In my lab's DC, I've set up a "Lab RDP Group" and put a couple admins in there. Then I did the steps in the following blog to restrict Remote Logins based on group policy:
http://www.dannyeckes.com/server-2012-enable-remote-desktop-rdp-group-policy-gpo/
But then local admins can no longer establish RDP sessions to servers. We have reasons to still want local admins to log on to servers remotely. But we also want to start using the domain group policy.
How can we have both?