Disabling Remote Desktop
While Remote Desktop can be a useful feature for remotely managing servers, you may or may not want to allow this capability on Windows XP desktop computers on your network. Furthermore, if you allow some users to run as local admins on their workstations (either because of application compatibility issues or because they need more control over thier machines) then having such privileges allows them to enable Remote Desktop on their machines if they so desire.
Using Group Policy however, you can lock down Remote Desktop functionality on all computer accounts in a domain or OU by disabling the following policy setting:
Computer Configuration \ Administrative Templates \ Windows Components \ Terminal Services \ Do not allow new client connections
Disabling this policy will enforce this setting on the target machines.
MVP Windows Server