To enable Remote Desktop via group policy, you nede to:
1. Enable Remote Desktop,
2. Create the inbound firewall rule,
3. (Optionally) Configure the groups allowed to connect.
You can do this by using the following settings:
1. Computer Configuration > Admin Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Allow users to connect remotely using Remote Desktop Services = Enabled
2. Computer Configuration > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security > Inbound Rules
2a. Right-click -> New Rule…
2b. Predefined -> Remote Desktop, Next, Next
2c. Allow the connection, Finish.
3. Computer Configuration > Windows Settings > Security Settings > Restricted Groups
3a. Right-click -> Add Group,
3b. Use the Browse button to find the domain group that has all the users you want to be able to use RDP in it, click OK,
3c. Click the second Add button (for “This group is a member of:”,
3d. Type, Remote Desktop Users, then click OK twice to confirm the policy setting.