Remote Desktop between wks01 and wks02 only

Opening port 3389

• First, ensure that wks01 and wks02 are in their own Organization Unit in Active Directory User and Computers.
• Open the Group Policy Manager, navigate to the OU, right click it, and select Create a GPO in this domain, and Link it here...
• Name it something like "Remote Desktop". Right click it, and Edit.
• Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > New Inbound Rule.
• Select Port, and on the next page enter Specific Port 3389.
• The connection should be Allowed.
• Deselect Public, so that public networks are not dangerous.
• Name it whatever you please.

Enabling Remote Desktop with Security

• Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Connections.
• Double click Allow users to connect remotely by using Remote Desktop Services.
• Enable it.
• Leave the Connections page, and find the Security page, and double click Require user authentication for remote connections by using Network Level Authentication.
• Enable it.