In this blog post, I will show you how to allow non-domain admin users to remote desktop to servers and machines on the domain by giving them administrative permission.
Using Group Policy, we can create or modify an existing GPO and use the User Right Assignment option to allow users to RDP to machines.
To start, Open GPMC and navigate to:
Computer Configuration -> Windows Settings -> Security Settings-> User Right Assignment.
From the User Right Assignment page double click on Allow log on through Remote Desktop Services.
From the policy settings page, click on Add User or Group and select your user or Group that you would like to allow login to the server or servers.
Note: The policy will apply to all the servers that under the policy, it is recommended to limit the scope of the policy reach.
It is also recommended you use Group and not users which will simplify the process.