Windows 7 remote Desktop Firewall Group Policy

IT Support Forum Forums Active Directory Group Policy General Discussion Windows 7 remote Desktop Firewall Group Policy

This topic contains 0 replies, has 1 voice, and was last updated by  Webmaster 3 years, 5 months ago.

  • Author
  • #1820


    Did you know that there are three ways to apply a firewall setting via group policy to enable remote desktop on Windows 7?

    The incorrect way is to add a predefined rule manually via the security settings GPO. This is wrong because different versions of Windows call the the remote desktop firewall setting by a different name and the name on your AD server is likely different from the Windows 7 PC. Of course, you could be managing group policy from a Windows 7 machine running the RSAT Tools, but obviously this is asking for trouble later when the OS is upgraded or more PCs are put into the OU with different operating systems.

    A better way would be to make the rule (rather than use a predefined rule) to unblock port 3389 using Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Windows Firewall with Advanced Security -> Windows Firewall with Advanced Security -> Inbound Rules.

    Another way would be to use the following policy:

    Computer Configuration -> Policies -> Administrative Templates -> Network -> Network Connections -> Windows Firewall -> Domain Profile -> Windows Firewall: Allow inbound Remote Desktop exceptions

You must be logged in to reply to this topic.