because of this damn wannacry, we decided to prohibit the usage of SMB1. we did it using GPO and disabled it using the registry and applied it to our ou=domain controllers (only). It was good and no complain. Until:
a user called us indicate he can no RDP to his 2003 server. he told the error is "RPC server is unavailabled". i was totally stunned by the relation because:
- firstly we did apply the gpo on domain controllers only
- users from local domain could connect to 2003 server, but remote domains -> "rpc server unavailable"
the evidences shows that these two are somehow related, but i can't figure out why.
now the problem of 2003 servers is solved by setting IgnoreRegUserConfigErrors to 1. but the question remains, why??