We had a bit of a puzzle with setting Windows 8 up on a couple of SBS 2011 networks. It was a puzzle because on the SBS 2008 network where we configured a Windows 8 VM we had no RDP issues once we force enabled RDP inbound via GPO.
But, on SBS 2011 networks we have had no success at it.
There is a new predefined Inbound rule on the Win8 VM:
- Remote Desktop – User Mode (TCP-In)
- Programs and Services: %SystemRoot%\system32\svchost.exe
- Protocols and Ports: TCP #6 at port 3389
In our SBS 2011 GPO for managing our clients and servers we have:
No such thing.
So, we go on to create it:
- Add the program path:
- Answer Yes:
- Set the port structure:
- Allow all IPs:
- Set the connection to Allow:
- We permit the rule for all connection types:
- Name the rule: Remote Desktop – User Mode (TCP-In)
- Description: Inbound rule for the Remote Desktop service to allow RDP traffic. (TCP 3389).
- GPUpdate /force on the DC/SBS.
- GPUpdate /force on the Windows 8 machine/VM.
Once the policy takes the rule will show up:
When we bring up the properties of the GPO delivered rule:
We are now able to RDP into the Windows 8 desktop OS. We have yet to stand up a Windows 8 Server however it is likely that RDP on the server OS will require the same rule.
Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book
*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.
Brilliant, thanks very much. This sorted my problem out really easily thanks to your clear steps.
ReplyDeleteI was scratching my head as to why Server 8 install did not need this. But now I realise the console does not use User Mode, although it is in the firewall for non-admins.
Thanks again
I had this problem today, only affecting one PC that had been working fine for 2 years..
ReplyDeleteStrange.