Details

Allow log on through Remote Desktop Services

This security setting determines which users or groups have permission to log on as a Remote Desktop Services client.

Default:

On workstation and servers: Administrators, Remote Desktop Users.

On domain controllers: Administrators.

Important

This setting does not have any effect on Windows 2000 computers that have not been updated to Service Pack 2.

Solution

Policy Path: User Rights Assignments
Policy Setting Name: Allow log on through Remote Desktop Services

Supportive Information

The following resource is also helpful.

• https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-final-windows-10-and-windows-server-version/ba-p/1543631

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.

References

• 800-53|AC-6(7)(b)
• CSCv6|16

Source

• Tenable.com/audits