RE: GPO for Remote Desktop and Firewall Settings

Hi Smurfman,

I have the same opinion with Denis, you can check the following articles to
enable to the remote desktop policy:

Using Group Policy with Remote Desktop
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us
/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/pree_r
em_uvnl.asp

Enable or disable Remote Desktop
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Serve
rHelp/1e4a44de-2be1-4d29-9387-9f04b79cc17a.mspx

If the issue persists, please run "rsop.msc" on teh problematic XP pro and
send it to v-rebc@xxxxxxxxxxxxx for resaerch.


Best regards,

Rebecca Chen

MCSE2000 MCDBA CCNA


Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security

=====================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
>Thread-Topic: GPO for Remote Desktop and Firewall Settings
>thread-index: AcWOIV5PkrG692VVRcGMXwfC/xNOtA==
>X-WBNR-Posting-Host: 209.217.222.70
>From: "=?Utf-8?B?U211cmZtYW4=?=" <smurfman@xxxxxxxxxxxxxx>
>Subject: GPO for Remote Desktop and Firewall Settings
>Date: Thu, 21 Jul 2005 11:24:02 -0700
>Lines: 46
>Message-ID: <188C662C-7D06-46E6-A515-160FD000E871@xxxxxxxxxxxxx>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.win2000.group_policy
>NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.win2000.group_policy:11795
>X-Tomcat-NG: microsoft.public.win2000.group_policy
>
>Hello, I am attempting to get the Remote Desktop feature to work.
>
>I have a GPO that is doing some of the following according to the GPO
Results
>I have pasted below the settings that were applied. On the client I am
>seeing the Remote assistance and the 135 port enabled, via a policy, but
what
>I do not see happen is the enabling of the Remote Desktop. Thus I am
getting
>denied access, with the error related to the system not being available.
>
>I must have missed something obvious, but basically I am looking to enable
>the remote desktop feature in which I would initiate the connection and
the
>user could say yes or no...rather than the user asking me for
>assistance...i'll cross that bridge when I get there...
>
>Any ideas? Thanks
>J
>
>
>___________________________________________________________________
>Offer Remote Assistance Enabled Level 2 - Lockdown
>Permit remote control of this computer: Allow helpers to remotely control
>the computer
>Helpers:
>DOMAIN\Domain Admins
>DOMAIN\User One
>DOMAIN\User Two
>User Three
>DOMAIN\User Four
>___________________________________________________________________
>
>Also I have these settings according to what I could find to enable the
>firewall to allow remote assistance
>___________________________________________________________________
>
Software\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\
List\135:TCP:192.168.1.0/24:enabled:Remote Assistance
>
Software\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplicat
ions\List\%WINDIR%\System32\Sessmgr.exe:192.168.1.0/24:Remote Assistance
>
Software\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplicat
ions\List\%WINDIR%\System32\Sessmgr.exe:192.168.1.0/24:Remote Assistance
>
Software\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplicat
ions\List\%WINDIR%\PCHealth\HelpCtr\Binaries\HelpCtr.exe:Remote Assitance
>
>___________________________________________________________________
>
>
>
>
>

.

Relevant Pages

  • RE: Remote Desktop not working after SP1
    ... time the remote desktop worked through RWW. ... "The local policy does not permit you to logon interactively" error message ... please also check the following settings: ... Use the ISAinfo utility to collect the ISA configuration information: ...
    (microsoft.public.windows.server.sbs)
  • RE: Remote Desktop not working after SP1
    ... This newsgroup only focuses on SBS technical issues. ... time the remote desktop worked through RWW. ... "The local policy does not permit you to logon interactively" error ... please help me collect ISA info and firewall log ...
    (microsoft.public.windows.server.sbs)
  • RE: Remote Desktop not working after SP1
    ... "The local policy does not permit you to logon interactively" error message ... Remote Desktop Users ... Use the ISAinfo utility to collect the ISA configuration information: ...
    (microsoft.public.windows.server.sbs)
  • Re: Local policy of this system does not permit you to logon interactively
    ... "Remote Desktop Users" already in Allow Logon To Term.... ... Apply Group Policy objects containing this ... The client machine is WinXP with all the latest service packs, ... the SBS domain clients through terminal service. ...
    (microsoft.public.windows.server.sbs)
  • Re: The local policy of this system doesnt allow you to logon int
    ... policy setting, "Allow logon through Terminal Services", was blank on both ... "Remote Desktop Users" to that policy entry, as they should have been by ... "Administrators" group received the same old message. ...
    (microsoft.public.windowsxp.work_remotely)