I need to include the step "Allow remote connections to this computer" with disable NLM option using SCCM Task Sequence for new server builds.
I was able to achieve this partially by below two powershell commands by incorporating into SCCM TS.
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server' -Name fDenyTSConnections -Value 0
Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -Name UserAuthentication -Value 0
After the server build when checked the settings are grayed out but Allow remote connections to this computer was selected with NLM. Above registry are also changed but NLM was in effect even after registry entry is 0.
When checked local group policies, two policies are enabled which has caused the gray-out. When i changed this policies to "Not configured" i was able to see the desired result.
Computer Config->Administrative Templates->Windows Components->Remote Desktop services->Remote Desktop session Host->Connections->Allow users to connect remotely by using remote desktop services and
Computer Config->Administrative Templates->Windows Components->Remote Desktop services->Remote Desktop session Host->Security->Require user authentication for remote connections by using network level authentication
Even tried Regedit /S command and import registry but getting same result as above. Is there any way to get the result i want.