bwhorton
asked on
Windows domain user wants to RDP to his home computer
I work at a small college and have a professor who desires to remote into his home computer. I know that Logmein or Gotomypc would be the quickest and most efficient workaround, but he is insistent on using RDP. His laptop (not on our domain) can connect via wireless to his account so I believe all the settings are correct on his home end. We can also connect from our campus to his home computer on a PC that is not joined to our domain. By default, we have windows firewall turned off via GP. He is using Windows 7 on both systems (work/domain and home). The attached screen shot shows what I believe to be the issue, but I can't find the setting in Group Policy that modifies it. I am happy to tell him that it is a domain security setting and can't be changed, but he is insistent that it will work. Can any of you point me to the right GP setting or to official literature stating that this is not possible in a domain environment?
Thanks in advance for your assistance!
Ben
Thanks in advance for your assistance!
Ben
This is the Group Policy :
Computer Configuration > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Windows Firewall: Allow Remote Desktop Exception
Make sure both machines are in the same network.
Along with this you need more info to fulfill the requirement, check below blog for the same.
http://social.technet.microsoft.com/Forums/windowsserver/en-US/46596d1d-4d5b-43c2-994e-2a97ed5d5d69/remote-desktop-exception-in-firewall-configured-via-gpo-not-taking-effect?forum=winserverGP
Computer Configuration > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Windows Firewall: Allow Remote Desktop Exception
Make sure both machines are in the same network.
Along with this you need more info to fulfill the requirement, check below blog for the same.
http://social.technet.microsoft.com/Forums/windowsserver/en-US/46596d1d-4d5b-43c2-994e-2a97ed5d5d69/remote-desktop-exception-in-firewall-configured-via-gpo-not-taking-effect?forum=winserverGP
Question 1:
What version of Windows is he running at home? Windows 7 Home? If so, he cannot. RDP TO a home machine is not possible. Pro, Enterprise, Ultimate then continue...
Question 2:
Can he connect via RDP to his home machine from ANYWHERE ELSE? If so, then the problem is on your network (or his office PC) not permitting him to connect. If not, then the problem is not on your network (at least so far - FIRST he needs to be able to do it from somewhere else).
What version of Windows is he running at home? Windows 7 Home? If so, he cannot. RDP TO a home machine is not possible. Pro, Enterprise, Ultimate then continue...
Question 2:
Can he connect via RDP to his home machine from ANYWHERE ELSE? If so, then the problem is on your network (or his office PC) not permitting him to connect. If not, then the problem is not on your network (at least so far - FIRST he needs to be able to do it from somewhere else).
ASKER
I am going through the above suggestions and continue to test. Will post an update later today or tomorrow morning. Thanks for the input thus far.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've attempted the suggestions listed above related to the on-campus computer, but no luck. His machine is setup correctly at home (as I stated above, non-domain computers can connect to it). It is only domain machines that are not able to connect. Not sure where to go from here, but will likely point him to use GoToMYPC or LogMeIn as an alternative, whether he wants to or not. I'm going to give it one more day, then punt if we can't get it working. Thanks
ASKER
Our network admin/firewall admin admitted that it was his fault. We use Packetshaper and by default, it has a rule that blocks outbound RDP. Thanks for all your input.
Ben
Ben
ASKER
I've requested that this question be closed as follows:
Accepted answer: 0 points for bwhorton's comment #a39601116
for the following reason:
If your network infrastructure/security folks "say" that it is not their problem, make sure they show you the rules and prove it. I spent untold hours unnecessarily chasing my tail to no avail.
Accepted answer: 0 points for bwhorton's comment #a39601116
for the following reason:
If your network infrastructure/security folks "say" that it is not their problem, make sure they show you the rules and prove it. I spent untold hours unnecessarily chasing my tail to no avail.
Step 2 in the last microsoft.com link I gave in http:#a39580054 is
"Make sure Remote Desktop is able to communicate through your firewall."
"Make sure Remote Desktop is able to communicate through your firewall."
Step 2 in the 3rd/last microsoft.com link I gave in
https://www.experts-exchange.com/questions/28268850/Windows-domain-user-wants-to-RDP-to-his-home-computer.html?anchorAnswerId=39580054#a39580054
is "Make sure Remote Desktop is able to communicate through your firewall."
https://www.experts-exchange.com/questions/28268850/Windows-domain-user-wants-to-RDP-to-his-home-computer.html?anchorAnswerId=39580054#a39580054
is "Make sure Remote Desktop is able to communicate through your firewall."
Being that you have been able to connect to his home PC from another system on your network, I would say the problem is elsewhere or he has fine-grained rules in place on his home PC.