Solved

Windows 2003 Server Domain Controller Firewall Enabled Communication Problems.

Posted on 2007-04-09
4
390 Views
Last Modified: 2012-05-05
We operate in a W2K3 AD domain.  The domain has two DCs replicating one another.  The Primary DC is W2K3 R2 SP-2, and the alternate DC is W2K3, SP-2.  If I enable the firewall on either of these DCs, FRS will not replicating (Event ID:13508), and clients cannot resolve DNS or possibly RPC connection problems.  I can say that if the firewalls are disabled these problems go away.  I followed the steps as per article KB555381 (How to configure Windows Server 2003 SP1 Firewall for a Domain Controller) on both DCs and the communications problems still exist.  I modified the registry and opened all the suggested ports, enabled the firewalls and rebooted both DCs.  After the reboot and the firewalls enabled the same problems exist.  At this point I disabled the firewalls until we can figure out how to correct the problem.  Any feedback would be appreciated.  
0
Comment
Question by:cmp119
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 250 total points
ID: 18875261
The recommended way to set this up is to use the Security Configuration WIzard. See http://www.microsoft.com/windowsserver2003/technologies/security/configwiz/default.mspx
There are lots of links on in the article to detailed information and downloads.
0
 
LVL 48

Assisted Solution

by:Jay_Jay70
Jay_Jay70 earned 250 total points
ID: 18880912
cmp119,

not sure who wrote this but he has my vote 100%
http://www.howtonetworking.com/donot/2003wf25.htm

Regards,

James
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question