A few months ago, I have audited a Remote Desktop Service Infrastructure with RDS Host and RemoteApp.
These are the settings I have configured via GPO:
- Settings for recovery RD and RemoteApp disconnected sessions:
- Settings to improve bandwidth and mapping for RD Clients:
- To improve the security of the RD Clients and Remoteapp experience I did the following:
This setting remove a prompt to connect with RemoteApp to a WebApp. I put the certificate thumbprint.
This is in the Remote Desktop console in the server configuration, not in GPO and is used to improve the security of the user credential validations.