0

I've been asked to set up a user on our network with RDP access to a RDS server on a remote domain. We have set up the VPN just fine and the remote RDS server is reachable. The issue thus far is that when the user attempts the RDP connection they authenticate just fine but then they are stopped with a message about running cmd being denied. This isn't the question I'm here for though. While troubleshooting the issue with the SysAdmin of the remote RDS server I was told that the issue might be because we have bat filea that execute as logon scripts setup on the local domain group policy. His thought was that when our local user logs into the remote server our local logon script policy applies and the remote server attempts to execute the bat files, that don't exist on the remote network. This also runs into the remote server's policy to deny the execution of cmd.

Could this be true? Would a domain policy for the local domain apply to a remote user logon on a remote domain when no trust exists at all. There is only a VPN and open ports that link the two networks. It just doesn't sound right to me.

Digital ink
  • 500
  • 1
  • 10
  • 23

1 Answers1

0

The most effective way to validate the effective policy is to run gpresult /h gpresult.html or use the Group Policy Modeling Wizard. Also, you can't logon with a user account in your local domain to a computer in a remote domain without some kind of trust.

Greg Askew
  • 35,880
  • 5
  • 54
  • 82
  • Good idea on using the gpresult tool to validate the applied policy Greg. I'm going to pass that along to the remote network's SysAdmin. Thanks. – Digital ink Jun 13 '16 at 21:26