Would you like to learn how to use a group policy to configure the Remote Desktop security level to TLS? In this tutorial, we will show you how to force the use of TLS on remote desktop connections.

• 윈도우 2012 R2 • 윈도우 2016 • 윈도우 2019 • 윈도우 2022 • 윈도우 10 • 윈도우 11

Equipment list

Here you can find the list of equipment used to create this tutorial.

This link will also show the software list used to create this tutorial.

Tutorial GPO – Configure Remote Desktop security level to TLS

On the domain controller, open the group policy management tool.

Windows - Group Policy management

Create a new group policy.

Windows 2012 - Group Policy Objects

Enter a name for the new group policy.

Windows - Add GPO

In our example, the new GPO was named: MY-GPO.

On the Group Policy Management screen, expand the folder named Group Policy Objects.

Right-click your new Group Policy Object and select the Edit option.

Windows - Edit GPO

On the group policy editor screen, expand the Computer configuration folder and locate the following item.

Copy to Clipboard

Access the folder named Security.

GPO - ENABLE RDESKTOP TLS

Enable the item named Require use of specific security layer for remote (RDP) connections.

Select the TLS option.

TLS 옵션을 사용할 수 없는 경우 SSL 옵션을 선택합니다.

GPO - RDP FORCE TLS

To save the group policy configuration, you need to close the Group Policy editor.

Congratulations! You have finished the GPO creation.

Tutorial GPO – Configure Remote Desktop security level to TLS

On the Group policy management screen, you need to right-click the Organizational Unit desired and select the option to link an existent GPO.

Windows-2012-Applocker application

In our example, we are going to link the group policy named MY-GPO to the root of the domain.

GPO- tutorial linking

GPO를 적용 한 후 10 또는 20 분 동안 기다려야합니다.

이 기간 동안 GPO는 다른 도메인 컨트롤러로 복제됩니다.

이 예제에서는 TLS를 사용하도록 원격 데스크톱 연결을 구성했습니다.