RDP not working, wehn allow remote desktop connections is enabled

[jnic]

i have a gpo to allow remote connections , i can remote into some of my computer, but neither of my domain controllers, and a few desktops 

[Electronics Wizardy]

firewall?

[GilmourD]

Are the machines properly connected to the domain? Are you using IP or machine name to connect? If machine name, do they resolve to an IP when you ping?

[jnic]

6 minutes ago, Electronics Wizardy said:

firewall?

i have allowed inbound and out bound rules for "%windir%\system32\mstsc.exe" with a gpo

[Electronics Wizardy]

1 minute ago, jnic said:

i have allowed inbound and out bound rules for "%windir%\system32\mstsc.exe" with a gpo

what error do you get? 

[jnic]

1 minute ago, GilmourD said:

Are the machines properly connected to the domain? Are you using IP or machine name to connect? If machine name, do they resolve to an IP when you ping?

they resolve ip addresses, and if i try to remote into my DC with the static ip it fails also 

[jnic]

Just now, Electronics Wizardy said:

what error do you get? 

[GilmourD]

1 minute ago, jnic said:

Is the DC headless or can you physically log into it? If you can log into it directly, try to RDP into another system FROM it. See if this is a protocol issue, a software issue, or a configuration issue.

[jnic]

Just now, GilmourD said:

Is the DC headless or can you physically log into it? If you can log into it directly, try to RDP into another system FROM it. See if this is a protocol issue, a software issue, or a configuration issue.

i have it virtualized in xen server, and then a backup DC, that is physical.

 

on the virtualized and physical i can remote into other machines 

 

[Jarsky]

So you've consoled into the server through Xen, and confirmed it has adopted the policy? 

I'm assuming that you have a "base" server GPO that you're using for all your servers including domain controllers? Have you linked it in the DC's OU? 

[jnic]

On 4/15/2018 at 2:16 AM, Jarsky said:

So you've consoled into the server through Xen, and confirmed it has adopted the policy? 

the domain controller i have on xen is the main, i have a separate physical one as a backup

On 4/15/2018 at 2:16 AM, Jarsky said:

I'm assuming that you have a "base" server GPO that you're using for all your servers including domain controllers? Have you linked it in the DC's OU? 

yes