When you are deploying your RDS servers you probably (like me) want to make everything managable from a single point. So i don’t like to make a lot of changes to the local system by hand, but i prefer to set them with the use of a Group Policy. In this case a Machine Policy
These are the basic settings i use:
Policies
Windows Settings/Security Settings
Local Policies/Security Options
Interactive logon:
Prompt user to change password before expiration 14 days
Administrative Templates
System
Display Shutdown Event Tracker Disabled
System/Device Installation
Prevent device metadata retrieval from the Internet Enabled
System/Group Policy
User Group Policy loopback processing mode Enabled Mode: Replace
System/Logon
Turn off Windows Startup Sound Enabled
System/User Profiles
Add the Administrators security group to roaming user profiles Enabled
Delete cached copies of roaming profiles Enabled
Windows Components/
Remote Desktop Services/Remote Desktop Session Host/Connections
Restrict Remote Desktop Services users to a single RDS session Enabled
Windows Components/
Remote Desktop Services/Remote Desktop Session Host/Licensing
Set the Remote Desktop licensing mode Enabled
Use the specified Remote Desktop license servers Enabled
License servers to use: <Your RDS License Server>
Windows Components/
Remote Desktop Services/Remote Desktop Session Host/Printer Redirection
Use Remote Desktop Easy Print printer driver first Enabled
Windows Components/
Remote Desktop Services/Remote Desktop Session Host/Remote Session Environment
Remove “Disconnect” option from Shut Down dialog Enabled
These settings are of course my personal settings, so feel free to customize them!
