workstation in domain refusing RDP connection

Posted on 2014-09-02
Last Modified: 2014-11-13
I just took over a small office ( as network admin) with a single Domain ( 2003) and a few windows 7 Pro workstations.
I upgraded the firewall to a SonicWall TZ 210 and setup a VPN for remote access.

I can use a SonicWall VPN client to RDP into the Server but cannot RDP into one of the workstations. ( a big Goal for one of the users)

All the Workstations are domain members and I have turned off the local firewall on the WS in question and followed the Group Policy edits that MS technet recommneds ( in Computer Config, Administrator Templates, Windows Components, Terminal Services   etc ( I will post later if someone wants to see )  ( and forced a GPUDATE)

I can Ping the workstation once the VPN connects but unlike the DC that workstation refuses to allow a connection.

Any thoughts appreciated
Question by:azpete
    LVL 89

    Expert Comment

    by:John Hurst
    On the Windows 7 machine, look in Advanced System Properties, Remote Access and see if remote access has been disabled. You can still ping it if it has been disabled.

    With RDP, can you access by IP address of the workstation.?

    Author Comment

    Those basic settings were correct....

    Since its not in a Workgroup  but joined to a Domain, my suspicion is that the former admin set a group policy on the Domain Controller that is overriding the local settings.

    Is there a command that shows only "custom group policies " which might indicate where its being restricted ?
    LVL 3

    Accepted Solution

    If you run the following from an elevated command prompt, it will show you all the polices applied to that machine.


    Domain GPO will override any local registry / local group policy settings.  Confirm your GPO settings are applied.

    Is the person attempting to RDP to the workstation a local administrator?

    Any possible DNS issues? (confirm, then try RDP to IP address)
    LVL 89

    Expert Comment

    by:John Hurst
    You say above it is one workstation out of a number that does not work and the other do work. Being on a domain does not normally hinder access to the machine.

    Try the check for group policies above.

    Then scan the machine for viruses as that may be the issue.

    Author Comment

    The Group Policy report was clear ( nice tool to know about !)
    DNS is normal
    Changed the workstation IP from static to dynamic ( no difference)
    Virus scan ( Symantec EndPoint Protection) was clean
    SonicWall VPN :  I can connect and obtain a valid IP on the LAN, I can ping and Tracert to the workstation but cannot open a RDP session.  

    I have LOGMEIN setup on it so I can test and make the above changes/search

    Any TESTS that or misc things to check ?

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
    Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now