You may use the following Windows Server 2012 Group Policy Object (GPO) settings to configure basic security settings for Windows Server 2008/2012/2012 R2 or Windows 7/8/8.1.

 

Local Logon and Local Administrators

GPO Path: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Right Assignment

GPO Setting: Allow log on locally (used to define this user group)

GPO Path: Computer Configuration\Policies\Windows Settings\Security Settings\Restricted Groups

GPO Settings: Administrators (used to define this user group)

 

Desktop Lockout Configuration

GPO Path: User Configuration\Policies\Administrative Templates\Control Panel\Personalization

GPO Setting: Enable Screen Saver

GPO Setting: Force Specific Screen Saver (Screen saver executable name: C:\Windows\System32\scrnsave.scr)

GPO Setting: Password protect the screen saver

GPO Setting: Screen saver timeout (seconds: 180)

GPO Path: Computer Configuration\Policies\Administrative Templates\System\Group Policy

GPO Setting: Policy Setting: Configure user Group Policy loopback processing mode

 

RDP Configuration

GPO Path: Computer Configuration\Policies\Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile

GPO Setting: Windows Firewall: Allow ICMP exceptions

GPO Setting: Windows Firewall: Allow inbound Remote Desktop exceptions

GPO Path: Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Sessions Host\Connections

GPO Setting: Allow users to connect remotely by using Remote Desktop Services

GPO Path: Computer Configuration\Policies\Windows Settings\Security Settings\Restricted Groups

GPO Setting: Remote Desktop Users (used to define this user group)

 

Firewall Allow ICMP (Ping) Requests

GPO Path: Computer Configuration\Policies\Windows Settings\Security Settings\Windows Firewall with Advanced Security\Windows Firewall with Advanced Security\Inbound Rules

 

Enjoy!