If you need to specify the users (or groups) that can REMOTE DESKTOP (RDP) to a PC and you want to do this with Group Policy, you are in the right place:
- In Group Policy Management Console (GPMC.MSC) select Computer Configuration\Windows Settings\Security Settings\Restricted Groups\
- Right-click Restricted Groups and then click Add Group.
- Click the Browse button, type Remote and click the Check Names and you should see REMOTE DESKTOP USERS come up.
- Click OK in the Add Groups dialog.
- Click Add beside the MEMBERS OF THIS GROUP box then click Browse.
- Type the name of the domain group, then click the Check Names button, then click OK to close this box.
- Click OK to close this box which will complete the addition of the domain group to the Remote Desktop Users group.
- Go to your PC and in an elevated command prompt type GPUPDATE /FORCE to refresh the GPolicy on your PC
- Verify that the group has been added to under the SELECT USERS button on the REMOTE tab of the PC’s SYSTEM PROPERTIES.