Enabling Remote Desktop iva Group Policy is a two step process in Windows Server 2012 R2. Here’s how to enable RDP via GPO in Windows Server 2012 R2:
Firstly, set the GPO to enable Allow users to connect remotely using Remote Desktop Services, which can be found here:
Computer Configuration –> Administrative Templates –> Windows Components –> Remote Desktop Services –> Remote Desktop Session Host –> Connections
This enables the computer to accept RDP connections. Next you have to add users to the local Remote Desktop Users group to give those users permission to RDP to the computer. To do this, create a group in AD for RDP users (the built in AD group can’t be used). Then go to:
Computer Configuration -> Preferences -> Control Panel Settings -> Local Users and Groups
Then right click and add a new Local Group. For the group name, use the drop down to select the Remote Desktop Users (Built-in) group. Then click Add to add the group you created to the local Remote Desktop Users group and click OK. Apply this GPO to the OU containing the computers you want to enable RDP to, reboot the PC or wait approx 90 minutes and you’re done.