How can I figure out which specific Group Policy is applying a Windows Firewall rule in Windows 2008 R2
I was having a very hard time figuring out why all of a sudden I was unable to RDP into several of my Windows 2008 R2 servers. After some troubleshooting I discovered that there was all of a sudden several new firewall rules explicitly blocking Remote Desktop. If I try to change the rule it indicates that
"This rule has been applied by the system administrator and cannot be modified"
I cannot find the Group Policy Object that is applying this rule. I have run a gpresult /h command and reviewed what GPO's are being applied. There are two GPO's that enable exceptions for remote desktop and for remote administration, but I don't see anything configured to block anything. Does anyone have any ideas on what I can do to resolve this?