RE: Group Policy, Firewall and RDP - Terminal Services
- From: HelpinFL <HelpinFL@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 15 Oct 2007 11:34:01 -0700
Step 3 - tried to run, but Prompt came up and went away again. Tried to
find gp.txt and couldn't find.
I tried to tel net and ping the Clients by name and IP and received nothing.
Re Ran CEICW on SBS server and VPN connector and still nothing.
I went into the Group Policy and enable Remote Connection, but still
nothing. I did mention that I CAN Remote into the Server right? The VPN is
working correctly. It connects to the Network, but can't get into any IP or
computer Name.
What else can I try?
Thanks again.
"Manfred Zhuang [MSFT]" wrote:
Hello Customer,.
Thank you for posting here.
From your post, I understand that after modifying some group policies, all
the clients cannot be connected remotely.
I suggest you try following steps:
Step 1: Re-running CEICW on SBS server:
=============================
Let's re-run CEICW to reset the network configuration. Please refer to
following article to do this.
How to configure Internet access in Windows Small Business Server 2003
http://support.microsoft.com/kb/825763/en-us
Then, please re-run configure remote access wizard.
After that, please download connection manager from RWW to the clients and
check if it works.
Step 2:
=====
1. Edit Small Business Server Windows Firewall GPO
2. Navigate to Computer Configuration-->Administrative
Templates-->Network-->Network Connections-->Windows Firewall-->Domain
Profile
3. Double click Windows Firewall: Allow Remote Desktop exception.
4. Ensure it is enabled and * is in the box.
Step 3:
=====
1. Run gpresult /z > c:\gp.txt
2. Open gp.txt and check if following policy is enabled:
Computer Configuration--->Administrative Templates-->Windows
Components-->Terminal Services.
If not, please enabled it in Default Domain Policy.
I hope the above information is helpful to you. If the problem still
occurs, please reproduce the problem and help me gather following
information:
1. Please let me know the detailed information of your network topology.
2. On the server, try to telnet the client workstation at port 3389, what
is the result?
telnet ClientName 3389
telnet ClientIP 3389
3. Please help me capture screenshots of all error messages you encountered
and send them to v-mzhuan@xxxxxxxxxxxxx
To capture the image, we can perform the steps below:
(a) When the error message appears, press the Print Screen key several
times (this key is located to the right of the F12 key on the keyboard)
(b) Open Paint ['start' => 'All Programs' => 'Accessories' => 'Paint'].
(c) Click Edit (menu) -> Paste or press Ctrl + V.
(d) Click File (menu) -> Save. Save it as a .jpg or .gif file and send it
to me as an attachment.
4. GP result
========
On the problematic clients, type the following command in command prompt,
and then press ENTER:
"gpresult -Z > C:\gpresult_z.txt" (without the quotation marks)
This creates a list of the implemented policies on the machine in the
following text file: C:\gpresult_z.txt. Please send this file to
v-mzhuan@xxxxxxxxxxxxxx
5. Please download the MPS Report tool from the following link and run it
on both the client workstation and the SBS server, then send the generated
CAB file to my mailbox v-mzhuan@xxxxxxxxxxxxx for further investigation so
that we can find what the root cause is:
http://download.microsoft.com/download/b/b/1/bb139fcb-4aac-4fe5-a579-30b0bd9
15706/MPSRPT_SETUPPerf.EXE
For your information:
http://www.microsoft.com/downloads/details.aspx?FamilyId=CEBF3C7C-7CA5-408F-
88B7-F9C79B7306C0&displaylang=en
Please try the above steps at your earliest convenience. If you have any
concern, please feel free to let me know.
Best regards,
Manfred Zhuang(MSFT)
Microsoft Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: Group Policy, Firewall and RDP - Terminal Services
| thread-index: AcgMg83ngibx16EoQoCq0irskk9Gzw==
| X-WBNR-Posting-Host: 207.46.192.207
| From: =?Utf-8?B?SGVscGluRkw=?= <HelpinFL@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Subject: Group Policy, Firewall and RDP - Terminal Services
| Date: Thu, 11 Oct 2007 20:56:01 -0700
| Lines: 13
| Message-ID: <DB7F8E87-6DA3-4252-A0FA-67567F1CF65B@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.2929
| Newsgroups: microsoft.public.windows.server.sbs
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:68852
| NNTP-Posting-Host: tk2msftibfm01.phx.gbl 10.40.244.149
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| I have recently moved to a new location with new external IP's, etc.
Today I
| have found that I may have inadvertently changed something on the Group
| Policy with the Firewalls.
|
| I can't seem to Remotely login to any computer except the Server. I
can't
| VPN into any computer except the Server. I can't even Terminal Service
into
| a computer from the Server.
|
| I was trying to make some changes to the Group Policy of the Client
| Computers Firewall. It sounds like I have locked myself out of Remote
| Connections all together.
|
| Please Help. Thank you.
|
- Follow-Ups:
- RE: Group Policy, Firewall and RDP - Terminal Services
- From: Manfred Zhuang [MSFT]
- RE: Group Policy, Firewall and RDP - Terminal Services
- References:
- RE: Group Policy, Firewall and RDP - Terminal Services
- From: Manfred Zhuang [MSFT]
- RE: Group Policy, Firewall and RDP - Terminal Services
- Prev by Date: Re: NO OUTGOING OUTLOOK EMAIL...HELP
- Next by Date: Re: Remote tech help needed for SBS 2003 set up (colo, virtual off
- Previous by thread: RE: Group Policy, Firewall and RDP - Terminal Services
- Next by thread: RE: Group Policy, Firewall and RDP - Terminal Services
- Index(es):
Relevant Pages
|
Loading
