Modify Group Policy’s refresh interval to 15mins
Edit Group Policy at your desired OU
Computer Configuration > Policies > Administrative Templates > System > Group Policy > Set Group Policy refresh interval for computers > Enable
This setting allows you to customize how often Group Policy is applied.
Minutes: 10
This is a random time added to the refresh interval to prevent all clients from requesting Group Policy at the same time.
Minutes: 5
Do the same for User Configuration
User Configuration > Policies > Administrative Templates > System > Group Policy > Set Group Policy refresh interval for users > Enable
Note default Group Policy refreshes every 90 minutes and 5 minutes for domain controllers (DCs).
Set Time Zone via Group Policy
Computer Configuration > Preferences > Windows Settings > Registry > Right-click New > Registry Wizard > Local Computer (with time zone already set) > Local Computer > Next
Navigate to below location and select all under TimeZoneInformation
\HKLM\System\CurrentControlSet\Control\TimeZoneInformation\
Run startup scripts asynchronously
Computer Configuration > Policies > Administrative Templates > System > Scripts> Run startup scripts asynchronously
Desktop Wallpaper Using Group Policy (GPO)
User Configuration > Policies > Administrative Templates > Desktop > Desktop Wallpaper > \\ad\SYSVOL\xxx.domain.com.sg\DesktopPictures\BeautifulDesktop.jpg
Enable Firewall for RDP (3389)
Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Double-click Windows Firewall: Allow inbound Remote Desktop exceptions > * for all IP
Enable Firewall for ICMP
Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Double-click Windows Firewall: Allow ICMP exceptions > Allow inbound echo request
Enable RDP via GPO
Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Connections. Allow users to connect remotely using Remote Desktop Services > Enabled
Install security certificate with GPO
Computer Configuration\Policies\Windows Settings\Security Settings\Public Key Policies > Trusted Root Certification Authorities > and then click Import.