I get asked the question about creating a GPO to enable the following 2 settings quite often:
- Remote Assistance
Allow Remote Assistance connections to this computer - Remote Desktop
Allow connections from computers running any version of Remote Desktop (less secure)
As I know I’ll get asked about this in the near future, this blog post will serve to demonstrate the configuration settings required to achieve this.
Remote Assistance
Allow Remote Assistance connections to this computer
To enforce this setting on a server or desktop, create a GPO and navigate to:
Computer Configuration –> Policies –> Administrative Templates –> System –> Remote Assistance then enable the following settings:
Solicited Remote Assistance
Offer Remote Assistance
Once this setting is configured, the Remote Assistance section in the Remote tab of System Properties will look as such:
Note how the Allow Remote Assistance connections to this computer is now grayed out.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
Remote DesktopAllow connections from computers running any version of Remote Desktop (less secure)
To enforce this setting on a server or desktop, create a GPO and navigate to:
Computer Configuration –> Policies –> Administrative Templates –> Windows Components –> Remote Desktop Services –> Remote Desktop Session Host –> Connections then enable the following setting:
Allow users to connect remotely using Remote Desktop Services
Once this setting is configured, the Remote Desktop section in the Remote tab of System Properties will look as such:
Note how the Don’t allow connections to the computer is now grayed out.
--------------------------------------------------------------------------------------------------------------------------------------------------------------------
In addition to the configuration settings above, if you’d like the domain firewall to be disabled, navigate to:
Computer Configuration –> Policies –> Administrative Settings –> Network –> Network Connections –> Windows Firewall –> Domain Profile then disable:
Windows Firewall: Protect all network connections
1 comment:
Thank you. Your blog was very helpful and efficient..
Internet Explorer Tech Support
Post a Comment