Windows Server 2008 R2 Remote Desktop Services
I'm looking for a solution or suggestions on top of what I have already tried for troubleshooting an issue that started after some changes to GPO's. The issue was not found until the day after the GPO changes were made and I was modifying the GPO's through RDP sessions.
I have multiple servers, with mixed OS 2003R2/x86 and 2008R2 standard editions in the same OU. Some of them are letting me RDP to them and others are not, after forcing gpupdate on each of them.
I have verified that allow access to all computers is checked in the remote tab, that the windows firewall is off and is set to allow everything when it's on. I've disabled the windows firewall service, restarted the server, restarted remote desktop connection service. I've searched for port 3389 listening and it is not (which is where my problem is), but I cannot figure out how to get it back to working, or why it quit working all the sudden and some of the others still work fine. This is in an all virtual environment, but it shouldn't make any difference. I've went as far as blocking all GPO inheritance and trying the steps then creating a GPO specifically to turn on RDP access to one of the servers and still cannot get it to work properly. Any help or suggestions would be greatly appreciated.
I have multiple servers, with mixed OS 2003R2/x86 and 2008R2 standard editions in the same OU. Some of them are letting me RDP to them and others are not, after forcing gpupdate on each of them.
I have verified that allow access to all computers is checked in the remote tab, that the windows firewall is off and is set to allow everything when it's on. I've disabled the windows firewall service, restarted the server, restarted remote desktop connection service. I've searched for port 3389 listening and it is not (which is where my problem is), but I cannot figure out how to get it back to working, or why it quit working all the sudden and some of the others still work fine. This is in an all virtual environment, but it shouldn't make any difference. I've went as far as blocking all GPO inheritance and trying the steps then creating a GPO specifically to turn on RDP access to one of the servers and still cannot get it to work properly. Any help or suggestions would be greatly appreciated.
fonz23
What was the GP that you modified? Are the servers you cant remote into a 2008 box or a mixture?
ASKER
I removed the 'enforced' option from the Default Domain Policy, it was overwriting a folder redirect applied to other OU's within the domain. All of the boxes that have this issue are 2008, however there are 3 - 2008 boxes that work perfect, two domain controllers and one exchange server. The 2003 servers are in this same exact OU with other 2008 servers that work properly.
:S
on the servers having the problem do a gpresult RSOP to check the GP's being applied and filtered out.
It sounds like a policy isnt being applied.
if the policies are being applied and everything is setup properly do s netstat -a and make sure port 3389 is listening. If its not it has to be the firewall on the 2008 machines.
The firewall is vastly different in comparison to 2003. as its broken into different segments
try disable the firewall on one 2008 box for public, private and domain for testing purposes.
on the servers having the problem do a gpresult RSOP to check the GP's being applied and filtered out.
It sounds like a policy isnt being applied.
if the policies are being applied and everything is setup properly do s netstat -a and make sure port 3389 is listening. If its not it has to be the firewall on the 2008 machines.
The firewall is vastly different in comparison to 2003. as its broken into different segments
try disable the firewall on one 2008 box for public, private and domain for testing purposes.
ASKER
I've done the GPO thing, actually blocking inheritance from everything, and manually disabling the firewall on public/domain/home networks, and port 3389 still wasn't listening using the netstat commands.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.