The group policy path to configure RDP to use the certificate from the domain certificate services is:
Computer Configuration -> Policies -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Security -> Server authentication certificate template
This Administrative Template policy item will need to be enabled with the Certificate Template Name set to “NCSU-Server-Certificate”.
Also strongly recommended is to:
- “Enable” the setting “Require use of specific security layer for remote (RDP) connections” and setting to “SSL”.
- “Enable” the setting “Require user authentication for remote connections by using Network Level Authentication”.