Solved

Does Group Policy require RPC?  Our DC is behind a firewall an Group Policy won't apply

Posted on 2006-11-17
5
681 Views
Last Modified: 2012-08-14
We have all the necessary ports/services forwarding through our firewall (this is not on a public internet, but segmented internal network) and can login fine.

HOWEVER, evern though mapped drives work, login, joining to domain, etc. all work -- Group Policy isn't applying itself.

GPUPDATE says "success" but none of our policies are enforcing.  HERe are our open ports

•      Kerberos (88/tcp, 88udp)
•      LDAP (389/udp, 389/tcp and/or 636/tcp if using LDAP over SSL)
•      SMB over IP traffic (445/tcp, 445/udp)
•      DNS ports (53/tcp, 53/udp) used for name lookups
•      135 DCE Enpoint
•      1000-5000 (For testing of RPC)

Shouldn't it be working w/ Group Policy too!?


Thanks!!

0
Comment
Question by:jgantes
  • 2
5 Comments
 
LVL 16

Expert Comment

by:AdamRobinson
ID: 17964662
Can you post the results of your GPRESULT on the client(s)?

0
 

Author Comment

by:jgantes
ID: 17967260
GPRESULT

INFO: The Policy object does not exist.



Jim
0
 

Author Comment

by:jgantes
ID: 17970564
Spoke to soon... found a KB on MS website that describes adding registry keys to set a static range for the RPC ports.  One we did this we were good to go.
0
 
LVL 1

Accepted Solution

by:
DarthMod earned 0 total points
ID: 18349754
PAQd, 250 points refunded.

DarthMod
CS Moderator
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question