Remote desktop: configure who can connect

Windows 10  Windows Server 2012R2  Windows Server 2016  Windows Server 2019

In this tutorial, we will see how to configure who can connect to the computer using Remote Desktop.

This tutorial does not apply to RDS deployment, where this configuration is done at the collection level.

This tutorial applies to computers and servers where the remote desktop is configured for takeover.

There are several methods to configure who can connect, in this tutorial we will see two methods. By default, members of the Administrators and Remote Desktop Users group are allowed to connect.

Add users to Administrators or Remote Desktop Users groups

Adding a user or group to the Administrators group gives, in addition to remote desktop access rights, administrative rights on the computer or the server.

Open the Computer Management console, right click on the start menu button 1 and click on Computer Management 2.

Go to Groups 1 which is in System Tools / Local Users and Groups.

Double click on the group 1 to modify to open it.

Click on the Add 1 button.

Select the user or group 1 to add and click OK 2.

Validate the addition of the object 1 to the group by clicking on Apply 2 and OK 3.

The Domain Users group has been added to the Remote Desktop User group.

Allow remote desktop connection through security settings

In the first part, we saw how to give access to the remote desktop using one of the two predefined groups. In this part, we are going to have how to add a group authorize to log on by remote desktop services by passing the security settings.

The configuration is done using the Local Group Policy Editor or can be configured by GPO in an Active Directory environment.

Open a Run window (Windows + R), in Open enter gpedit.msc and click OK 2 to open the Local Group Policy Editor console.

Open Allow log on through Remote Desktop Services 1 setting by double clicking in Computer Configuration / Windows Settings / Security Settings / Local Policies / Assigning User Rights.

Click the Add user or group … 1 button.

Select the object (User or group) 1 and click OK 2.

Validate the configuration by clicking on Apply 1 and OK 2.

The object has been added to the 1 parameter.

Members of the Domain Users group can now log on to Remote Desktop on the computer.


The two methods above achieve the same result by allowing the Domain Users group to log on to the remote desktop on the computer.

The tutorial screenshots are on Windows 10, the handling is identical with Windows Server.



Related Posts


Share a folder with Windows Server

Presentation In this tutorial, we will see a common task on a server, which is the folder share. There are several solutions to share a folder, in this tutorial we will see two possibilities: By the f

Windows 10: use the Remote Desktop app

SommairePresentationInstalling the Remote Desktop applicationUsing the Remote Desktop appAdd a classic Remote Desktop connectionConfigure the connection to an RDS farmAdditional configurations Present

VDI: installation and configuration with Windows Server

In this tutorial, I will explain how to install and configure a VDI (Virtual Desktop Infrastructure) environment. Before getting to the heart of the matter, I will quickly present to you what a virtua

Scroll to Top