Solved

Client to Domain Controller communication through a firewall

Posted on 2002-05-14
4
1,630 Views
Last Modified: 2013-12-19
Hello,

we have a single active directory domain set up, but some of our clients wil need to communicate with a domain controller that is behind a firewall. I have been reading through the firewall article written by Steve Riley of Microsoft but it is focused purely on DC to DC communication over a firewall. He outlines various options and all the ports that would need to be opened.

Since client to DC communication is less involved, i want to know which of the ports I need to have opened. In particular I want to know if the RPC dynamic assigment is required in this scenario. Are there any other articles other than the one by Steve that summaries what ports are needed in client to DC communications, when a firewall needs to be crossed.

Please advise.

Simon
0
Comment
Question by:schurch122297
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 9

Accepted Solution

by:
TooKoolKris earned 200 total points
ID: 7011245
RPC Dynamic assignment normally takes place with the ports starting right over the well known i.e. 1025, 1026, 1027 ect.. You may want to leave a few of these open for those. You might have a hard time trying to find any specific articles about what ports need to be left open due to DC communications with other DC's. I would offer the suggestion of getting a port scanner; you can get one for free here - http://www.webattack.com/get/superscan.shtml

Setup your servers as normal and every so often scan the servers for open ports. You would want to do it during anytime the servers are running communications between each other, i.e. zone info, replication, ect..

This isn't the easiest solution obviously but you will learn a lot about what goes on between the servers from a network and transport layer level.

Hope this helps,

TooKoolKris
MCSE+I, CCNA, A+
0
 

Expert Comment

by:CleanupPing
ID: 9160061
schurch:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses
Course of the Month8 days, 21 hours left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question