Hi,
Is there a policy I can set so that the account is not able to RDP to the machine ?
You may try to assign the account with group policy: Deny log on through Remote Desktop Services
- Start | Run | Gpedit.msc if editing the local policy or chose the appropriate policy and edit it.
- Computer Configuration | Windows Settings | Security Settings | Local Policies | User Rights Assignment.
- Find and double click "Deny logon through Remote Desktop Services"
- Add the user and / or the group that you would like to dny access.
- Click ok.
- Run gpupdate /force /target:computer for this setting to take effect.
-----Please can click “Accept as answer” if any of above reply is helpful-------
Thanks,
Jenny