Question : Remote Desktop Server 2003 Group Policy and Server 2008

Hello all. I have a Windows Server 2003 domain that has a forest functional level of Windows 2000 and a domain functional level of Windows 2003. All of my servers are now Windows Server 2003, however, I have added a file server running Windows 2008 R2 Standard and added it to the domain. It appears as though the Remote Desktop group policy setting I have set for the domain is applied, but the specific sub-setting where I only allow localsubnet access is not being applied. Does anyone here know if this particular Remote Desktop group policy sub-setting from a Windows Server 2003 Standard Domain Controller will apply to a 2008 Standard member server?

Answer : Remote Desktop Server 2003 Group Policy and Server 2008

And in the exception rule you created via the policy, in the 'Allow unsolicited incoming messages...' dialogue, you've got a single entry for "localsubnet"?

Just out of interest, have you tried specifying the actual subnet itself, as opposed to using the localsubnet string?

Another thing you could try, is managing this particular policy from a 2008 / Win7 machine (that will have the later policy templates). So, for e.g., run up gpmc.msc from the 2k8 server, and edit the setting from there (or create a second test policy with the same setting and link it to the same OU).

The key to that last suggestion is simply to manage/create this policy setting using a machine that has the latest templates, just in case there is a subtle difference in how the firewall exception is actually implemented in 2k8.

They're just guesses I'm afraid, as I don't have an environment that I can replicate the problem in... (All our DCs are 2k8).

Worth a shot though!

Pete