All Group Policy Settings for Remote Desktop Services in Windows Server 2008 R2
Applies To: Windows Server 2008 R2
The following is a list of all the Group Policy settings for Remote Desktop Services in Windows Server® 2008 R2. The list is organized by the Group Policy nodes in which they are located in the Group Policy Management Console (GPMC). Click a node to view more information about the policy settings, such as explanatory text and operating system requirements.
Computer Configuration Group Policy Settings
The following Group Policy settings are available under the Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services node of the GPMC.
Note
If you are using the Local Group Policy Editor, Policies is not part of the node path.
License server security group
Prevent license upgrade
Remote Desktop Connection Client
Allow .rdp files from valid publishers and user's default .rdp settings
Allow.rdp files from unknown publishers
Do not allow password to be saved
Specify SHA1 thumbprints of certificates representing trusted .rdp publishers
Prompt for credentials on the client computer
Configure server authentication for client
RemoteFX USB Device Redirection
- Allow RDP redirection of other supported RemoteFX USB devices from this computer
Turn off Windows Installer RDS Compatibility
Turn on Remote Desktop IP Virtualization
Select the network adapter to be used for Remote Desktop IP Virtualization
Do not use Remote Desktop Session Host server IP address when virtual IP address is not available
Automatic reconnection
Allow users to connect remotely using Remote Desktop Services
Deny logoff of an administrator logged in to the console session
Configure keep-alive connection interval
Limit number of connections
Sets rules for remote control of Remote Desktop Services user sessions
Restrict Remote Desktop Services users to a single Remote Desktop Services session
Allow remote start of unlisted programs
Turn off Fair Share CPU Scheduling
Device and Resource Redirection
Allow audio and video playback redirection
Allow audio recording redirection
Limit audio playback quality
Do not allow clipboard redirection
Do not allow COM port redirection
Do not allow drive redirection
Do not allow LPT port redirection
Do allow supported Plug and Play device redirection
Do not allow smart card device redirection
Allow time zone redirection
Use the specified Remote Desktop license servers
Hide notifications about RD Licensing problems on RD Session Host server
Set the Remote Desktop licensing mode
Do not set default client printer to be default printer in a session
Do not allow client printer redirection
Use Remote Desktop Easy Print printer driver first
Specify RD Session Host server fallback printer driver behavior
Redirect only the default client printer
Limit size of the entire roaming profile cache
Set Remote Desktop Services User Home Directory
Use mandatory profiles on the RD Session Host server
Set path for Remote Desktop Services Roaming User Profile
Join RD Connection Broker
Configure RD Connection Broker farm name
Use IP Address Redirection
Configure RD Connection Broker server name
Use RD Connection Broker load balancing
Limit maximum color depth
Enforce Removal of Remote Desktop Wallpaper
Configure RemoteFX
Limit maximum display resolution
Limit maximum number of monitors
Remove “Disconnect” option from Shut Down dialog
Remove Windows Security item from Start menu
Optimize visual experience when using RemoteFX
Set compression algorithm for RDP data
Optimize visual experience for Remote Desktop Services sessions
Start a program on connection
Always show desktop on connection
Allow desktop composition for remote desktop sessions
Do not allow font smoothing
Server authentication Certificate Template
Set client connection encryption level
Always prompt client for password upon connection
Require secure RPC communication
Require use of specific security layer for remote (RDP) connections
Do not allow local administrators to customize permissions
Require user authentication for remote connections by using Network Level Authentication
Set time limit for disconnected sessions
Set time limit for active but idle Remote Desktop Services sessions
Set time limit for active Remote Desktop Services sessions
Terminate session when time limits are reached
Set time limit for logoff of RemoteApp sessions
Do not delete temp folder upon exit
Do not use temp folders per session
User Configuration Group Policy Settings
The following Group Policy settings are available under the User Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services node of the GPMC.
Note
If you are using the Local Group Policy Editor, Policies is not part of the node path.
Set RD Gateway authentication method
Enable connection through RD Gateway
Set RD Gateway server address
Remote Desktop Connection Client
Allow .rdp files from valid publishers and user's default .rdp settings
Allow.rdp files from unknown publishers
Do not allow password to be saved
Specify SHA1 thumbprints of certificates representing trusted .rdp publishers
- Set rules for remote control of Remote Desktop Services user sessions
Device and Resource Redirection
Allow time zone redirection
Do not allow clipboard redirection
Use Remote Desktop Easy Print printer driver first
Redirect only the default client printer
Start a program on connection
Remove remote desktop wallpaper
Always show desktop on connection
Set time limit for disconnected sessions
Set time limit for active Remote Desktop Services sessions
Set time limit for active but idle Remote Desktop Services sessions
Terminate session when time limits are reached
Set time limit for logoff of RemoteApp sessions