How to allow local user / group for remote desktop using GPO

Question

Hi,

Can anyone help me as to how to configure GPO to allow local user to access PC remotely. Currently I need to do manually add the user/group or whatever PC is required.

For domain users it is easy with the help of GPO

Manish

Answer 1

Hi @Manish Chawda

If you need to specify the users (or groups) that can REMOTE DESKTOP (RDP) to a PC and you want to do this with Group Policy, you are in the right place:

1. In Group Policy Management Console (GPMC.MSC) select Computer Configuration\Windows Settings\Security Settings\Restricted Groups\
2. Right-click Restricted Groups and then click Add Group.
3. Click the Browse button, type Remote and click the Check Names and you should see REMOTE DESKTOP USERS come up.
4. Click OK in the Add Groups dialog.
5. Click Add beside the MEMBERS OF THIS GROUP box then click Browse.
6. Type the name of the domain group, then click the Check Names button, then click OK to close this box.
7. Click OK to close this box which will complete the addition of the domain group to the Remote Desktop Users group.
8. Go to your PC and in an elevated command prompt type GPUPDATE /FORCE to refresh the GPolicy on your PC
9. Verify that the group has been added to under the SELECT USERS button on the REMOTE tab of the PC’s SYSTEM PROPERTIES.

Refer - https://softwarekeep.com/help-center/how-to-enable-remote-desktop-on-windows

If the Answer is helpful, please click Accept Answer and up-vote, so that it can help others in the community looking for help on similar topics.

Answer 2

That's for Domain Users. But I want for e.g. I have created a local user or group say james and I want give him RDP access, this I had already tried to configure as you mentioned but the user is not shown in the list. It only shows domain users.

Please advise.

Answer 3

Kindly please advise.

Answer 4

I have the same question. but I need Local User to Access the server by RDP