Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Can not login to server in DMZ remotely

Posted on 2010-08-23
7
Medium Priority
?
447 Views
Last Modified: 2013-11-21
Dear expert,

I have problem, the server located in DMZ. And the server have joined to a domain (using AD WS2003).
but, when I try to access remotely using account domain, pop up error like picture attached.
But, I successfully  to access remotely using account local. I already add group to allow access the server using remote desktop.
Any idea?

thank you

error.JPG
0
Comment
Question by:davidsat
  • 3
  • 3
7 Comments
 
LVL 2

Expert Comment

by:zsaurabh
ID: 33500142
try to added in Local administrator and then RDP (just for testing)
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33500158
First of all check your connection between DMZ And Domain Controllers in Internal network because if your TS is not able to fetch profile or settings from AD you may see this error.
Connection means all required ports should be opened.
0
 

Author Comment

by:davidsat
ID: 33500743
Dear All,

I am trying to query/scanning the port between DC and remote server.
Many port are filtered out.

I will escalated this to network team.

Thank you
0
[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

 
LVL 4

Expert Comment

by:vickzz
ID: 33501205
Yes. That is the most probable cause of the issue because your TS is unable to load profile settings.
0
 

Accepted Solution

by:
davidsat earned 0 total points
ID: 33507488
Dear All,

Just confirm,

LDAP
tcp 389
udp 389

LDAPS
tcp 636
udp 636

DNS
tcp 53
udp 53

Kerberos
tcp 88
udp 88

SMB
tcp 445
udp 445

GC
tcp 3269

RDP
tcp 3389
udp 3389

Any other port that must opened?

Thanks
0
 

Author Comment

by:davidsat
ID: 33508005
Dear All,

attached the result using portquery.
i already open the protocol kerberos, dns, gc,ldap, smb, and rdp. But still can not access the server.


any idea?

thanks
port-query.txt
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33612377

 Starting portqry.exe -n 172.30.129.41 -e 139 -p TCP ...

Querying target system called:
 172.30.129.41
Attempting to resolve IP address to a name...

IP address resolved to servername.domainname.com
querying...
TCP port 139 (netbios-ssn service): FILTERED
portqry.exe -n 172.30.129.41 -e 139 -p TCP exits with return code 0x00000002.

Open TCP Port 139 as well and test.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Case Summary: In this Article we introduce the new method to configure the default user profile using Automated profile copy with sysprep rather than the old ways such as the manual copy of a configured profile to default user profile Old meth…
Every system administrator encounters once in while in a problem where the solution seems to be a needle in haystack.  My needle was an anti-virus version causing problems with my Exchange server. I have an HP DL350 with Windows Server 2008 Stand…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question