Script works on one PC but not another

[disturbedone]

I have a pretty simple script that works on my Win7 PC but not on a W2K8R2 server.

It does 2 things:
[ul]
[li]Enables/disables RDP on the server specified in a variable (in this case it's called 'testserver' and is a W2K3R2 server)[/li]
[li]Enables/disables an AD user[/li]
[/ul]
This is for enabling/disabling remote access for an external support company.

When I run the script from my PC it works fine but when I run it from a W2K8R2 server it gives the following error:

Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
At C:\Scripts\EnableRemoteAccess.ps1:7 char:26
+ $Terminal = Get-WmiObject <<<<  Win32_Terminal -Computer $server
    + CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], COMException
    + FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

You cannot call a method on a null-valued expression.
At C:\Scripts\EnableRemoteAccess.ps1:8 char:17
+ $Terminal.Enable <<<< ($True)
    + CategoryInfo          : InvalidOperation: (Enable:String) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

User 'support' was enabled in Active Directory

So the enabling/disabling user component is working but the enabling/disabling of RDP is not. I don't see why it would work from one computer and not from another. Any ideas??

# ------------------------------------- #
# Enables RDP on testserver server        #
# ------------------------------------- #


$server = "testserver.domain.local"
$Terminal = Get-WmiObject Win32_Terminal –Computer $server
#The next line enables RDP
$Terminal.Enable($True)
The next line disables RDP but is # out
#$Terminal.Enable($True)


# ------------------------------------- #
# Enables the AD user 'support' #
# ------------------------------------- #

function get-dn ($SAMName)    {
    $root = [ADSI]''
     $searcher = new-object System.DirectoryServices.DirectorySearcher($root)
    $searcher.filter = "(&(objectClass=user)(sAMAccountName= $SAMName))"
    $user = $searcher.findall()

    if ($user.count -gt 1)      {     
            $count = 0
                foreach($i in $user)            { 
            write-host $count ": " $i.path 
                    $count = $count + 1
                }

            $selection = Read-Host "Please select item: "
        return $user[$selection].path

          }      else      { 
          return $user[0].path
          }
}

$Name = "support"
$path = get-dn $Name

$account=[ADSI]$path
#The next line enables the account
$account.psbase.invokeset("AccountDisabled", "False")
#The next line disables the account but is # out
#$account.psbase.invokeset("AccountDisabled", "True")
$account.setinfo()

Write-Host "User 'support' was enabled in Active Directory"

 

[disturbedone]

Just realised my PC & server are on different VLANs. My VLAN has a rule that allows everything, the W2K8R2 server is on a VLAN that doesn't, then testserver is in the DMZ.

I've allowed all ports from the W2K8R2 VLAN to the DMZ and it works fine.

It looks like RPC is a bit of a nightmware to allow through a firewall because it uses random ports. That's probably a subject for another forum unless anyone has an idea here?