workstation in domain refusing RDP connection

I just took over a small office ( as network admin) with a single Domain ( 2003) and a few windows 7 Pro workstations.
I upgraded the firewall to a SonicWall TZ 210 and setup a VPN for remote access.

I can use a SonicWall VPN client to RDP into the Server but cannot RDP into one of the workstations. ( a big Goal for one of the users)

All the Workstations are domain members and I have turned off the local firewall on the WS in question and followed the Group Policy edits that MS technet recommneds ( in Computer Config, Administrator Templates, Windows Components, Terminal Services   etc ( I will post later if someone wants to see )  ( and forced a GPUDATE)

I can Ping the workstation once the VPN connects but unlike the DC that workstation refuses to allow a connection.

Any thoughts appreciated
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
On the Windows 7 machine, look in Advanced System Properties, Remote Access and see if remote access has been disabled. You can still ping it if it has been disabled.

With RDP, can you access by IP address of the workstation.?
azpeteAuthor Commented:
Those basic settings were correct....

Since its not in a Workgroup  but joined to a Domain, my suspicion is that the former admin set a group policy on the Domain Controller that is overriding the local settings.

Is there a command that shows only "custom group policies " which might indicate where its being restricted ?
Matt DDomain ArchitectCommented:
If you run the following from an elevated command prompt, it will show you all the polices applied to that machine.


Domain GPO will override any local registry / local group policy settings.  Confirm your GPO settings are applied.

Is the person attempting to RDP to the workstation a local administrator?

Any possible DNS issues? (confirm, then try RDP to IP address)

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JohnBusiness Consultant (Owner)Commented:
You say above it is one workstation out of a number that does not work and the other do work. Being on a domain does not normally hinder access to the machine.

Try the check for group policies above.

Then scan the machine for viruses as that may be the issue.
azpeteAuthor Commented:
The Group Policy report was clear ( nice tool to know about !)
DNS is normal
Changed the workstation IP from static to dynamic ( no difference)
Virus scan ( Symantec EndPoint Protection) was clean
SonicWall VPN :  I can connect and obtain a valid IP on the LAN, I can ping and Tracert to the workstation but cannot open a RDP session.  

I have LOGMEIN setup on it so I can test and make the above changes/search

Any TESTS that or misc things to check ?
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.