Terminal server question & Windows firewall

qnet

Hello all, I haven't been here in awhile, but I have seriously decided to go for my MCSE and MCSA. I'm currently studying for the 70-290.

A little background on myself, I run a small I.T. business and have set up terminal services on a member server for businesses before. It's pretty straight forward, you just add the users, configure their passwords and add them to the remote desktop users group. You also have to purchase the terminal server licenses before the 120 day period runs out. I'm familiar with how to configure windows firewall exceptions to allow Remote desktop and configure terminal services but, I have never done is through a Domain and this is the question I have.

My question is about a terminal services lab. If some of you are familiar with the labs in the MS-press book, you may be able to help me.

In one lab it has you create a user in Active directory Users & Computers, then create a group called "Contoso Remote desktop users" and add the user to this group. You then have to add the user to the print operators group so they can log on locally to the domain controller.

This is were the problem begins. I installed terminal server on my member server,like the lab said. It then tells you to add the "Contoso Remote desktop users group" to the remote desktop users group in the local users & groups snap-in. You then log-in on the Domain controller with the user account created, then log onto the terminal server via remote desktop.

The issue is, this will only work correctly if windows firewall on the Domain Controller is disabled. Is this normal? or is it something else I have to do, or other ports to be opened in windows firewall?
I added remote desktop in the exceptions and also in the advanced section of windows firewall but, it still will not work unless the firewall is disabled. The firewall on the member server has no effect either way.

I would like a better understanding of this, and any help would be appreciated.

ladiesman217

have you tried rebooting after adding remote desktop in the exception list? or you can try restoring to firewall defaults then add the necessary exceptions again.