We have 2 diffent GPO for setting FIPS.
We add Group Policy (under Computer Configuration\Windows Settings\Security Settings\LocalPolicies\Security Options) or through the "FIPS Compliant" setting in Remote Desktop Session Host Configuration.
This works for RDP in a TEST OU.
FIPS compliance can be configured through the "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" setting in Group Policy (under Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options) or through the "FIPS Compliant" setting in Remote Desktop Session Host Configuration. The FIPS Compliant setting encrypts and decrypts data sent from the client to the server and from the server to the client, with the Federal Information Processing Standard (FIPS) 140-1 encryption algorithms, using Microsoft cryptographic modules. Use this encryption level when communications between clients and RD Session Host servers require the highest level of encryption. If FIPS compliance is already enabled through the Group Policy "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" setting, that setting overrides the encryption level specified in this Group Policy setting or in the Remote Desktop Session Host Configuration tool.
But, we have legacy GPO that sets the RDP to HIGH encryption. It overwrites the FIPS Compliant for RDP. and RDP is only HIGH encryption.