Windows Server 2008 R2 Remote Desktop Services

I'm looking for a solution or suggestions on top of what I have already tried for troubleshooting an issue that started after some changes to GPO's. The issue was not found until the day after the GPO changes were made and I was modifying the GPO's through RDP sessions.

I have multiple servers, with mixed OS 2003R2/x86 and 2008R2 standard editions in the same OU. Some of them are letting me RDP to them and others are not, after forcing gpupdate on each of them.

I have verified that allow access to all computers is checked in the remote tab, that the windows firewall is off and is set to allow everything when it's on. I've disabled the windows firewall service, restarted the server, restarted remote desktop connection service. I've searched for port 3389 listening and it is not (which is where my problem is), but I cannot figure out how to get it back to working, or why it quit working all the sudden and some of the others still work fine. This is in an all virtual environment, but it shouldn't make any difference. I've went as far as blocking all GPO inheritance and trying the steps then creating a GPO specifically to turn on RDP access to one of the servers and still cannot get it to work properly. Any help or suggestions would be greatly appreciated.
itsallgood24Asked:
Who is Participating?
 
itsallgood24Author Commented:
After trying to change the "Allow connections from" in the "Remote" tab of system properties to the (more secure) selection it gave me an error about connections, and setting one up in the host configuration tool. I went there and it was blank, so I created a new listener connection and everything worked perfect.

I have no idea how this was changed on just these few servers, but this fixed every one of them immediately.
0
 
fonz23Commented:
What was the GP that you modified? Are the  servers you cant remote into a 2008 box or a mixture?
0
 
itsallgood24Author Commented:
I removed the 'enforced' option from the Default Domain Policy, it was overwriting a folder redirect applied to other OU's within the domain. All of the boxes that have this issue are 2008, however there are 3 - 2008 boxes that work perfect, two domain controllers and one exchange server. The 2003 servers are in this same exact OU with other 2008 servers that work properly.
0
 
fonz23Commented:
:S

on the servers having the problem do a gpresult RSOP to check the GP's being applied and filtered out.
It sounds like a policy isnt being applied.

if the policies are being applied and everything is setup properly do s netstat -a and make sure port 3389 is listening. If its not it has to be the firewall on the 2008 machines.
The firewall is vastly different in comparison to 2003. as its broken into different segments

try disable the firewall on one 2008 box for public, private and domain for testing purposes.
0
 
itsallgood24Author Commented:
I've done the GPO thing, actually blocking inheritance from everything, and manually disabling the firewall on public/domain/home networks, and port 3389 still wasn't listening using the netstat commands.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.