\Windows Components\Terminal Services\Terminal Server\Connections
|
Computer Group Policies for Terminal Server Connections
|
|
Allow reconnection from original client only
|
|
Allow remote start of unlisted programs
|
|
Allow users to connect remotely using
Terminal Services
|
|
Automatic reconnection
|
|
Configure keep-alive connection interval
|
|
Deny logof of an administrator to the
console session
|
|
Limit number of connections
|
|
Restrict Terminal Services users to a single
remote session
|
|
Set rules for remote control of Terminal
Services user sessions
|
Computer
Group Policy Settings for Terminal Server Device and Resource Redirection
Computer Configuration\Administrative Templates\Windows
Components\Terminal Services\Terminal Server\Device and Resource Redirection
|
Computer Group Policies for Terminal Server Device and Resource
Redirection
|
|
Allow audio redirection
|
|
Allow time zone redirection
|
|
Do not allow clipboard redirection
|
|
Do not allow COM port redirection
|
|
Do not allow drive redirection
|
|
Do not allow LPT port redirection
|
|
Do not allow supported Plug and Play device
redirection
|
Computer
Group Policy Settings for Terminal Server Licensing
Computer Configuration\Administrative Templates\Windows
Components\Terminal Services\Terminal Server\Licensing
|
Computer Group Policies for Terminal Server Licensing
|
|
Hide notifications about TS Licensing
problems that affect the terminal server
|
|
Set the Terminal Services licensing mode
|
|
Use the specified Terminal Services
licensing servers
|
Computer
Group Policy Settings for Terminal Server Printer Redirection
Computer Configuration\Administrative Templates\Windows
Components\Terminal Services\Terminal Server\Printer Redirection
|
Computer Group Policies for Terminal Server Printer Redirection
|
|
Do not allow client printer redirection
|
|
Do not set default client printer to be
default printer in a session
|
|
Redirect only the default client printer
|
|
Specify terminal server fallback printer
driver behavior
|
|
User Terminal Services Easy Print driver
first
|
Computer
Group Policy Settings for Terminal Server Profiles
Computer Configuration\Administrative Templates\Windows
Components\Terminal Services\Terminal Server\Profiles
|
Computer Group Policies for Terminal Server Profiles
|
|
Set path for TS Roaming Profiles
|
|
Set TS User Home Directory
|
|
Use mandatory profiles on the terminal
server
|
Computer
Group Policy Settings for Terminal Server Remote Session Environment
Computer Configuration\Administrative Templates\Windows
Components\Terminal Services\Terminal Server\Remote Session Environment
|
Computer Group Policies for Terminal Server Remote Session
Environment
|
|
Always show desktop on connection
|
|
Enforce Removal of Remote Desktop Wallpaper
|
|
Limit maximum color depth
|
|
Remove “Disconnect” option from Shut Down
dialog
|
|
Remove Windows Security item from Start menu
|
|
Start a program on connection
|
Computer Group Policy Settings for Terminal Server
Security
Computer Configuration\Administrative Templates\Windows
Components\Terminal Services\Terminal Server\Security
|
Computer Group Policies for Terminal Server Security
|
|
Always prompt for password upon connection
|
|
Do not allow local administrators to
customize permissions
|
|
Require secure RPC communication
|
|
Require use of specific security layer for
remote (RDP) connections
|
|
Require user authentication using RDP 6.0
for remote connections
|
|
Server Authentication Certificate Template
|
|
Set client connection encryption level
|
Computer
Group Policy Settings for Terminal Server Session Time Limits
Computer Configuration\Administrative Templates\Windows
Components\Terminal Services\Terminal Server\Session Time Limits
|
Computer Group Policies for Terminal Server Session Time Limits
|
|
Set time limit for active but idle Terminal
Services sessions
|
|
Set time limit for active Terminal Services
sessions
|
|
Set time limit for disconnected sessions
|
|
Terminate session when time limits are
reached
|
Computer
Group Policy Settings for Terminal Server Temporary folders
Computer Configuration\Administrative Templates\Windows
Components\Terminal Services\Terminal Server\Temporary folders
|
Computer Group Policies for Terminal Server Temporary Folders
|
|
Do no delete temp folder upon exit
|
|
Do not use temporary folder per session
|
Computer
Group Policy Settings for Terminal Server TS Session Broker
Computer Configuration\Administrative Templates\Windows
Components\Terminal Services\Terminal Server\TS Session Broker
|
Computer Group Policies for Terminal Server TS Session Broker
|
|
Join TS Session Broker
|
|
TS Session Broker Farm Name
|
|
TS Session Broker Load Balancing
|
|
TS Session Broker Server
|
|
Use IP Address Redirection
|
Terminal Server User Configuration Group Policies
User
Group Policy Settings for Remote Desktop Connection Client
User Configuration\Administrative Templates\Windows Components\Terminal
Services\Remote Desktop Connection Client
|
User Group Policies for
Remote Desktop Connection Client
|
|
Allow .rdp files from valid publishers and
user’s default .rdp settings
|
|
Allow .rdp files from unknown publishers
|
|
Do not allow passwords to be saved
|
|
Specify SHA1 thumbprints of certificates
representing trusted .rdp publishers
|
User
Group Policy Settings for Terminal Server Connections
User Configuration\Administrative Templates\Windows Components\Terminal
Services\Terminal Server\Connections
|
User Group Policies for
Terminal Server Connections
|
|
Set rules for remote control of Terminal
Services user sessions
|
|
Allow reconnection from original client only
|
User
Group Policy Settings for Terminal Server Device and Resource Redirection
User Configuration\Administrative Templates\Windows Components\Terminal
Services\Terminal Server\Device and Resource Redirection
|
User Group Policies for
Terminal Server Device and Resource Redirection
|
|
Do not allow clipboard redirection
|
|
Allow time zone redirection
|
User
Group Policy Settings for Terminal Server Printer Redirection
User Configuration\Administrative Templates\Windows Components\Terminal
Services\Terminal Server\Printer Redirection
|
User Group Policies for
Terminal Server Printer Redirection
|
|
Use Terminal Services Easy Print driver
first
|
|
Redirect only the default client printer
|
User
Group Policy Settings for Terminal Server Remote Session Environment
User Configuration\Administrative Templates\Windows
Components\Terminal Services\Terminal Server\Remote Session Environment
|
User Group Policies for
Terminal Server Remote Session Environment
|
|
Start a program on connection
|
|
Enforce Removal of Remote Desktop Wallpaper
|
|
Always show desktop on connection
|
User
Group Policy Settings for Terminal Server Session Time limits
User Configuration\Administrative Templates\Windows Components\Terminal
Services\Terminal Server\Session Time Limits
|
User Group Policies for
Terminal Server Session Time limits
|
|
Set time limit for disconnected sessions
|
|
Set time limit for active but idle Terminal
Services sessions
|
|
Set time limit for active Terminal Services
sessions
|
|
Terminate session when time limits are
reached
|
User
Group Policy Settings for TS Gateway
User Configuration\Administrative Templates\Windows Components\Terminal
Services\TS Gateway
|
User Group Policies for
Terminal Server Session Time limits
|
|
Set TS Gateway authentication method
|
|
Enable connection through TS Gateway
|
|
Set TS Gateway server address
|
