New Group Policy Settings for Terminal Services in Windows Server 2008

  • Article

Applies To: Windows Server 2008

The following is a list of the Group Policy settings for Terminal Services that are new for Windows Server 2008. The list is organized by the Group Policy nodes in which they are located in the Group Policy Management Console (GPMC). Click a node to view more information about the policy settings, such as explanatory text and operating system requirements.

Computer Configuration Group Policy Settings

The following Group Policy settings are available under the Computer Configuration\Policies\Administrative Templates\Windows Components\Terminal Services node of the GPMC.

Note

If you are using the Local Group Policy Editor, Policies is not part of the node path.

Remote Desktop Connection Client

  • Allow .rdp files from unknown publishers

  • Allow .rdp files from valid publishers and user's default .rdp settings

  • Configure server authentication for client

  • Prompt for credentials on the client computer

  • Specify SHA1 thumbprints of certificates representing trusted .rdp publishers

Terminal Server\Connections

  • Allow remote start of unlisted programs

Terminal Server\Device and Resource Redirection

  • Do not allow supported Plug and Play device redirection

Terminal Server\Printer Redirection

  • Redirect only the default client printer

  • Use Terminal Services Easy Print printer driver first

Terminal Server\Profiles

  • Use mandatory profiles on the terminal server

Terminal Server\Remote Session Environment

  • Set compression algorithm for RDP data

Terminal Server\Security

  • Require use of specific security layer for remote (RDP) connections

  • Require user authentication for remote connections by using Network Level Authentication

  • Server Authentication Certificate Template

Terminal Server\Session Time Limits

  • Set time limit for logoff of RemoteApp sessions

Terminal Server\TS Session Broker

  • Use TS Session Broker load balancing

User Configuration Group Policy Settings

The following Group Policy settings are available under the User Configuration\Policies\Administrative Templates\Windows Components\Terminal Services node of the GPMC.

Note

If you are using the Local Group Policy Editor, Policies is not part of the node path.

Remote Desktop Connection Client

  • Allow .rdp files from unknown publishers

  • Allow .rdp files from valid publishers and user's default .rdp settings

  • Specify SHA1 thumbprints of certificates representing trusted .rdp publishers

Terminal Server\Device and Resource Redirection

  • Allow time zone redirection

  • Do not allow Clipboard redirection

Terminal Server\Printer Redirection

  • Redirect only the default client printer

  • Use Terminal Services Easy Print printer driver first

Terminal Server\Remote Session Environment

  • Always show desktop on connection

  • Remove remote desktop wallpaper

Terminal Server\Session Time Limits

  • Set time limit for logoff of RemoteApp sessions

TS Gateway

  • Enable connection through TS Gateway

  • Set TS Gateway authentication method

  • Set TS Gateway server address