I have SBS2011 Std installed on one server and on another server I have Windows 2008 R2 with Remote Desktop Services enabled. Office 2010 and Adobe Reader are the only apps installed so far. So far everything seems to be working but I have a couple of issues with GPO settings.
One of the things I have noticed is that the RDS Users can still access the Powershell. As these will be troubled youth using the system I would really like to lock these down but I cannot find a setting to do this.
The second issue is that I would like to ask a big favour, if possible. Does anyone have a set of GPO settings documented that would provide a basis for me to base my GPO on. I presume it would be for SBS2008 and Terminal Services but it would at least give me a head start. I have found that it is VERY different to the 2003 Terminal Servers I have set up in the past and I have got masses of settings enabled so that it now looks a mess.