• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3531
  • Last Modified:

How do I turn back ports 389, 636, 3268, 3269, 53, 88

The following are the ports not working on one of my servers. How do I get them back on and working?? This is an isolated domain and we are not running a firewall.

TCP port 389 (ldap service): NOT LISTENING

TCP port 636 (ldaps service): NOT LISTENING

TCP port 3268 (msft-gc service): NOT LISTENING

TCP port 3269 (msft-gc-ssl service): NOT LISTENING

TCP port 53 (domain service): NOT LISTENING

TCP port 88 (kerberos service): NOT LISTENING

0
GCManning
Asked:
GCManning
1 Solution
 
mcsweenSr. Network AdministratorCommented:
Is this server a domain controller?  You will not see any of these services on member servers.
0
 
LazloHCommented:
The ports are governed by the service that is actually listening over them.  You need to check all of those services and ensure they are running and running properly.
0
 
GCManningAuthor Commented:
Let me give you some more background.
I have spent the last three days working with Microsoft Professional Services because I can't get the sysvol and netlogon shares to show up when I try to make 2nd server a DC. I ran a portqry for MS this morning when the server was just a member server and those ports showed "Not Listening". Which is what I thought they should. However, the MS tech told me that they needed to be listening before the replcation could complete. So now it looks like the MS Tech doesn't know what he is talking about and may just be trying to dump me off his plate!
0
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

 
mcsweenSr. Network AdministratorCommented:
Maybe they wanted you to run the scan against you other domain controller?  Otherwise, yes, it sounds like  they are trying to dump you.
0
 
GCManningAuthor Commented:
So I guess now the million dollar question is has anyone out there ever have a domain that will not complete a promotion of a member to a DC. Everything seems to work and we get no errors, however the sysvol and netlogon share never get created. Any ideas out there? We have been working on this for two weeks. The last week we have been working with Microsoft but have not made any more progress.
0
 
mcsweenSr. Network AdministratorCommented:
1. How many other domain controllers do you have?
2. Is the primary DNS set to one of your domain controllers on the member server to be promoted?
3. Please post the results of a dcdiag on your "working" domain controller.
4. Are both servers on the same subnet and VLAN (if you use VLANs)?
5. If 4 is no, is there any firewall between the servers?
0
 
GCManningAuthor Commented:
Currently we only have DC and DNS is running on it. Both servers are connected to the same switch and currently there is no firewall on either server. I will have to get a current dcdiag results to post.
0
 
GCManningAuthor Commented:
We found out that the problem that problem was a local security setting on the PDC emulator. Microsoft had us look at everything but that. One week of chasing our tails around in circles! Microsoft however, did agree to refund our money because they did not offer any solutions.
0
 
ee_autoCommented:
Question PAQ'd, 500 points refunded, and stored in the solution database.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now