I was working on our server deployment with MDT and was wondering how I
could set rights on the RDP/ICA Listener and found this gem of an
article: Restricting RDP access to Citrix servers (using WMI scripting)
It helped me a lot, although I just found out I tried to add a domain local group with 34 characters and this failed with error “Value out of range”. So I shortened it to 26 characters worked fine though.
For those that don’t know what I’m talking about, you can find RDP-TCP security when opening ServerManager:
Then right click RDP-TCP, select properties:
And after you click ‘advanced’ you get the full options: