Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Windows 2008 Server RDP & Group Policy

Posted on 2013-06-11
3
215 Views
Last Modified: 2014-06-09
I have a new windows 2008 server running remote access for our VPN clients. When I join it to our AD I cannot RDP to it but I can VNC to it. As soon as I remove it from the domain & put it in a workgroup RDP will work ok.
Where in the default domain controllers policy would that be stopped? or am I barking up the wrong tree totally & its something else
0
Comment
Question by:rmvgray
  • 2
3 Comments
 
LVL 6

Accepted Solution

by:
adriaanvw earned 500 total points
ID: 39237185
Hi,

First, check your firewall rules once you have joined the domain, ensuring RDP is allowed on the new server. (http://social.technet.microsoft.com/Forums/en-US/windowsserver2008r2rds/thread/811b722f-78e4-479c-afc8-bbfd604447fa)

You need to add the server to the allowed list for RDP access in AD. You can achieve this as follows:

Two group policy changes should do the trick, followed by a gpupdate /force or waiting for the policy to be distributed to domain members/clients:

Computer Configuration > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Allow inbound Remote Desktop exception.  Note that I recommend limiting the IP addresses that have access as explained in the notes of that policy, if possible, as a best practice.

Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Connections > Allow users to connect remotely using Remote Desktop Services

Full article here: http://www.nojokeit.com/2011/02/enable-remote-desktop-in-server-2008-r2.html
0
 

Author Comment

by:rmvgray
ID: 39237255
Had done the first part anyway, the second part I dont have as its a Windows 2003 AD so I dont have the option Remote Desktop Services its still terminal services
0
 

Author Comment

by:rmvgray
ID: 39271697
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question